Don't freak out too much about Kubernetes and security, it's just like any new technology that's early in usage

Here’s a little interview I did with Torsten Volk at EMA research. We talked about security concerns with Kubernetes. He’s done a great, very thorough look at Kubernetes usage and the state of things. You can get it for free thanks to my work.

Not enough failure yet to be perfect

As ever with security and a new technology, there’s a lot of uncertainty and finishing off the security features as a new technology is used more and more in the mainstream. And this is exactly what you see with Kubernetes now, especially in “the enterprise.” Despite the “everyone’s doing it” feel, when you look at estimates for how many applications are running in Kubernetes, it’s sizable and growing, but far from “everything”:

​[B]y 2027, 25 percent of all enterprise applications will run in containers, an increase from fewer than 10 percent in 2021.

From: Gartner, CTOs’ Guide to Containers and Kubernetes — Answering the Top 10 FAQs, Arun Chandrasekaran, WataruKatsurashima, 31 May 2022.

In my mind, this means that something around 15% of enterprise applications are running in containers. Are those containers running in Kubernetes? That’s harder to tell - there are many container-based platforms from the Container War days, including the Cloud Foundry ones, probably some Docker-based ones, etc., etc.

But, I’d assume that a lot of those containerized applications, especially the growth that moves the estimate up to 25% will be running in Kubernetes. You know: yeah, probably.

As more and more enterprise applications are created and migrated to Kubernetes, things will quickly be discovered, proactively fixed, and things will be peachy. Such is how technology goes.

There’s a lot of buckets

The other things driving security in the Kubernetes world is that it’s a stack designed to be DIY’ed. Instead of one, integrated and unified stack that’s polished off, you can assemble together all the parts. You know, because you’re probably a victim of the “we’re special and so we have to tinker with the stack” anti-pattern. The number of combinations of that final stack, then, are massive, and each time you customize the stack, you open yourself up to screwing up the security. So it goes with building your own stacks! Hopefully you’ve done your Wardly map analysis, or whatever.

Being the one interviewed is great - just like a being on a panel, you pretty much just show up and talk. Easy and fun.

Watch the interview, it’s only 10 minute long!


  • A consultant would clearly say that one problem you have is refusing to accept outside help. Here.

  • “Yet sometimes, I suffer from what you might call achievement fatigue: I question my motives, I ask myself what the hell I’m doing or supposed to be doing, and sometimes, I cut myself some slack.” Achievement Fatigue.

  • ‘the “pressure to presence.”’ Here.

  • I get all my news from The Register.

Relevant to your interests

  • OpenAI’s ChatGPT can look at uploaded files in the latest beta updates - I’m thinking that, soon, ChatGPT will be a better way that create images than Midjourney. Midjourney’s prompts and refinement method is way too complex and uncontrolled. It’s very difficult to figure out how to say things like “add a skateboard to the second image.”

  • PowerPoint gone crazy in the US Military (2010) - From 2010. Yes, and: it’d be cool if there was something better - memos?

  • TikTok Star Devon Rodriguez Is Now the Most Famous Artist in the World. But What About His Work? - “The case of Devon Rodriguez is more evidence for the shift in emphasis from consuming art as content, to consuming artists as content.” And: “In 2023, Rodriguez is essentially in a race to develop an audience with a more-than-superficial interest in his actual painting faster than his social-media presence is drained of goodwill through over-exploitation.” // Also, a bunch of fans apparently got angry at this. I mean, of course: the critic said the art wasn’t good enough to be art. This is what the Internet can do for us.

  • Leaving Twitter, Benedict Evans - “This is often the real challenge to tech incumbents: once the network effects are locked in, it’s very hard to get people to switch to something that’s roughly the same but 10% better - they switch to something that solves one underlying need in an entirely new way.” // I’m starting to think that the whole innovator’s dilemma is a much, much rarer occurrence/success than we assume. Instead, there are often deep-pocketed incumbents who simply make a better technology/product and/or are more successful at driving market adoption (sales and marketing that leads to purchases). Plus, sometimes, the dominant companies just get lazy.

  • Fifteen ghosts and a demon.


Talks I’ll be giving, places I’ll be, things I’ll be doing, etc.

Nov 6th to 9th VMware Explore in Barcelona, speaking (twice, and at a booth). Nov 15th DeveloperWeek Enterprise, speaking.

Discount code for KubeCon US - while I won’t be at KubeCon US this year, my work has a discount code you can use to get 20% off your tickets. The code is: KCNA23VMWEO20.


We had a great week off in Spain (Sitges, to be exact) last week. I’m not often able to completely relax and disengage from life on vacations, but this time it worked. We had a place right across the street from the beach, and we didn’t worry about spending our time wisely. So, we wisely spent our time just going to the beach each day.

I have travel for the next three weeks, including tonight. Work travel has been a huge part of my life since 2006, and I’m not really sure what my role and purpose would be otherwise. But, it’s starting to seem like something I should figure out. Got any ideas?,, @cote,,