Change is the only constant in the technology world, and that’s particularly true in the realm of sysops, infrastructure, and security. Here’s a look ahead to 2021 and five of the trends we’re watching closely.
Kubernetes Complexity
To say that Kubernetes is the leading container orchestration platform is an understatement. It’s the only container orchestration platform that counts. However, to say that Kubernetes is complex is also an understatement. The learning curve is both steep and long. How will developers address Kubernetes’ complexity? We are starting to see some simpler alternatives for specific use cases–for example, K3S for edge computing. Will that trend continue? Or will Kubernetes be subsumed into cloud providers’ management consoles in a way that simplifies the options available to developers (aka “opinionated”)? We don’t know, but we believe that an important trend for the next year will be attempts to simplify cloud orchestration.
Site Reliability and Observability
The sea change in workplace dynamics brought about by Covid 19 has had a parallel effect on the world of site reliability engineering. Companies for whom an online presence was an afterthought are now finding it essential to survival. And they’re also finding it necessary to keep their online presence available 24×7. So we foresee an increase in the demand for site reliability engineers–but beyond that, we expect an emphasis on the tools that SREs need. Look for a heavy emphasis on system observability and its fruits: high speed, actionable data allowing engineers to understand, prevent, and mitigate outages. Although it’s only part of the story, we’re particularly interested in OpenTelemetry, a vendor neutral standard for collecting system data. OpenTelementery promises an array of more refined and calibrated open source tools for observability in the years ahead.
GitOps: The Future of DevOps
For a decade or more, the slogan “Infrastructure as Code” has driven efforts to make configuration programmable. We’ve made lots of progress; and perhaps the best example of that progress is Kubernetes, which orchestrates the deployment, creation, and construction of containers. There’s one more piece (for now) to consider: how do you automate the configuration of Kubernetes itself? How do you make new deployments faster, while minimizing the possibility of human error at the same time? That’s achieved by using Git to manage Kubernetes’ configuration files and any other artifacts it needs to run. When anything changes, a Kubernetes operator manages the process of informing Kubernetes and related orchestration tools and gradually pushing the deployed system to the desired state. GitOps may be the ultimate expression of “Infrastructure as Code”; we expect it to have a big impact in the coming year.
Cyber Resilience
Saying that cyber threats will increase, and that attacks will become more dangerous, hardly qualifies as a prediction or a trend. The sophisticated cyber attacks that compromised the U.S. Treasure, Commerce, and Homeland Security departments are, sadly, hardly surprising. What’s more important is how organizations respond to those threats. In the past, most companies have taken a reactive approach to security: address breaches as they happen, and if nothing happens, they’ve spent too much on security. That approach has failed time and time again. In the coming year, we expect companies to take a dynamic, holistic approach that strengthens their security posture. Steps towards resilience include having a robust Identity and Access Management policy by implementing zero trust, MFA, and passwordless authentication. Expect to see increased use of AI and Machine Learning (ML) by both good and bad actors. Bad actors will use AI to find and exploit new vulnerabilities (including vulnerabilities in AI systems themselves); security teams will use AI and ML tools to detect and block attacks, and to automate routine tasks.
Multi-cloud and Hybrid Clouds
It’s too easy to think of “the cloud” as a place: a single virtual location, with a single provider. But that’s not reality. As IBM has said frequently, the cloud is a capability, not a destination. By the time most companies start thinking seriously about a “cloud strategy,” they already have pilot projects in multiple clouds. Mergers and acquisitions complicate the situation even more, as does data that has to remain on-premises for regulatory or security reasons. What counts isn’t moving applications to a specific provider, but having a uniform interface that lets you use capabilities regardless of their physical location. 2021 will be the year that companies (officially) adopt multi- and hybrid clouds, removing the operational and developmental barriers between their own, on-premises IT and cloud providers. We will discover what it really means to be “cloud-native.”