At the combined CloudNativeCon and KubeCon Europe conferences, held in Berlin, Germany, the Cloud Native Computing Foundation (CNCF) made several announcements in regards to their mission to create and drive the adoption of cloud native systems, including: the latest release of the container scheduling platform, Kubernetes 1.6, which focuses on scalability and security; the acceptance of Docker's containerd and CoreOS' rkt container technology projects into the CNCF; and the release of the 'Kubernetes Certified Administrator Exam' curriculum.
The first announcement made at the conference was the release of Kubernetes 1.6. This latest release of the container scheduling and orchestration platform contains a focus on scale, security, advanced scheduling, and dynamic storage provisioning. Dan Kohn, Executive Director of the CNCF, discussed that 5,000 node clusters are now supported (meeting the documented Service Level Objective). This 150% increase in total cluster size is powered by a new version of etcd v3 by CoreOS. Aparna Sinha, Kubernetes Product Management Lead at Google, demonstrated on stage that for users wanting to scale beyond this cluster size, federation allows the combination of multiple Kubernetes clusters that can be addressed through a single API endpoint. In relation to this, the kubefed CLI tool has graduated to beta.
Kohn announced that Docker's containerd and CoreOS' rkt container technologies have now be donated and accepted by the CNCF Technical Oversight Committee (TOC) as CNCF projects. InfoQ spoke to Alexis Richardson, CEO of Weaveworks and CNCF TOC Chair, and discussed the impact of hosting two effectively competing technologies:
The acceptance of both containerd and rkt into the CNCF is a good example of including projects that may have the same goals, but accomplish them technically using very different approaches. This, combined with the [Open Container Initiative] OCI specification, will keep everyone honest and drive innovation within this space.
During the opening keynotes, Clayton Coleman, Architect and Engineer, Cloud Orchestration and Containers at Red Hat, discussed the importance of security within the container space. Clayton highlighted that there are many currently available tools within Kubernetes: RBAC (separation of roles), PodSecurityPolicy, node and network isolation, audit, and using trusted images and hardening the underlying operating system. However, many security tools are still required, such as: unique node identities, container identities, easier internal TLS, limited access to secrets, the ability to limit who can run what and where within a cluster, and much more. Clayton strongly encouraged the community to get involved and make contributions, and made clear that input from both distributed system designers/operators and end-users/developers was required.
Several sessions throughout the first day of the conference clearly reinforced the focus being placed on scalability and security, with the primary message being about making the technology hosted within the CNCF effective and robust for real-world use cases. Also clear was the strive to make understanding and using the technologies easier, and to this end the Kubernetes Certified Administrator Exam Curriculum was also made freely available. This complements the (commercial) Kubernetes Fundamentals training made available late last year. Volunteers to help with beta testing the exam in May are needed, and interested developers and Kubernetes experts should subscribe to the Kubernetes Certification Working Group list.
Additional announcements at the conference included the addition of Dell as a new CNCF Platinum member; SUSE as a new CNCF Gold member; and HarmonyCloud, QAware, Solinea, and TenxCloud as Silver members.
Videos of all of the CloudNativeCon keynotes and breakout sessions are now available via the Cloud Native Computing Foundation YouTube channel, and session slide decks can be obtained via the CloudNativeCon Schedule webpage.