Kubernetes Ecosystem Companies to Watch

I spoke to lots of vendors and customers at KubeCon NA 2023. Here is my summary of companies to watch.

JFrog is doing good work assembling tools to manage an enterprise software supply chain. JFrog Curation helps filter public code sources for vulnerable or potentially malicious packages, containers, etc. JFrog XRay scans software to find security issues, license compliance risks, and can create software bills-of-materials. JFrog Pipelines glues the whole thing together.

“It’s about being able to, at any time, show and prove everything you’ve done to a piece of software,” said Sean Pratt, Senior Product Marketing Manager at JFrog.

GitLab takes a similar opinionated, one-stop-shop approach to the software development process. While GitLab works best when you adopt it completely, David DeSanto, Chief Product Officer at GitLab clarified for me that customers can adopt GitLab at a pace that suits them. It has plenty of integrations with other tools, including ones whose functionality overlaps, such Jira. You can start with source code management and continuous integration and build from there.

Tigera is the main company behind the Calico service mesh, which Tigera claims is used in 1.1 million clusters in 166 countries running 8 million nodes. Tigera has decided that security is its focus, going beyond mere service networking.

“We are in the business of preventing, detecting and mitigating breaches in cloud native applications,” said Ratan Tipirneni, CEO of Tigera.

Cerbos is doing something really interesting for permissions management for applications. Instead of having to write separate permissions checking business logic in every application, Cerbos provides a stateless, policy-driven approach that developers can call when permissions checks are needed. You can even embed it as a WebAssembly module in a web frontend running on a service like Netlify. No network calls to slow things down!

Speaking of WebAssembly, the component model should reach version 1.0 within the next month or so. The component model is the piece that allows modules like encryption libraries, database interfaces, and basically anything else that would be a dynamically linked library to be written in any language and used by anyone in the WebAssembly ecosystem.

I remain pretty optimistic that WebAssembly could be really big, and expect to see significant growth in the ecosystem during 2024. Bailey Hayes, CTO at Cosmonic and a key person working on the WebAssembly standards, was keen to point out that a stable release of the component model doesn’t mean it’s ‘done’ and will never change. It just means that breaking changes should become rarer, and that component authors can target the platform with more confidence.

Cosmonic CEO Liam Randall made an observation that I really like: The goal of platform engineering is that the platform minimises the amount of engineering you need to do to get stuff done. Common services are just baked into the infrastructure and you can use them largely without thinking about it very much.

PerfectScale is doing interesting things with resource optimisation. Cost and efficiency are on people’s minds a lot recently, given wider economic conditions. PerfectScale helps teams to find waste in their environment that they can turn off, but it also goes further, highlighting workloads that are under resourced.

I was shown an example of a workload that kept getting restarted because it was running out of memory thanks to a dev blindly copying the config from a previous app. It’s a straightforward enough tuning exercise when you’re doing one at a time, but for a large fleet of microservices, it gets hard to do without a tool. PerfectScale also has some clever mechanisms for verifying that changes aren’t going to break things, which often happens when bean counters blindly turn things off to save money. It’s worth a look.

These companies highlight what I think are the most interesting parts of the cloud native ecosystem at the moment: platform engineering with a focus on operational management, security and software supply chain, and the early stages of WebAssembly on the server.

Customers are going to need guidance on how to engineer their platforms, and PivotNine is here to help. If you’re exploring how to adopt a cloud-style operating model for your infrastructure, talk to us about how leading companies are addressing this challenge.