Pulumi today announced updates to its software-as-a-service (SaaS) platform for configuring infrastructure for Kubernetes deployment that includes that ability to automatically convert YAML files into general-purpose languages that are easier for developers to employ.
In addition, Pulumi has made available Operator software that makes it easier to deploy its platform, added support for both the Helm 3 package manager for Kubernetes and the Spinnaker continuous delivery platform, and included open source Open Policy Agent (OPA) software to simplify addressing compliance requirements.
Pulumi CEO Joe Duffy says the open source updates to Pulumi Crosswalk for Kubernetes will enable developers to more easily configure and manage Kubernetes infrastructure using programming languages such as Python, Go, Node.js and .NET.
Duffy said rather than having to manually manipulate YAML files to configure infrastructure, Pulumi Crosswalk for Kubernetes enables developers to programmatically assume control of configuration tasks. With the rise of automated configuration tools, more developers have been managing infrastructure as code, especially when it comes to spinning up Kubernetes clusters using a set of standard application programming interfaces (APIs).
Not every IT operations team may be willing to give up control over IT infrastructure provisioning. However, Duffy notes that as organizations begin to deploy cloud-native applications on Kubernetes clusters, developers are forcing the issue. Most developers don’t want to wait for approval to employ infrastructure resources that are readily available on multiple clouds, especially if those resources are being paid for using budgets that are outside the control of a centralized IT organization.
However, a fierce debate is emerging over the level of cybersecurity skills developers are applying to configuration processes. Misconfigurations enabled by tools employed by developers are the root cause of a wide range of cloud security issues that eventually will require most organizations to embrace a set of best DevSecOps practices. The challenge will be achieving that goal without necessarily slowing down the application development and deployment process.
Of course, there are plenty of options when it comes to provisioning infrastructure as code. Centralized IT teams are not likely to prohibit using these tools because of cybersecurity concerns. Rather, increased reliance on tools to automate infrastructure configuration will lead to more use of cybersecurity tools that make it possible to verify infrastructure is configured properly.
In the meantime, the rate at which Kubernetes clusters are being spun up continues to increase. A downturn in the economy brought on by the COVID-19 pandemic may be giving some organizations cause for pause when it comes to embracing new IT platforms. However, as other organizations look to increase the rate at which more resilient and flexible microservices-based applications based on containers are deployed, reliance on Kubernetes clusters increases. The challenge now is finding the most efficient way to manage what soon will become fleets of Kubernetes clusters distributed across an increasingly extended enterprise.