The Linux Foundation and Cloud Native Computing Foundation (CNCF) announced today they are collaboratively developing a Certified Kubernetes Security Specialist (CKS) certification expected to be available in November.
At the same time, the two open source consortiums announced the availability of a training course dubbed “LFS244 – Managing Kubernetes Applications with Helm.” The CNCF is an arm of The Linux Foundation.
Clyde Seepersad, senior vice president and general manager for training and certification at The Linux Foundation, says the Certified Kubernetes Security Specialist (CKS) certification will require IT professionals to be certified in Kubernetes management fundamentals as a prerequisite. The goal is to expand the amount of cybersecurity expertise IT professionals can bring to bear while also managing Kubernetes clusters, he says.
The exam for the certification covers cluster setup, cluster hardening, system hardening, microservice vulnerabilities minimization, supply chain security, monitoring, logging and runtime security.
Helm, meanwhile, has emerged as an alternative to manually configuring YAML files to deploy software on Kubernetes clusters. Most recently, the CNCF has embraced an Operator Framework for managing software on Kubernetes clusters as an incubation-level project. The degree to which IT teams will opt to rely on Helm versus Operators to manage Kubernetes environments remains to be seen. Based on technology originally developed by CoreOS, Operators for specific application use cases must be built using a variety of programming tool options.
As such, most of the introductory exposure to managing Kubernetes environments is likely to be via Helm Charts, for at least the immediate future. The $299 CNCF course will take approximately 25 to 30 hours to complete, which provides unlimited access to the course for one year, including all content and labs.
The one thing everyone can agree on is the number of IT professionals who want to be regularly exposed to YAML files is limited, notes Seepersad.
To a degree, a general lack of Kubernetes expertise is holding back adoption. Many organizations might be inclined to build and deploy microservices-based applications built using containers. However, a lack of Kubernetes skills causes many of them to limit the rate at which they can build and deploy those applications, especially in on-premises IT environments. In fact, much of the adoption of Kubernetes is on public clouds that manage the platform on behalf of organizations deploying applications.
It may take a while for IT teams to come up to speed on Kubernetes, but once they do proliferation of Kubernetes clusters tends to become rapid. A recent CNCF survey found that 81% of the IT teams that had deployed Kubernetes clusters in a production environment had more than 20 machines in their fleets. All those Kubernetes clusters also present an opportunity for IT teams to increase their skills, at a time when demand for IT expertise in the wake of the economic downturn is not as broad-based as it once was.
Naturally, much of the management of Kubernetes clusters at scale will become more automated. The only real question is to what degree that automation will be driven by systems administrators employing graphical user interfaces (GUIs) versus DevOps teams employing command-line interfaces (CLIs) and application programming interfaces (APIs).