I was really excited to attend the Cloud Native Computing Foundation’s (CNCF) KubeCon + CloudNativeCon Kubernetes conference in Seattle. I might have been the only person who didn’t pack an umbrella for cold and rainy Seattle, but luckily there were plenty of vendors giving away umbrellas and ponchos. The convention floor was packed with people playing foosball, ping-pong and a giant Pac-Man game. There was also plenty of cold brewed coffee on tap from a certain famous Seattle coffee vendor.
The Growth of KubeCon
The KubeCon conference has enjoyed massive growth over just a few short years. A friend of mine told me that the small company he founded sponsored KubeCon back when in the whole event could fit into a hotel lobby. KubeCon North America 2018 had about 8,000 attendees, so it’s hard to believe that this event was so small. The growth of this conference speaks to the popularity of not just Kubernetes, but also the growing importance of open source in the enterprise.
Open Source in the Enterprise
As the CyberArk open source community manager, I am happy to see the shift in the way enterprise companies think of open source. Only a few years ago, some of the major banks I worked with refused to use any open source software because they feared that it was less secure. Many billion dollar businesses used to see some plumbing-layer open source projects like OpenSSL and OpenSSH as a source of free labor. The general perception was that the open source community would support the project and there was no need for big companies to give back. Google was one of the first large companies to change this perception and truly give back to open source.
The emergence of Open Source in the Enterprise
Craig MckLuckie gave an interesting talk on his own experience creating k8s called “Open Source, Open Community and Open Development.” Many think of the “don’t be evil” company as a benevolent benefactor that gave us free software out of the kindness of its heart. Maybe there was some charitable motivation there, but Craig explained that before it first released Kubernetes Google was losing badly to AWS and needed a way to change the game or risk being shutout. Open source facilitates adoption, but in exchange you lose some control of the project as it becomes community driven. It wasn’t long ago that companies could easily build a moat around their proprietary technology to keep the competition out. Open source projects built in the open and governed by consensus make it difficult for any single company to gain an unfair advantage. Losing some control of Kubernetes wasn’t a bad thing for Google, because it meant no one else could control it on their own either.
CyberArk @ KubeCon
CyberArk was proud to sponsor both KubeCon and the Red Hat OpenShift Commons Gathering event that collocated with KubeCon this year. There was so much to do at KubeCon and not enough time to do it all, but we had a lot great conversations with developers at our booth about their pain points and concerns related to DevOps security and secrets management. Many of these conversations were prompted by Ankur Lamba’s talk, “Case Study: Secrets Management on OpenShift @ USAA,” and Geri Jennings’ talk on Security Islands.
CyberArk’s Latest Open Source Offering in Beta
CyberArk’s new open source product, Secretless Broker, focuses on making secrets management seamless for developers. It is currently in open beta.
CyberArk’s Secretless Broker project was developer lead and built to address the major developer pain points when interacting with various secrets providers. I was hoping to get some feedback on how this project addresses developer pain and I was not disappointed. I asked developers and DevOps engineers who stopped by the CyberArk booth what their biggest pain points were related to secrets management and they said:
- Time spent interacting with or coding to secrets providers
- Learning different APIs or any API for a secrets management application
- Losing control of a secret after it’s been received by application
I am happy to say that these responses aligned with the value that we think Secretless Broker would bring to developers. Your feedback on the Secretless Broker is welcome. Please give the beta a try at Secretless.io and let us know what you think.
Wrapping up KubeCon 2018
Kubernetes is one of the fastest growing container orchestration platforms, so it’s no surprise that KubeCon is one of the fastest growing conferences. By proxy, this is an indication of how important open source has become to enterprise companies. DevOps security had a much larger presence at the conference than I expected. We had many great conversations with developers and DevOps engineers at the conference about our open source projects, but the buzz was mostly focused on our Secretless Broker open source beta project. Please give it a try and send us your feedback at Secretless.io.
If you were not able to make it to KubeCon this year, I hope to see you there next year!
John Walsh has served the realm as a lord security developer, product manager and open source community manager for more than 15 years, working on cybersecurity products such as Conjur, LDAP, Firewall, JAVA Cyptography, SSH, and PrivX. He has a wife, two kids, and a small patch of land in the greater Boston area, which makes him ineligible to take the black and join the Knight’s Watch, but he’s still an experienced cybersecurity professional and developer.