KubeCon Spotlight: 10 Big Open-Source Advancements

Diagrid, Traefik Labs, NetApp and Red Hat are among the companies that made big waves at the KubeCon event.

A conversation API for improving artificial intelligence application development. An API Sandbox-as-a-Service. And a model registry capability in OpenShift AI 2.15.

These offerings from Diagrid, Traefik Labs and Red Hat, respectively, are among the biggest open-source advancements to come out of the KubeCon + CloudNativeCon North America 2024 event for open-source and cloud developers, architects, engineers and vendors. The event was held this year in Salt Lake City.

During a keynote session at KubeCon, Lachlan Evenson, principal program manager for Microsoft’s open-source strategy and upstream contributions to cloud-native projects, said that the Kubernetes community needs to continue to improve on security, simplicity and future-proofing.

“We’ve kind of bolted security onto the end,” he said. “I see it in a lot better place, but there’s still a need to get better security controls and make that a priority. So I do see a lot of work in that space. Excited about how that’s panning out.”

KubeCon + CloudNativeCon North America 2024

As for the complexity of Kubernetes, Evenson said that “in building this thing over the last 10 years we’ve made something really complex and the rise of things like platform engineering and observability 2.0 … people are deploying their cloud-native estates and workloads to this platform. And it’s growing over time. But we want the growth of our workloads not to grow at the same rate as the complexity. So decoupling the complexity from the growth of our workloads is something we really need to pay attention to.”

Kubernetes’ adaptability to support new workloads “will be critical in the future” to run developer platforms and WebAssembly.

Here are some of the biggest open-sourve advancements from KubeCon + CloudNativeCon North America 2024.

Red Hat

Red Hat came out in force during KubeCon 2024, revealing multiple innovations across its portfolio including improved capabilities around virtualization in OpenShift, more model training support in OpenShift AI, better abilities for low latency in Edge Device and new AI templates in Developer Hub.

The Raleigh, N.C.-based IBM subsidiary revealed general availability of OpenShift 4.17. This version improves on safe memory oversubscription for virtual machines and gives users a technology preview of storage live migration between devices and classes while a VM runs, according to Red Hat.

Red Hat OpenShift AI 2.15 is headed to general availability. The offering supports model development, training, serving, automation and other predictive and generative AI use cases. Part of the updates include a technology preview of a model registry to manage versions, metadata and model artifacts and detection tools for data drift and bias.

Red Hat’s version 4.17 of Device Edge includes new low latency and near-real-time capabilities to appeal to use cases from autonomous vehicles to industrial settings.

And Red Hat made five new templates focused on common AI use cases available in its Developer Hub offer: audio-to-text, chatbot, code generation, object detection and a retrieval augmented generation (RAG) chatbot.

During KubeCon, Red Hat also revealed that it had signed an agreement to buy Neural Magic, a Somerville, Mass.-based startup that provides software and algorithms for generative AI inference workloads.

NetApp

During KubeCon, NetApp revealed that it expanded its collaboration with Red Hat for new products and services around enterprise application development and management in virtual environments.

The San Jose, Calif.-based data infrastructure vendor’s deeper partnership with Red Hat now means new validated designs for Red Hat OpenShift Virtualization and Red Hat OpenShift AI deployments on the Cisco FlexPod converged infrastructure offering and a supported way to move Red Hat OpenShift workloads to Google Cloud and benefit from NetApp OnTap intelligent data infrastructure capabilities.

The deeper partnership also now allows for Red Hat OpenShift operations teams and DevOps teams to pull OnTap functionality into existing workflows while leveraging all-flash storage to maintain persistence as virtual machines or containers are created, modified or removed.

New Relic

New Relic made generally available a one-step observability for Kubernetes offering at KubeCon.

The San Francisco-based application performance monitoring vendor bills the new capability as key for monitoring and managing dynamic Kubernetes environments. It has A-strengthened insight and out-of-the box dashboards and views aimed at speeding up incident resolution and improving developer productivity.

