Enterprise Strategy kubernetes security service mesh Thought Leadership

Tools Make the Difference for Kubernetes Success

The way to solve Kubernetes complexity is with tools. Ironically, this also creates a lot of complexity because there are many options for each type of tool and, thus, an unfathomable number of combinations. Each stack of tools first requires unique integrations, and then there's ongoing work to keep all those tools integrated and working together.

It's no wonder, then, that we've seen a strong willingness for organizations to spend money on Kubernetes tools. Among many questions, our 2023 State of Kubernetes survey asked 753 software development and IT professionals what tools they believe are useful for running and managing Kubernetes. Let's take a look at the types of tools people find valuable.

tl;dr

  • As always, Kubernetes security and governance tools are popular: 53 percent of respondents said data security protection and encryption tools are useful, and policy management compliance guardrail enforcement shot up in importance from 30 percent in 2022 to 41 percent in 2023. Importantly, 48 percent of respondents are willing to pay for these tools.

  • Platform monitoring and alerting saw slight growth and has maintained its position as one of the most valuable tools, at 55 percent. People's willingness to pay for these tools rose from 37 percent in 2022 to 44 percent in 2023.

  • Most organizations (92 percent) have a service mesh in place and predominantly use either open source or commercial systems, with only 27 percent using DIY service mesh tools.

Security and governance

Chart showing top Kubernetes security concerns, with Number 1 being misconfigurations and exposures.

Top concerns regarding Kubernetes security, as reported by State of Kubernetes survey respondents.

People are always interested in (or "concerned with," if you prefer) security for Kubernetes, as our survey shows. This year, we saw a rise in security teams taking an active role in Kubernetes, up from 15 percent in 2021 to 23 percent this year. Security challenges during deployment and ongoing management rank high, often landing in the No. 1 spot.

It's little wonder that security tools have a strong focus, with 53 percent considering those tools  useful. The survey shows an increasing interest in policy management compliance guardrail enforcement tools. In 2022, 30 percent of respondents found these tools valuable. This year, that number jumped to 41 percent. 

What you see here is a growing focus on compliance and governance in organizations using Kubernetes. Putting their money where their mouths are, 48 percent of respondents indicated they are willing to pay for security and governance tools and 37 percent said they'd pay for policy management tools.

As Kubernetes use grows in large organizations, we'll see more and more focus on security and governance. Early on, developers were driving a lot of Kubernetes use and, you know, security is not always a top priority for developers. A 2021 Forrester Consulting study commissioned by VMware found that "only 22 percent of developers have a clear understanding of which security policies they are expected to comply with." Of course, developers and security people tend to have a strained relationship. That same study found that "over half of developers agreed that security policies sometimes stifle innovation."

As we rebuild the app runtime on Kubernetes, security people and developers have a fresh chance to work more closely together. With developers, making the right thing the easiest thing is often the path to success for security. Tools like VMware Aria Guardrails provide a good start for getting that kind of policy enforcement in place.

Growth in platform monitoring and alerting

Chart showing Kubernetes tools being used, with the top two being data security protection and encryption and platform monitoring and alerting

Top Kubernetes tools being used by State of Kubernetes survey respondents.

Near and dear to my heart is monitoring. The field of "how's all my stuff doing?" has evolved over the past 20 years, bouncing back and forth between application performance monitoring, log management, observability, and probably some other trends I'm forgetting. Whatever you want to call it, monitoring is critical to any chunk of IT like Kubernetes.

The latest survey shows this, with a slight rise in the popularity of monitoring tools. Fifty-five percent of respondents said they consider monitoring tools valuable. Additionally, the willingness to pay for these tools has risen from 37 percent in 2022 to 44 percent in 2023, showing an increased need for efficient monitoring and alerting systems in Kubernetes deployments.

Now, it's a little odd to see that 45 percent of people think that monitoring is not important, but I'm guessing it's just not at the top of their list. I suspect that's because many people have yet to get containerized applications into production. Gartner estimates that "by 2027, 25 percent of all enterprise applications will run in containers, an increase from fewer than 10 percent in 2021."*

Service mesh adoption

According to the survey, a vast majority of organizations (92 percent) have a service mesh in place. That's near universal adoption! 

What is a service mesh, exactly? You can get a detailed explanation for free in the book Service Mesh for Dummies (of which I count myself on this topic). But as a quick idea, it's the plumbing and wiring that developers use to handle how various applications and services interact with each other in Kubernetes and across networks. As the book describes, a service mesh takes care of several functions: 

  • Service-to-service communication – Service discovery and routing

  • Service-to-service security – Authentication, authorization, encryption, and traffic inspection

  • Observability – Monitoring and distributed tracing

  • Resiliency – Service-level objectives (SLOs), circuit breakers, and retries

Cloud native applications need all of these because what we think of as an "application" is actually a collection of little applications coordinating with each other over a network. I suppose it's little wonder then that service meshes are so popular among our survey respondents.

Which service meshes are being used by State of Kubernetes survey respondents.

Most respondents reported using either open source or commercial service meshes, with only 27 percent opting for DIY tools. As ever, I'm biased, but this seems wise. While service mesh capabilities are necessary, there's not really much that's going to differentiate a business based on building a customized service mesh.

Be sure to check out VMware Tanzu Service Mesh to get that necessary layer without spending too much time figuring it out yourself.

Tools rulez

There's a massive amount of enterprise applications out there. If we trust the stated intentions of people at large organizations, most, if not all, of those applications will eventually be in Kubernetes, barring some new container orchestration craze. 

In my experience, with each platform change, you get new tooling for monitoring, management, security, and most everything else. That will drive a lot of interest in new tools, and especially so with Kubernetes. The core of Kubernetes is actually small in scope. It's all those tools that surround it that make it enterprise-grade, useful, and able to deliver the operations efficiency, developer productivity, and even business benefits, that respondents say they are seeing.

To get those benefits, make sure the tools you choose integrate together. You hear a lot about the complexity and breadth of choice in the Kubernetes ecosystem. This doesn't have to be a bad thing once you get past the cognitive load of figuring out all the pieces. What's key is making sure the tools you choose fit well together and require little duct tape and refitting to work well. At the infrastructure level, this will be tough enough. And then you'll need to add in the application developer layer to build out a platform: all the middleware, integrated build and security tools, and so forth. We've got a great, integrated stack with VMware Tanzu, based on open source components, Kubernetes, and VMware technology. Check out our management stack and developer platform.

To see how your peers are building their Kubernetes stacks, check out the rest of the State of Kubernetes 2023 survey. It has more detail on multi-cloud use and motivations, security, concerns about deploying and running Kubernetes, and other topics. Also, you can join us for an in-depth look at the whole survey in free webinars taking place on June 1 at a US-friendly time and June 7 at a Europe-friendly time.

*Gartner, CTOs’ Guide to Containers and Kubernetes — Answering the Top 10 FAQs, Arun Chandrasekaran, Wataru Katsurashima, 31 May 2022

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.