In order to complete the journey, you first must understand and become one with the journey, young padawan.
In our experience, enterprises who have fully-committed to Cloud Native technologies most typically follow a journey that can be broken down into four distinct stages: Initial Cloud Native Applications, Zero-Trust Security and Compliance, Multi-Cloud and Non-Kubernetes Workloads, and Enterprise-Wide Microservices Platform. At Isovalent, we refer to these four stages as the Cloud Native Journey. This blog aims to discuss and uncover the stages of the Cloud Native Journey as well as outline how Isovalent can help in each stage.
Initial Cloud Native Applications
The first stage we group enterprises in is referred to as the Initial Cloud Native Applications stage. In the Initial Cloud Native Applications stage, organizations will typically begin with Kubernetes and often gets their first clusters up and running. We notice that in this stage, an organization’s primary pain points often revolve around basic pod and service connectivity, the need to deliver application development teams a platform in order to be more agile in the development of their applications, and the need to be agile onboarding the applications they have built.
In Initial Cloud Native Applications, organizations often require basic networking, and want their pod, applications, and workloads to be able to communicate with each other. They may also have requirements around cluster hardening. During this initial stage, we often encounter customers who are happy to learn from Isovalent’s experience in setting up, hardening, and troubleshooting Cloud Native clusters and their first workloads. For enterprises in this stage who are also thinking about connectivity, Isovalent offers a CNI that is both prepared for more advanced technologies that may grow out of the CNI, and is trusted by many of the top cloud providers like Microsoft, Google, and Amazon.
Zero-Trust Security and Compliance
After onboarding initial Cloud Native applications, we notice enterprises start graduating to a stage we call, Zero-Trust Security and Compliance. This stage is where organizations typically start running sensitive, mission-critical and production-ready workloads on Kubernetes, and often face challenges innovating for the future while still keeping security and compliance top of mind. During this stage, we notice that organizations will also start making their Kubernetes clusters, secure, production ready, and multi-tenant, in order to have multiple teams operating on a single mission-critical cluster. To this end, a challenge many companies face in this phase is the requirement for added application security.
As a result, in the Zero-Trust Security and Compliance phase, organizations typically require application traffic to be encrypted in transit while monitoring for compliance and being alerted on potential security breaches using SIEM platform integrations. In this phase, organizations are typically utilizing their CNI to its fullest extent and may be thinking about expanding their capabilities by using Hubble, Cilium’s Observability layer. Cilium with Hubble, provides a graphical and command line interface to understand application connectivity and helps to draft network policies to secure application traffic. As organizations in this phase will need to be able to manage and operate their clusters, as well as monitor how they are performing, having metrics from Cilium and Hubble will prove to be valuable.
Further, organizations might consider the partnership between Grafana Labs and Isovalent in this phase in order to gain deeper insights to help maintain the health of their clusters. At a high level, Isovalent stands out for its more advanced expertise in the Networking, Security, and Observability spaces in stage two of the Cloud Native Journey.
Multi-cloud and Non-Kubernetes Workloads
The third stage of the Cloud Native Journey is Multi-cloud and Non-Kubernetes Workloads. In this stage, we notice that organizations are generally looking for more consistent networking across their cloud environments. This third stage is where we typically see adoption of microservices architectures along with needs for multi-cluster connectivity, Application Monitoring, L7 Observability, and both multi and hybrid cloud concerns. In stage three organizations can also possibly extend their existing Cilium Hubble usage that may have started in stage two into multi-cloud networking and observability.
Another common pain point in the third stage of the Cloud Native Journey is the need for efficient load balancing as organizations start to scale. Because of this, organizations will very likely need some initial integration with external workloads that are not containerized and not in Kubernetes. It’s very likely that these external workloads are behind traditional firewalls which are not enabled for Cloud Native.
Yet another struggle in Multi-Cloud and Non-Kubernetes Workloads is standing up containerized workloads with constantly changing IP addresses. Standing up containerized workloads presents a major security challenge as they will undoubtedly be challenging to configure with traditional firewalls. In this stage, organizations might start looking into using Isovalent’s Sidecarless Service Mesh as it offers more advanced networking capabilities that are built on top of an already existing and flexible CNI layer.
Enterprise Grade Microservices Platform
The final stage of the Cloud Native Journey is Enterprise Grade Microservices Platform. In this stage, we find customers looking to handle the most complex setups designed for high scale and churn, advanced networking, security and visibility. In this stage, enterprises typically concern themselves with the most new and cutting edge technologies. In this phase, Isovalent offers leading edge technologies and expertise in the Networking, Security, and Observability spaces.
While it’s important to mention that the phases of the Cloud Native Journey may not follow in order, or exactly how we’ve described them, the stages are roughly how we see our customer’s Cloud Native Journeys breaking down. Isovalent is uniquely positioned to serve any organization’s security, networking, and observability needs in all four phases of the Cloud Native Journey through Cilium. As more enterprises develop into the later phases of the Cloud Native Journey, we, at Isovalent, see that the need for an enterprise-grade service mesh has become increasingly important.
We encourage you to be on the lookout for our upcoming whitepaper, Security, Service Mesh, and The Cloud Native Journey with Isovalent to learn more about service mesh and security through the Cloud Native Journey. In the meantime, check out Isovalent.com where we go into more detail on the Cloud Native Journey.
Chris Lentricchia is a Senior Product Marketing Manager at Isovalent, the company behind Cilium. He resides in northern New England and enjoys the outdoors and playing with his dog, Buddy.