On May 23, the second iteration in Australia of the Container Camp conference started and this year, Bulletproof was a sponsor. Conferences like this always give a good indication of where the market is, and especially to see where it’s going.
In case you didn’t get a chance to attend, videos of the talks will be available soon, and below are some of the things we, as a team, took away from it.
With the releases of AWS’s EKS and Azure’s AKS, all three major cloud vendors now have their own dedicated Kubernetes services. The accessibility of Kubernetes means that the focus has shifted to extending rather than using it in the first place.
As Kubernetes is a very extensible system, this means that many tools have shown up to fill in the gaps in the system. This ranges from Helm Charts or kubecfg for managing the installation of your applications, Envoy and Contour for ingress control, or Istio for intelligent routing, policies, and even to give you insight into how your applications are running. In addition, there are cloud-specific tools, such as plugins that handle the networking optimised for your cloud provider or tools that allow you to continuously deploy and debug from your IDE.
The growing maturity of Kubernetes and the constant improvement by the community means that we now have more production stories to learn from as well. Whether that is from companies that share problems they’ve run into, those who show us how they run a multi-tenant system, or even how we will be able to run these clusters across multiple cloud vendors.
Related to Kubernetes, there is a second shift happening as well. Over the past year, many parts of container workloads have become standardised, including container runtimes and container images. Where before Docker was the de-facto standard of dealing with these, Kubernetes and other tools can now work with anything that follows the standards.
While Docker is useful for many things, there might be environments you don’t want to run it on. This can be on a Kubernetes cluster where you use custom runtimes or even IoT devices where you encounter many limitations. As traditionally Docker is still used to build the images for this, it was good to see that more image building tools are becoming available as well.
No discussion about containers seems complete without mentioning security. There are distinct security advantages to running containers, but that doesn’t negate the need to do work to keep them secure. As with the Kubernetes ecosystem, the security space keeps evolving and providing better tools.
Whether this is for securing and verifying your containers before they run or dealing with security once deployed. A big theme was also a “shift to the left” which means that development should take security in account from the start, and even include it in the continuous integration pipelines.
Finally, a quick shout out to the conference organisers and the fantastic speakers. Having attended both of the Australian conferences, I am impressed by how well-organised, informative and fun these events were.
If you are in Australia and interested in containers, I highly recommend going next year. With many of the brightest minds from both Australia and overseas attending, the hallway track allows you to meet and discuss things with them as well. I hope to see you there next year!