To date, open-source technologies have remained an area of cooperation between the United States and the People’s Republic of China (PRC). This comes despite worsening geopolitical tensions that have impacted or even severed cooperation in other technological domains. Kubernetes, an open-source platform, presents an unusual case of cooperation. It has been widely adopted not just in commercial industries but also in sensitive areas like US military systems. It is even used in F-16 fighter jets and nuclear infrastructure. On the PRC side, tech giants like Huawei that face sanctions from the United States, are major contributors to the platform and beneficiaries of its development.
While open source offers advantages over closed source systems, its use in critical systems and by US competitors are not without risks. The presence of state-affiliated companies from the PRC in the management and built environment of Kubernetes compounds those potential problems. Given the platform’s centrality and widespread use, however, it is unlikely to be replaced by an alternative any time soon. This suggests that risks surrounding Kubernetes’s use will need to be managed carefully.
Kubernetes, often called K8s, is an open-source platform developed by Google and now managed by the Cloud Native Computing Foundation (CNCF). CNCF also holds the trademark for Kubernetes. The platform is analogous to a highly efficient orchestral conductor. It automatically configures, coordinates, and manages containers—small, isolated environments for running applications. To extend the analogy, containers are akin to individual musicians, each playing their discrete part. Kubernetes ensures that the containers all perform in harmony, whether the “orchestra” is running in the cloud, a private data center, or both (Mirantis, last accessed August 16; Google Cloud, accessed August 19). If a container fails, Kubernetes steps in and quickly replaces it without interrupting the performance. This enables applications to run reliably and efficiently across different environments, whether they are small internal apps or massive AI workloads, such as those seen in the finance, telecommunications, and healthcare industries.