Kubernetes Moving Forward
Kubernetes Moving Forward
Avoiding vendor lock-in while enabling cloud bursting, multi-cloud and distros are some of the things you can expect from KubeCon.
Join the DZone community and get the full member experience.Join For Free
Learn how to migrate and modernize stateless applications and run them in a Kubernetes cluster.
With KubeCon kicking off next week in Seattle, I caught up with Chakri Nelluri, Chief Architect and Founding Engineer at Diamanti to learn about key Kubernetes adoption issues he expects to be discussed.
DZone: What’s the primary reason for Kubernetes’ success, and what’s your theory for why Kubernetes won out over Mesosphere and Docker Swarm as the de facto orchestrator for containers?
Chakri: Microservices and containers have become developers’ building blocks for net-new applications in the enterprise. For any enterprise supporting these containerized workloads, you quickly get into the world of distributed computing, and the need to orchestrate clusters of servers as you move away from the old scale-up, virtual machine world. Kubernetes’ high scalability and flexibility were the key attributes that attracted its ecosystem of users and partners. It didn’t hurt that it was open source that came out of Google — and was the same technology that Google itself used. What better proof of a technology’s ability to scale to the highest possible traffic? Kubernetes did a much better job of raising developer awareness, fostering adoption and creating an open source community in the earliest days than the alternative technologies, and once it started snowballing that race was over.
Today, most organizations are looking to adopt Kubernetes as the best container orchestration option to avoid vendor lock-in. They also look to Kubernetes as a means of enabling cloud bursting when they run out of on-prem resources, or when they seek to enhance application high availability (HA). Also, most Kubernetes users are looking to move away from VMs where possible, in order to improve workload density and resource utilization, along with reducing operating and licensing costs.
DZone: From your point of view, what are the toughest aspects of Kubernetes adoption?
Chakri: Kubernetes is a deep platform with a wide spread of features. There is a steep learning curve, and infrastructure teams are compelled to relearn how pods need to be networked, how they leverage storage, and how they need to be debugged. All the helper tools they have been using will no longer work in Kubernetes environments, and it becomes very challenging to adapt. And the ops tools — like capacity planning and self-service — are still being developed in Kubernetes ecosystems. For all the advantages that containers on bare metal have over virtual machines, the ops tooling around containers is still very nascent compared to virtual machines.
DZone: Have you seen any specific areas of Kubernetes evolve over the last three years? What’s easier today than it was? What is trending in a more operator-friendly direction?
I would say almost all of the Kubernetes platform is now second-generation. One of the bigger differences I have seen is the goal to make Kubernetes more similar to the Linux Kernel and offer vendors the flexibility to create their own distributions and value additions on top of it, without requiring changes to the core Kubernetes functionality. Stateful sets, multi-cluster configuration, and ISTIO have also made tremendous progress. At the same time, the ecosystem has expanded tenfold.
What is generally misunderstood about Kubernetes in advance of adoption? What kinds of things do enterprises learn along the way when adopting Kubernetes? What advice can you give in advance that would help a would-be K8’s production project anticipate some key requirements or considerations?
Chakri: I have seen some users underestimate the challenge of Kubernetes cluster management. To begin with, getting the right cluster set up — along with RBAC — is not straightforward. Even if you do get it right, "Day Two" problems like backup, auditing, upgrades, etc. still have to be dealt with. Also, most of the ecosystem is based on open source tools — some of which are getting phased out and replaced by newer tools. Typically, organizations have limited internal resources to adapt quickly enough to such a fast-changing ecosystem.
I have also seen organizations assume that open source software is completely free. They fail to recognize that there are actual support costs for open source solutions like nginx, Jenkins, Elasticsearch, etc. Any enterprise-specific features within open-source offerings, such as RBAC in Elasticsearch, is associated with commercial support.
I always advise enterprise IT teams to carefully determine whether or not it is feasible for them to do everything themselves. Typically, Kubernetes does not give any value add to their product offering and is usually a means to deliver their software and doesn’t justify the effort and cost put to do everything by themselves. There are many commercial providers of Kubernetes distributions which solve almost all of the heavy lifting users are saddled with at the outset of building a Kubernetes environment. I really like the analogy of comparing Kubernetes distributions with Linux distributions. You don’t want to spend your efforts on building your own distribution; rather, you want to start by using an existing distro to enable the applications which will further your business goals.
With KubeCon coming up next week, what do you predict are likely to be some of the key Kubernetes-related trends that will be discussed?
One key conversation I think will be Kubernetes distributions. Kubernetes has evolved as the new data center OS kernel and Kubernetes service providers are coming out with their value-adds on top of it and delivering to customers as a distribution. This has become the new norm for offering Kubernetes services to new customers.
I think this year’s KubeCon will see a lot of excitement around Istio — it addresses most of the open questions users have about the security and identity of the services running on Kubernetes clusters. It provides each service an identity and at the same time adds hard security policies to prevent attacks like man-in-the-middle. It’s a key piece of technology in the Kubernetes stack, and there’s a ton of interest in Istio right now.
And I think a third major Kubernetes conversation at KubeCon will be multi-cloud support: multi-cloud and cloud burst have become the primary motivating factor for many companies to adapt Kubernetes. There’s a lot of interest in Kubernetes improvements in multi-cloud support and cluster registry support that is bringing this to reality.
Opinions expressed by DZone contributors are their own.