Last week was Kubecon Europe, the premier event in the cloud native ecosystem — at 4,300 attendees it was three times larger than last years event and next year is likely to be much larger again.

There was definitely a feeling in the air that Kubernetes has broken out; the CNCF end user community not only has tech companies like Spotify and Twitter but is now extending into sectors such as finance. Goldman Sachs, Morgan Stanley, Bloomberg and Capital One are all members.

Liz Rice’s keynote even used the classic Crossing the Chasm metaphor to illustrate Kubernetes crossing over into early majority adoption.

As an engineer-turned-venture capitalist the cloud native space is hugely exciting, it represents a fundamental shift as to how technology is built and deployed, such shifts allow engineers to rethink from first-principles how problems (from service discovery to reliability to security) are solved.

Fundamental shifts are where transformational companies are built.

Kubecon holds a unique place in that it brings together everyone in the industry — from end users and vendors to the key developers of the open source products underpinning cloud native. Hence it not only provided a unique opportunity to meet founders of startups in the space but also get feel of the zeitgeist and understand where the future of cloud native lies.

Multi-cloud is real

Company after company talked about how they were using multiple cloud providers (AWS+GCP being a popular combination). Countless vendors were offering multi-cloud technologies ranging from established players like Joyent to newer upcomers such as Stackpoint, Containership and Upbound (the last announcing their Series A from GV at the event).

Amazon was notable for their light presence at the conference especially when compared to the heavy presence of Google.

Historically many companies implemented their deployment and scaling directly using AWS APIs. Increasingly Kubernetes is now taking that role enabling cloud vendors (including Digital Ocean who announced their own managed Kubernetes service at the event) to compete more effectively with Amazon.

While it could be read as Amazon not wanting to support a competitive threat to it’s platform it’s possible Amazon’s dominance in the space meant they felt a large presence unnecessary.

Security is a major concern

For end-users security seemed to be a significant issue in cloud-native. Many traditional approaches to security from firewalls and port scanners to network monitoring assume a traditional machine-based deployment model so need to be reinvented for a pod-based world.

There’s also entirely new security risks that need to be considered, from verifying that images being deployed don’t have known vulnerabilities to ensuring that containers run with the minimal privileges needed.

Google used the conference to announce gVisor in this space but it’s clear that best practices in security are still at an early stage and there’s a large opportunity for startups to build innovative solutions in this space.

Serverless is coming; but not yet ready.

I left the conference much more bullish on serverless than I entered.

FaaS is fundamentally well suited to a world that’s becoming event driven and increasingly based on computer-to-computer interactions between independent systems.

Kubecon had an entire track devoted to serverless this year with the key focus very much on fundamentals such as function composition and inter-system operability. The CNCF Serverless working group announced v0.1 of CloudEvents a vendor-independent protocol allowing for intercommunication between independent systems.

It’s very much at the innovators stage but there’s clearly huge-appetite for the benefits of serverless once the fundamentals are in place.

While the shift to Kubernetes is rewriting the fundamentals of DevOps, the shift to serverless may be an order of magnitude larger. I struggle to find an analogy because I’m not sure the engineering world has seen a change of this magnitude within the lifetime of many developers.

The shift from desktop-based software to SaaS may be the closest comparable, but even that might be inadequate to describe the fundamental impact serverless could have on how developers are going to build systems over the next few decades.