Open Versus Closed Source: What is the State of Kubernetes Protection?
by Krista Macomber | April 25, 2023

The News: KubeCon + CloudNativeCon Europe 2023 were held in Amsterdam this past week and one thing is abundantly clear: Kubernetes is well on its way to enterprise adoption, bringing with it a number of benefits — most predominantly being application development agility. There are some challenges that arise, though, when enterprises look to operationalize Kubernetes at scale, which I’ll explore here.

Open Versus Closed Source: What is the State of Kubernetes Protection?

Analyst Take: KubeCon + CloudNativeCon Europe 2023 were back in full force this year and as mentioned earlier, it is clear that Kubernetes, with the many benefits it affords, is well on its way to enterprise adoption. That said, there are some challenges that enterprises face when it comes to the operationalization of Kubernetes at scale.

One of the most significant challenges that I see is the ability to protect and manage clusters and persistent data at scale. This is particularly a threat as ransomware continues to raise the potential for data loss for organizations, but it the threat of ransomware is also helping to increase visibility and an understanding around the need for data protection among C-Suite executives.

The market for Kubernetes protection is nascent but quickly evolving, and one thing is clear: there is a strong propensity toward open source tools for protection, especially Velero. This is because Kubernetes itself is open source and is being brought into the enterprise by developers. So, there is a natural propensity towards the open source, “do-it-yourself,” scripting-based approach.

This approach may be suitable for a small number of clusters, but, as Futurum Labs has encountered in testing, it becomes far too time-consuming and cumbersome for day-to-day management tasks at scale. This is where multi-cluster management which includes the ability to create policies, automatically discover resources to be protected, and automatically apply those policies becomes important. At the Red Hat Community summit, a non-scientific raise of hands showed less than 30% of the attending community had more than five clusters, while Evaluator Group research showed Kubernetes to be in production at over 50% of surveyed customers, with 60% of the customers running more than five workloads (applications).

Multi-cluster management and automated data protection functions play an even more strategic role when we factor in the shift to DevSecOps practices that aim to seamlessly integrate development, security, and operations processes into collaborative and integrated functions. Capabilities like data protection need to be as baked into workflows as possible in order to support efficiency and avoid slowing down agile development processes.

The relationship between Velero and third-party data protection providers will continue to evolve. This is evidenced by one KubeCon announcement, which is the introduction of CloudCasa for Velero. This new service will add key value components, including multi-cluster management, on top of customers’ existing Velero deployments, and note that the customer is not required to migrate to a CloudCasa-proprietary “flavor” of Velero.

Naturally, vendor approaches differ. Dell and IBM, for example, have used Velero as the basis for their data protection software offering. In addition to offering PX-Backup, Portworx offers a plugin that allows Velero to take snapshots of and restore Portworx volumes.

These are just a few examples, and from an ecosystem perspective, data protection-centric capabilities will increasingly be complemented with tools such as API observability for the identification and debugging of issues in code to strengthen the DevSecOps-oriented IT workflows and lifecycles.

What does this all mean for IT Operations? Increased collaboration with developers, security teams, and lines of business, will be essential in order for teams as a whole to better understand corporate-level strategic and day-to-day operational and security requirements. In many ways, IT Ops serves as the lynchpin to success because this team is responsible for IT infrastructure and information management and protection. With this in mind, Kubernetes-related requirements will increasingly influence priorities for IT spending and projects.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

KubeCon 2023: SUSE Launches Rancher 2.7.2, Latest Version of Rancher

GitLab and Oracle Partner to Accelerate AI/ML Development

KubeCon 2023, Amsterdam: 10K Strong and Sold Out

About the Author

Krista covers data protection and management, with a focus on multi-cloud environments, for The Futurum Group. She brings approximately a decade of experience providing research and advisory services and creating thought leadership content, with a focus on IT infrastructure and data management and protection. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications, including eWeek, TechTarget, and The Register.