Changing the technology an organization works with is a bit like taking up a new sport. Your initial excitement leads you to buy the most expensive equipment you can find, leaving you soon to realize that your new tools have created a steep learning curve. Transitioning out of monolithic applications to [microservices](https://konghq.com/blog/learning-center/what-are-microservices)microservices is quite similar.
The move to containerization is one that many modern and digitally focused organizations are making every day. With new architecture come new tools, the most popular being [Kubernetes](https://konghq.com/blog/learning-center/what-is-kubernetes)Kubernetes: the go-to system for container orchestration. This open source solution aims to provide automation for the deployment, management and scaling of applications, but its [complexity out of the box](https://www.devopsdigest.com/organizations-run-into-kubernetes-challenges)complexity out of the box can create delays for the developers seeking to move their organizations forward.
Let's dive into some roadblocks to watch out for when switching to Kubernetes so that your enterprise can anticipate them and learn to use its new equipment effectively.
Just as virtual machines can lead to virtualization sprawl, in which unused or forgotten virtual machines proceed to run and waste resources in the background, container sprawl exists too. In fact, container sprawl can be an even bigger problem, since the deployment of containers occurs at a much higher frequency.
Development teams are faced with the task of creating an efficient workflow around tracking, provisioning, deploying and repairing the numerous containers populating their Kubernetes environment. One solution these teams can consider is to adopt peripheral containerization software products that aid with these tasks.
Additionally, the more containers we have, the more complex our system becomes as it grows. When we extend container sprawl to how it will impact the management of APIs, such as how users can securely and reliably access microservices. We find that while Kubernetes provides flexibility around implementation, we still run into various challenges related to supporting multiple protocols at the same time.
Ideally, we want to empower every developer to be able to navigate the protocols of each microservice as well as interpret user API requests. It becomes critical for organizations to have a strong [ API gateway](https://konghq.com/blog/learning-center/what-is-an-api-gateway) API gateway to manage all of these complexities.
The management and visualization of a team's application is one of the most important elements of a container orchestration system. Unfortunately, the default dashboard provided within Kubernetes is rarely enough for operations teams, and they frequently have to look elsewhere for additional visualization tools (ELK Stack, Grafana, Prometheus).
This issue encompasses a larger problem around Kubernetes, which is its lack of a prescribed and opinionated approach to its technology. This leads to more work for teams to find the right supplemental technology tools to fit their exact use cases. Additionally, properly integrating these tools into the Kubernetes environment is an additional challenge that a developer needs to solve in order to simplify their day to day workflow.
Our technology teams want to be able to jointly manage our Kubernetes and gateway configurations. However, Kubernetes comes with the challenge of not having native API management. This problem makes it more disorganized and risky to oversee both our APIs and services *and* our container environments, and can lead to compromising inconsistencies.
Ideally, our teams could have a simpler traffic visualization and service-to-service communication experience by dealing with fewer moving parts. We can achieve this by investing in a[ Kubernetes Ingress Controller](https://konghq.com/solutions/kubernetes-ingress) Kubernetes Ingress Controller, which grants us one cohesive Kubernetes experience.
According to the [Digital Innovation Benchmark Report](https://konghq.com/resources/digital-innovation-benchmark-2021)Digital Innovation Benchmark Report, Kubernetes security is the number-one challenge IT decision makers cite in the U.S. (49%), ahead of complexity (43%) and performance (40%). The dynamic and populated nature of containers makes the security issue a multilayered and delicate one. When compared specifically to virtual machines, containers present more nuanced security challenges.
For example, while containerization does use less resources than virtual machines given that it does not include the overhead of multiple guest operating systems, the trade-off is the loss of the isolation benefit (and therefore simpler security) that VM model provides.
The goal is to make sure that only the correct users always have the appropriate access to various technology resources within the system. Kubernetes comes with role-based access control (RBAC) as well as identity and access management (IAM), but these capabilities have been said to be difficult and time-consuming to implement. It is also possible to configure authorization to external applications, but other Kubernetes solutions, like [Red Hat OpenShift](https://docs.openshift.com)Red Hat OpenShift, prioritize authentication and authorization policies as part of their design and help reduce the time to build these capabilities.
It is also critical to think outside of just the container cluster. The traffic coming in and out of containers needs to be secure too. The problem grows as the Kubernetes environment does, and this increase in traffic can lead to security threats being missed and slow resolution times.
Teams that are writing custom authentication and authorization code for their microservices are more likely to experience data breaches due to their vulnerability. [API management solutions built with Kubernetes in mind](https://konghq.com/blog/security-plan-microservices-applications)API management solutions built with Kubernetes in mind can help resolve these issues by identifying performance and security incidents, and empowering application teams to maintain consistent security and governance across APIs and services.
Kubernetes is a powerful container orchestration tool that provides vast flexibility around its offerings. However, its trade-offs are its complexity out of the box and time-consuming build nature. The challenges around container sprawl, visibility, native and security require time investment and research from technology teams to be resolved. By considering peripheral containerization and API management products, they can spend less time solving the Kubernetes puzzle and more time efficiently using it to innovate on their applications.
**More resources:**
In part 1 of this series on Kubernetes , we discussed how companies like VMware offer the necessary tools to launch, monitor, create and destroy virtual machines. In this post, we review how - much like virtual machines - containers need to be crea
[](https://konghq.com/blog/enterprise/container-orchestration)
This is the pitch to the board and the C-suite. It must be brutally concise, focused entirely on your business outcomes, not the technology. If the first page doesn't articulate value, the strategy dies. Why? It immediately frames the initiative in
[](https://konghq.com/blog/enterprise/enterprise-api-strategy-legacy-modernization)
In today's rapidly evolving technological landscape, software teams have found themselves at the heart of business strategy. Their decisions on which technologies to invest in have become crucial, directly impacting a company's agility and ability t
[](https://konghq.com/blog/enterprise/why-your-engineers-want-to-migrate-to-kubernetes)
Open Banking is a phrase used around the world that describes a new way of engaging with banks. If we consider the 20-plus countries that have embraced the concept, they all have taken a slightly different approach than the UK, the first territory
[](https://konghq.com/blog/enterprise/commercial-open-banking)
In the Open Banking ecosystem, Kong Gateway emerges as a pivotal tool. It ensures that financial institutions can comply with stringent regulatory standards and leverage the opportunities presented by this new, data-driven landscape. This article wi
[](https://konghq.com/blog/enterprise/managing-open-banking-apis-with-kong)
Whether ordering groceries online, checking your bank balance, or tracking a delivery, APIs are behind the scenes making it all possible. They're the backbone of the digital experiences that drive our interconnected global economy. You may know that
[](https://konghq.com/blog/enterprise/the-economic-impact-of-apis)
How businesses can prepare for the real possibilities of artificial intelligence Everyone’s talking AI — or artificial intelligence. But much of that talk falls into one of two extremes: AI will fix everything or AI will ruin everything. But let’
[](https://konghq.com/blog/enterprise/ai-in-the-enterprise)