It's 2022 and time to predict a few things for the coming year in the cloud native ecosystem.

eBPF it is

This year we should see more adoption in the eBPF space. Although eBPF has been around for quite some time now, the technology still remains complex. In 2022 we should see more companies making use of eBPF to solve challenges. To date, there are companies already leveraging the power of this technology. Some of the tools to look out for in networking, security and observability space are:

  • Falco: Uses the eBPF probe module for kernels that support it to provide runtime security. Check out this [quick intro video] to understand the flow.

  • Parca: A continuous profiling tool that helps you save money, improve performance and understand incidents better. It uses the Parca agent which is a profiler that uses eBPF to capture the profiling data for reports. It extracts data both from the user space and the kernel space, and builds pprof profiles that can be viewed.

  • Cilium: Cilium is an open source project to provide networking, security, and observability for cloud native environments such as Kubernetes clusters and other container orchestration platforms using the power of eBPF.

  • Cilium service mesh: This project is currently in beta. Since this implementation of a service mesh uses eBPF, there won't be a need for a sidecar container as previously. That will make the service mesh implementation less complex and perform better. Check out this post on how this approach changes the traditional service mesh implementation.

  • Bumblebee: A newly-released open source project by to build, run and distribute eBPF programs using OCI images. The idea is to break down the complexity and make eBPF more accessible to developers.

More Security power

Security in the cloud native ecosystem is rising to meet the rise in the number of attacks that are happening. Significant breaches of supply chain security have continued to appear, and we will continue to see many new tools to mitigate these issues before they happen. The whole cloud native security system is evolving and we are seeing new tools and strategies for securing the complete pipeline which is termed as "DevSecOps".

Here are my views on some current Kubernetes security tools.

CNCF Security and Compliance tools

A few of the tools that will continue to evolve to meet new challenges:

  • Falco: Cloud native runtime security tool that uses eBPF to parse syscalls made by applications against rules that have been pre-defined, and alerting if anything unexpected is detected.

  • sigstore: It provides a standard way for signing and verifying software, from container images to binaries, as well as information such as release files. This verified signature can be matched against a public log, helping prevent supply chain attacks.

  • Kubescape: Kubescape is the first open-source tool for testing if Kubernetes is deployed securely according to multiple frameworks such as the NSA-CISA, MITRE ATT&CK® and more, and marks the first time that teams can test Kubernetes against multiple frameworks in one single click.

  • Tracee: Runtime Security and Forensics using eBPF that analyses events to find suspicious patterns.

I predict that we will see people focusing on security from day zero. Security will not just be "shifted left", it will be considered from the start.

Would also like to include Kubernetes policy engines that have become super important and will continue to evolve this year. Tools including Open Policy Aagent (OPA), Kyverno, jsPolicy and Kuberwarden will continue to evolve and we might also see new tools in this space. Check out my talk on various policy engines for Kubernetes.

WebAssembly (WASM)

WebAssembly has been traditionally used for extending web browsers' functionality but over time this has changed, and now WASM modules can run outside of browsers as well.

WASM modules are portable and can be run on any processor or architecture without any change. Developers can write code in a programming language of their choice.

We will see more growth of WASM in the cloud native ecosystem. There are already tools available that make it easy to use and develop WASM applications. We will also see a rise in WASM for the bare metal powering the edge.


  • WasmEdge: A powerful WASM runtime for cloud native, edge, and decentralized applications powering edge computing.

  • wasmtime: A standalone runtime for WASM that can be embedded into applications when needed.

  • Wasmer: A runtime for executing WebAssembly on a server.


  • wasmcloud: A platform to help developers write portable code that can run anywhere from edge to cloud.

  • Redpanda: A streaming platform for mission-critical workloads with WASM transform support.

  • sat: Superfast WASM edge server.

  • Atmo : It provides an easy environment to build self-contained WASM functions called "Runnables".

Container runtime and OS

Work is going on for improving runtime layers to improve isolation and OS for running Kubernetes. We can see more improvements and adoption for this. Tools to look out for in this space:

  • Sysbox: Billing itself as "the next generation runc" that can be easily installed on existing Kubernetes clusters as well. With Sysbox you can run systemd, Docker, Kubernetes, K3s etc, seamlessly & securely. Sysbox is not a virtual machine but is very close to a virtual machine by using advanced OS virtualisation techniques. In 2021 we saw an increase in the adoption of Kubernetes for VMs using KubeVirt which will continue even more in 2022, due to the benefits of being able to run Virtual Machine and containerised workload side by side. Check out this guide Kubernetes power for Virtual machines using KubeVirt for details.

  • Talos OS: It is not like a traditional OS, it is more API driven where all the system management is done via API and there is no shell or interactive console. It supports most cloud platforms, bare metal, and most virtualization platforms. Check out this stream for more information.

  • Youki looks interesting too. Where many container runtimes are written in Go, the maintainers of youki believe that Rust's memory safety and mix of low-level with useful high-level abstractions is a great option for the language of a container runtime.


GitOps simply means to consider git version control as the single source of truth, even for Kubernetes. In the past year the most well-known tools in the space including Flux, Argo, and Fleet have evolved to cater to even the most complex use cases.

The adoption continue to rise and we will see integrated platforms with GitOps enabled by default. We can also see managed Kubernetes services to have an option to just enable GitOps. For example, Rancher already has an option to enable continuous delivery using Fleet and we will see more of such platforms.

I expect to see more great stuff coming from Weaveworks for Flux in this space. The battle between Argo and Flux will be interesting to follow in 2022 with regard to adoption in production use-cases.


We will also see:

  • More Rust adoption in the cloud native space

  • Increased adoption of multi-tenancy tools like vCluster from Loft Labs and VirtualCluster from SIG multi-tenancy.

  • Infrastructures as code tools - Increase in the adoption of Pulumi, Terraform and Crossplane.

  • Serverless: OpenFaas, Fission and OpenFunction adoption will increase

  • Kubernetes is still complex when it comes to setting up and managing in production. Managed Kubernetes makes it easy for customers to get clusters up and running in less time, with less time spent on operations work, and with greater stability. In 2022 I expect we will see the adoption of managed Kubernetes services grow.

  • Multi-cloud: People will start going multi-cloud to not be be tied to a particular cloud provider, thanks to the power of Kubernetes.

  • Backup strategies: With recent well-publicised outages, organizations will also be looking into backup solutions and disaster recovery. We can see more tools evolving in this space that can help with disaster recovery seamlessly from one cloud provider to another - another case for multi-cloud preparation.

What is Civo up to in 2022?

At Civo we are going all-in for 2022 and taking the Civo Kubernetes service to the next level. Some of the exciting things coming up in the next 6 months:

  • Load balancers as a service

  • Custom sizes

  • Databases as a service (beta)

  • Teams functionality

  • Cluster autoscaling

  • Ipv4/Ipv6 dual stack

  • New regions

  • Multiple Container Networking Interface (CNI) support

  • ...and lots more!


Things are happening at an incredible speed in the cloud native space, and that speed will increase in 2022. A major focus for startups would be to focus on business problems and let the managed services abstract as much as they can reducing the operational overhead.

A few companies to look out for in terms of open source contributions of really cool stuff in 2022 are Chainguard, Loft Labs, Armo, Datree, Isovalent, Solo, Sidero Labs, and Suborbital.