CSPs, Channel, Cloud migration

MSPs Play a Key Role in Demystifying Kubernetes

Six cloud security tips

Organizations are increasingly turning to managed service providers (MSPs) to navigate the cloud-native ecosystem as app modernization initiatives accelerate and Kubernetes container orchestration matures.

As enterprise and midmarket customers modernize their application portfolios, they increasingly consider cloud-native application formats including public cloud platform-as-a-service (PaaS) as well as Kubernetes, explained Brad Parks, chief marketing officer at Morpheus Data. This move to modern application formats is also being driven by Broadcom's acquisition of VMware, Parks said, and increasing VMware costs is, in many cases, accelerating the shift from VMs to containers.

Demystifying Cloud-Native Technology

"Unfortunately, there is limited expertise in cloud-native technologies compared to the established VMware ecosystem; this skills gap and the complexity of managing change has opened up opportunities for a variety of managed service providers," Parks said. 

Bill Ledingham, CEO at Kubernetes platform provider Fairwinds, agrees.

"Kubernetes is maturing as a technology, but it’s difficult to master, and there’s still a labor shortage as far as skilled practitioners; it's often left to the operations side to set up and manage Kubernetes on an ongoing basis," Ledingham said.

While many cloud providers offer certain out-of-the-box capabilities -- like Amazon with AKS, Google's Google Kubernetes Engine, Microsoft's Azure Kubernetes Service on the cloud -- these often don't provide enough for organizations to successfully deploy their applications on top, Ledingham said.

"There’s add-ons that need to go on top in terms of further securing ingress and egress controls, monitoring, availability, patching, threat intelligence and more to turn the base level of cluster into a production grade cluster that’s operational 24/7 is where customers are turning to providers like us to help," Ledingham said.

Once More Into the (Security) Breach

Organizations especially struggle with the security aspect of containers and cloud-native architectures, Ledingham said, and look to MSPs and MSSPs to help them ensure reliability, availability and vulnerability and patch management.

"There are challenges around ongoing patches that customers need to be aware of, and they want help with assessing the relevance and size of threats and how to mitigate them, as well as making sure the clusters are staying patched," he said. As cloud-native technology is changing rapidly, it's often difficult to stay up-to-date with new versions, he added.

And there are cost and efficiency concerns, as well, as the tech is used more at scale, he said. Typically, developers and DevOps teams over-provision cloud and cloud-native resources to ensure apps and systems have more than enough resources to run. But that can get expensive, both with regard to resources and time, he said.

"The challenge becomes determining how to make the environment more cost-efficient and ensure the containers and apps are only requesting the right resources they need from the underlying infrastructure," Ledingham said. "A lot of these are over-provisioned, so MSPs and MSSPs are brought in to help with optimization – while Kubernetes is meant to be dynamic and scale horizontally, if the containers themselves are using too many resources, then there’s opportunity to help right-size them," he said.

How MSPs are Helping: Cloud-Hosted, Managed Kubernetes

It all depends on how far along customers are on their cloud-native journey and what types of services and solutions they need, Parks said. Some customers may be looking for fully cloud-hosted and managed Kubernetes, such as offerings from the major hyperscalers or from more localized sovereign cloud providers. 

"The channel can help guide customers through this choice of the best landing zone fit. We see many partners evolving to provide fully hosted managed services, in which case they can themselves provide a localized managed Kubernetes offering," Parks said.

Other customers may still want the autonomy of their own dedicated infrastructure and look to the channel to augment internal IT skills and provide a fully managed experience while also leveraging on-premises Kubernetes flavors.  These channel partners may play more of a staff augmentation role to take on the burden of on-premises Kubernetes management.

"In both cases, customers will need help with application modernization and replatforming so channel partners with these advanced skills should find ample opportunity," Parks said.

Tools for Managing Container Environments

Parks' company, Morpheus, is a unified orchestration and operations software platform that many managed service providers use to provide a wide variety of as-a-service offerings for their customers, he explained. It enables MSPs to enable multi-tenanted sharing of virtualized and containerized environments so they can assist customers with managed VMaaS in front of VMware, Nutanix, KVM, or other hypervisors as well as managed Kubernetes using its own Morpheus Kubernetes Service (MKS) or third-party Kubernetes distributions such as Red Hat OpenShift, he said.

Overall, Ledingham said, the pitch to customers is simple: Let us manage your cloud-native infrastructure and you can spend your time making those apps and services better.

"The management and monitoring of Kubernetes and cloud-native platforms is the opportunity," Ledingham said. "What we’ve seen is the need not just to manage at the Kubernetes level, but also what is added on top of that environment. That includes continuous delivery (CD) tools like Argo or Flux to monitoring like Datadog and other tools that play in those environment. If they don’t have the expertise in-house, then people are more than willing to outsource it," he said.