Whether your company has just started using Kubernetes, or it’s been using it for years, you may be wondering if you’re already getting the most out of it. Leveraging such a powerful – and, let’s be honest, complex – container orchestration tool is not an easy task. But, don’t worry – K8s enthusiasts are working hard to make it even better. The Kubernetes project itself reported 62000 contributors total in 2021. And it’s no wonder, as the CNCF (Cloud Native Computing Foundation) declared that it has truly gone mainstream in the last year, achieving a de-facto status. So, of course, a significant number of Kubernates-related projects have been popping up on Github. Keep on reading if you want to know what to expect in the near future and which ones are our favorites.
What can we expect from Kubernetes?
The Kubernetes project itself is already working towards improving two specific areas: security and Windows support.
Supply chain security is on the agenda for every Kubernetes community group. Additionally, we have seen improvements regarding pod security, certificates, and end-user security documentation. However, most of the work for ensuring security is on the configuration side. We have listed below some interesting open-source projects that will help you in this task.
And as we said, K8s is also growing its Windows support. We now have a pod OS field, hostProcess container support, operational readiness standards for Windows, and an updated developer UX for this operating system. We are soon to see more new features in this direction in the upcoming releases.
The top 10 best Kubernetes resources for 2022
Github is bursting with resources for Kubernetes. Contributors all over the world are working on projects to make them more powerful, secure, and manageable. Have a look at the 10 best Kubernetes projects to watch out for in 2022:
(Projects are listed in alphabetical order)
1. Chaos Mesh is a chaos engineering platform for Kubernetes. It can be easily deployed on K8s clusters directly, and perform chaos experiments in production environments without modifying the deployment logic of the application. You can observe the state of the experiment itself in real time and quickly roll back any injected failures.
2. CRI-O is an Open Container Initiative (OCI)-based implementation of the Kubernetes Container Runtime Interface (CRI). It’s designed to be optimized for K8s, so that it’s a lightweight alternative to using Docker, Moby, or rkt as the runtime for Kubernetes. Basically, it allows Kubernetes to use any OCI-compliant runtime as the container runtime for running pods.
3. Falco provides cloud-native runtime security. It can act as an automated Security Incident and Event Management (SIEM) system if used with a log handling service. It can also serve as an Intrusion Detection System (IDS). In fact, it’s the de facto Kubernetes threat detection engine.
4. Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. It secures artifacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted. It aspires to become the trusted cloud native repository for Kubernetes.
5. Kubeflow is a machine learning (ML) toolkit for Kubernetes.It allows making deployments of machine learning workflows simple, portable, and scalable. It provides a custom TensorFlow training job operator that you can use to train your ML model. Then, it supports a TensorFlow Serving container to export trained TensorFlow models to Kubernetes.
6. KubeVela is a tool for application definition and image build in Kubernetes. It is infrastructure agnostic, programmable, and application-centric. Its building blocks include built-in security, compliance, and observability. The deployment workflow in KubeVela is powered by the Open Application Model (OAM).
7.Longhorn is a cloud-native distributed storage built on and for Kubernetes. It delivers simplified, easy-to-deploy and upgrade, persistent block storage without the cost overhead of open core or proprietary alternatives. Its built-in incremental snapshot and backup features keep the volume of data safe in or out of the Kubernetes cluster.
8. OpenELB is a load balancer implementation for Kubernetes in bare-metal, edge, and virtualization environments. In cloud-based clusters, services are usually exposed by using load balancers provided by cloud vendors. However, these load balancers are unavailable in other environments. You can use OpenELB to create LoadBalancer Services in your bare-metal, edge, or virtualized environment for external access, with the same user experience.
9. Open Policy Agent (OPA) is an open-source, general-purpose policy engine. It lets you decouple policy from the service’s code so that you can release, analyze and review policies (security and compliance alike) without sacrificing availability or performance. Even more, it can help you prevent misconfiguration by acting as a Kubernetes Admission Controller. Did you know that two-thirds of all insider threats in Kubernetes are due to negligence?
10. Prometheus is the leading open-source monitoring solution. It implements a highly dimensional data model made up of time series. It allows slicing and dicing of collected time series data in order to generate ad hoc tables, graphs, and alerts. Other open source projects further improve its capabilities, such as Cortex or Thanos.
Cloud-native computing is spreading rapidly among companies and nobody wants to be the last one to adopt it. However, composing a tailored solution to your company’s needs is key to reaching its full potential. We encourage you to test our playground and see how you can accelerate your cloud-native development. It’s completely free, you simply need to sign up and get started!