In-depth analysis of Kubernetes manifest verification tools for robust CNF deployment

Kubernetes has emerged as the leading platform for orchestrating cloud-native network functions (CNF). The description of the hardware and software architecture of systems to be deployed with Kubernetes is defined in configuration files called manifests. In order to address the errors that these manifests may contain, manifest verification tools have been developed. However, evaluating and selecting the most appropriate verification tool for a given project is a difficult task. To facilitate this evaluation process, we identified and characterized the most relevant verification capabilities, useful also in the CNF context. The selected capabilities serve as criteria for the evaluation of manifest verification tools. In total, we have identified 13 criteria, like the variety of verification types or the ability to carry out JSON Schema-based verification. The identified criteria were used to evaluate 16 of the most commonly used verification tools in the Kubernetes community. This evaluation revealed several shortcomings in the existing tools.