Your Linux container and Kubernetes forecast for 2021

Ah, 2021. The year we waited all 2020 for. Linux containers helped organizations get and stay agile—a key marker for getting through 2020 and ready for whatever comes next. Here are three things organizations should keep on their container radar for the coming year (and then some).

Containers and virtualization

When Linux containers started to gain popularity, there was a lot of discussion about “containers versus virtual machines.” Today, the discussion is moving toward “containers and virtual machines.”

This is especially true as many companies face the reality of their past—that is, their legacy systems—as they expand their use of containers and Kubernetes. Sure, writing everything from scratch is a way to go, but it’s not possible for most companies. They only have so much money to do so many things. We saw this with Unix to Linux. We saw it with Linux on bare metal to Linux on VMs. We see it with anything new.

And, not for nothing, there are some workloads that just make more sense in a VM. We want to bring as many workloads along the cloud-native path as possible, but we’re not going to rewrite every single app into containers.

And then there’s the idea of running containers inside virtual machines. Does that provide a better level of isolation for the workload at hand? An interesting platform to look at in this area is Kata Containers. Kata uses hardware virtualization to build a secure container runtime with lightweight VMs that perform like containers, but offer stronger workload isolation.

In 2021 organizations should keep track of different ways that virtualization and container technology will intersect and complement each other. They should also think about how development, operations, business management, and other teams will need to shift the ways they are currently working to support future cross pollination of containers and VMs.

Container tooling

There are a million container-focused tools that organizations should have their eye on. (Maybe not a million, but it can sure seem that way.)

One category to focus on this year is build tools. Cloud-native buildpacks, for example, let you do some crazy-complex things without having to deal with the complexity. Buildpacks—which started at Heroku—inspect an app’s source code and figure out a plan (like what dependencies are needed) to run it. A buildpack can also set up network services for the app. All of this lets developers focus more on the apps and less on stuff like networking, compliance, and security. (Not that anyone is saying developers shouldn’t be concerned with networking, compliance, and security.)

There’s also a lot of interesting movement around rootless containers, which can be created, run, and managed without admin rights. Why would you want to? Security is the main benefit, but running rootless containers also reduces overhead because they do not require a new system daemon to run. Podman is one tool that enables organizations to run containers with root or with a non-privileged user (rootless). A daemonless, open source, Linux-native tool, Podman makes it easy to find, run, build, share, and deploy applications using Open Containers Initiative (OCI) containers and container images.

With security top of mind, another tool to keep an eye on is StackRox, which provides visibility across containers and Kubernetes clusters by directly deploying components for enforcement and deep data collection into the Kubernetes cluster infrastructure. In addition, the StackRox policy engine provides built-in controls that make it easier for organizations to enforce security best practices and industry standards.

Containers at the edge

If edge computing was a whisper at the beginning of 2020, it was a roar (or at least a dull roar) by the end.

Digital transformation was put on fast forward because of the pandemic—including the move to edge computing, because so many people and businesses were pushed to the edge with remote, well, everything.

Look for containers and Kubernetes to play a big role in edge computing in the year (and years) ahead. The image packaging format of containers is really convenient at the edge. You could build a container image in a CI/CD system, push it out to a registry, and have, say, a dozen IoT devices pull it down. If nothing breaks you could feel confident in pushing it to thousands or even millions of devices. You know it will succeed because you already tested it locally on the exact same devices.

This is just one example of how the flexibility, compatibility, and scalability (all the “ilities”) of containers can work to the advantage of edge. And, of course, Kubernetes is made for scaling, and works across multiple environments. It’s also flexible enough to support whatever cool things are coming down the pike. All of this makes Kubernetes super-well-suited to orchestrating the container process as well at the edge as it does in the cloud.

Kubernetes v1.20

Speaking of Kubernetes, version 1.20 was released at the end of 2020—a bright spot in the year and definitely something that will have an impact in 2021. In a blog post, the Kubernetes release team called v1.20 “one of the most feature dense releases in a while.”

The Kubernetes team notes a number of themes in the new release including:

• Volume Snapshots, which provides a way to trigger volume snapshot operations, has gone stable. Snapshots are an important element for enterprise-class storage administration on Kubernetes.
• The Kubectl Debug tool, which provides support for common debugging workflows directly from Kubectl, is now in beta.
• API Priority and Fairness, which allows kube-apiserver to prioritize incoming requests, is in beta.
• The Process ID Limiting feature has GA’d.
• Graceful Node Shutdown, which makes the kubelet aware of node system shutdowns and enables graceful termination of pods during a system shutdown, is being alpha tested.

There are a ton of other new features and changes in Kubernetes v1.20, including the deprecation of Docker (don’t be too worried: see “Kubernetes is Removing Docker Support, Kubernetes is Not Removing Docker Support”) and repair of the exec probe timeout handling issue. Exec probes are common with software like Redis, where the default way to check if the software was running and healthy was to exec a shell into the container and run a specific command. The probes never respected the timeout value and could hang forever, which made them unreliable. Now they’re fixed!

Because the evolution of Kubernetes is pretty much the evolution of containers (and vice versa), organizations should start thinking now about how the changes outlined above will impact the business.

Containers will continue to play an important role as we move into what some are calling the “next normal.” Paying attention to changes in the container universe will help organizations continue to support their employees and customers with whatever applications and services are in most demand.

At Red Hat, Scott McCarty helps to educate IT professionals, customers and partners on all aspects of Linux containers, from organizational transformation to technical implementation, and works to advance Red Hat’s go-to-market strategy around containers and related technologies.

—

New Tech Forum provides a venue to explore and discuss emerging enterprise technology in unprecedented depth and breadth. The selection is subjective, based on our pick of the technologies we believe to be important and of greatest interest to InfoWorld readers. InfoWorld does not accept marketing collateral for publication and reserves the right to edit all contributed content. Send all inquiries to newtechforum@infoworld.com.