The capability also has native support for OpenTelemetry and Prometheus.

Grafana Labs

Leading the development of the Kubernetes Monitoring Helm chart—an open-source tool for collecting comprehensive telemetry data from Kubernetes clusters—and a suite of contextual root cause analysis workflows in Grafana Cloud are some of the advancements Grafana Labs spotlighted during the event.

The New York-based operational data visualization tools vendor also touted its new open- source code that allows users to translate Datadog metric formats into native OpenTelemetry protocol format.

The vendor is also expanding its Explore Metrics no-code experience to automatically handle OpenTelemetry metrics, according to Grafana.

Mirantis

Mirantis revealed its Mirantis Kubernetes Engine (MKE) 4 offering for powering secure clusters and hosting mission-critical workloads.

The Campbell, Calif.-based open-source infrastructure vendor for containers and VMs said that 300,000-plus nodes of MKE have been deployed in production. This new offering has automated life-cycle management and configurations that Kubernetes operators can correct to prevent drift, according to Mirantis.

MKE 4 has KubeVirt for integration of container and VM workloads and validated templates for optimizing stacks while swapping in alternative components if desired.

Tigera

Project Calico creator Tigera unveiled new Kubernetes policies and policy tiers that provide granular control over policy precedence as part of a wave of innovations aimed at containers users.

The San Francisco-based container networking and protection tools vendor said it has expanded Calico network security to work beyond Kubernetes to VMs and hosts outside a cluster and bolstered its network-based threat detection to improve accuracy.

The vendor also introduced Exploit Prediction Scoring System and other metadata, plus information on known exploits to estimate the likelihood that a software vulnerability will be exploited in the wild.

Sysdig

Sysdig launched Falco Feeds, a set of Falco detections, during KubeCon 2024.

The San Francisco-based cloud security vendor says the new offering gives users rules that continue to be updated as new threats are discovered, with updates available for Log4j and other common vulnerabilities and exposures, according to Sysdig.

The detections should inform users of evolving attacker behaviors and sophisticated techniques that can exploit even minor vulnerabilities in new ways. The rules are classified by regulatory and security compliance frameworks. Falco has more than 130 million downloads, according to Sysdig.

Traefik Labs

An API Sandbox-as-a-Service offering and Traefik Proxy v3.2 were the marquee news items from Traefik Labs at KubeCon 2024.

The San Francisco-based API management vendor bills the Sandbox-as-a-Service offering as key to API design and development, while the proxy is one of five offerings that support the latest GatewayAPI 1.2 specifications.

The mock APIs should allow for APIOps practices to improve. The sandbox offering can deploy as SaaS or on-premises, according to Traefik.

Armo

Armo and global systems integrator Orange Business have a new collaboration around Orange leveraging the vendor’s runtime-driven cloud security platform to secure its Managed Kubernetes Service infrastructure, with Orange also becoming a reseller of Armo.

The Israel-based cloud security platform company positions its platform as providing on-premises and air-gapped Kubernetes and runtime security while meeting data sovereignty and regulatory compliance needs.

Armo created and maintains the Kubescape open-source Kubernetes security project and bills its platform as capable of providing better risk context when responding to cyberattacks.

Diagrid

During KubeCon 2024, Diagrid said that version 1.15 of its Dapr project, set for download availability in December, will allow developers to quickly build AI-enhanced applications powered by customized large language models (LLMs).

The Seattle-based microservices API vendor said that Dapr’s conversation API should simplify how developers interact with LLMs and enable critical security and reliability functions with like prompt caching, personally identifiable information data obfuscation and other capabilities.

Version 1.15 will move the workflow API into production-ready status for orchestrating microservices for long-running stateful apps, according to Diagrid. Users can orchestrate RAG pipelines for LLM customization and use the conversation API to query the LLM with built-in prompt caching, for example.