<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">

We're blowing the whistle on Legacy PAM 🏀 Join us for an Access Madness Webinar on March 28

Search
Close icon
Search bar icon

Kubernetes in the Enterprise Webinar Recap

StrongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen

Kubernetes is gaining traction in the enterprise as organizations bring multiple teams to the platform. That’s why Justin McCarthy, CTO and co-founder of StrongDM, recently sat down with Techstrong Group CCO Mike Vizard and a panel of experts to discuss the enterprise-specific challenges of Kubernetes adoption, including methods for handling complexity and best practices for security teams as they learn to work with this technology.

The full panel included:

So, what is required for enterprise Kubernetes adoption? Here’s the recap:

Kubernetes Expansion | Who’s in Charge?

The panel discussed the challenges for enterprises expanding their Kubernetes adoption, including:

  • How quickly are enterprise IT organizations adopting Kubernetes?
  • Is a lack of Kubernetes expertise among developers a challenge for enterprise organizations?
  •  Are we seeing a rise of full-stack developers vs. a split between platform and application teams?
  • Do organizations prefer to engage managed service providers?
  • Is there a need for greater abstraction when it comes to Kubernetes management?

Haseeb Budhani said, “Something has changed in the last year to 18 months, and people are indeed bringing multiple teams onto Kubernetes.

Bill Ledingham added, “Over the last year, we have seen [enterprises moving from] pilot projects to more widespread adoption .… That is now presenting a second wave of challenges that companies are starting to grapple with.”

The way Oded David sees it, larger organizations are adopting Kubernetes because the platform has expanded its toolkit to meet their needs. “The toolkit is now relevant to operation, stability, availability, scaling, and so on.”

Kubernetes Complexity | Is Abstraction the Answer?

The group also discussed Kubernetes complexity, considering:

  • Does Kubernetes have too many bells and whistles?
  • Will abstraction reduce that complexity?
  • What about automation?
  • Is GitOps changing the way people think about their application delivery strategy?
  • Will machine learning have a role to play in enterprise k8s management?

The panel acknowledged that Kubernetes is complex. But is that necessarily a problem? Justin McCarthy pointed out the benefit of expertise, “There's always going to be a member of your team interested in the details of Kubernetes. … And being able to create abstractions in a way that's tailored to your enterprise [is certainly preferable to] throwing your hands up because Kubernetes has a lot of features. It's true of everything.”

Haseeb Budhani added, “I see Kubernetes as having four layers. There's the storage and the networking. Then there's the actual Kubernetes layer. Then there's the add ons, and then there's the application.” But in talking to customers, he said, “What they're more focused on is how do I manage my add ons? ... The good news is, companies are popping up to solve these problems from an enterprise perspective. ”

And according to Jared Curtis, we’re likely to automate a great deal. “There are people who need to dip down really low and solve the hard problems. But for the day-to-day stuff, I think a lot of its going to be [handled by automation].”

Kubernetes Security | What Are the Best Practices?

Finally, the conversation turned toward the role of security, including:

  • Security teams often trail behind new technologies. Is that happening with Kubernetes?
  • How would you explain the cloud-native architecture stack to someone in security?
  • How can teams accelerate Kubernetes adoption in a secure way?
  • What role does standardization play?
  • Do we need better guardrails to keep things under control?

Justin McCarthy said, “I think Governance and Security both have an interest in very understandable explainable facts about any deployed environment… There is this interesting tension when we turn up the dial on ephemerality, elasticity, and scalability. That competes with that explainability [that security teams desire]... You're going to have to think about how you explain this whole story at audit time.”

So, how can developers explain Kubernetes to a security team? Jared Curtis boiled it down. “Let's pretend Kubernetes is a set of APIs, right? It's no different than the APIs for your cloud vendor… You have all your VMs. You have all your nodes. They're running containers. They’re running orchestration. And we are presenting a very robust set of APIs that you can interact with. How do we secure this? Well, we have role-based access control that's native to the platform. We have network policies designated for the platform. These are your firewall rules. This is your access control list. We have all these things already built in.

In terms of guardrails, Steve Geoge said, “I've seen some quite large enterprises grind to a halt [attempting to build the perfect platform].” For this reason, he recommended “a relatively small application-centric learning phase to build off what is right at the start … and then in later phases [adding] templating and automation.” 

Do you agree that Kubernetes in the enterprise is here to stay? Want to hear more from the panelists? Check out the replay. And if you need help managing access to Kubernetes and other infrastructure, book a free demo of StrongDM


About the Author

, Contributing Writer and Illustrator, has a passion for helping people bring their ideas to life through web and book illustration, writing, and animation. In recent years, her work has focused on researching the context and differentiation of technical products and relaying that understanding through appealing and vibrant language and images. She holds a B.A. in Philosophy from the University of California, Berkeley. To contact Maile, visit her on LinkedIn.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

MITRE ATT&CK Framework Containers Matrix for Kubernetes
MITRE ATT&CK Framework Containers Matrix for Kubernetes
If you’re Kuberntes admin and you’re not familiar with the tactics outlined in the MITRE ATT&CK framework, this blog post is for you. MITRE ATT&CK framework is an extensive knowledge base of tactics and techniques employed by bad actors that defensive security experts use to help defend their organizations against attack, and many times, used by their offensive security counterparts to test their weaknesses.
CIS Kubernetes Benchmark Implementation Recommendations
CIS Kubernetes Benchmark Implementation Recommendations
The CIS Kubernetes Benchmark is a set of prescriptive recommendations assembled to guide administrators to achieve good security hygiene and results in strength security outcomes for their Kubernetes environments.
Simplify Kubernetes Management on AWS
Simplify Kubernetes Management on AWS
Secure access controls must be applied universally and consistently across all your infrastructure—from the Linux boxes in your datacenter to your Kubernetes clusters in AWS. StrongDM Dynamic Access Management is uniquely positioned to provide seamless, secure access across your entire stack, simplifying access management and compliance for your legacy systems and modern cloud stack.
SSH and Kubernetes Remote Identities
Supercharge Your SSH and Kubernetes Resources with Remote Identities
Learn how Remote Identities helps you leverage SSH and k8s capabilities to capitalize on infrastructure workflow investments you’ve already made.
Kubernetes Governance
Kubernetes Governance Webinar Recap
Is k8s governance a challenge for your team? Join strongDM’s CTO and a panel of experts to discover common pitfalls, plus tools + tricks to help manage them.