$30 off During Our Annual Pro Sale. View Details »

Kubernetes: A Cautionary Tale (Minnebar)

Joshua Sheppard
April 27, 2019
Technology
0
100

Kubernetes: A Cautionary Tale (Minnebar)

The gap between Minikube and Kubernetes in production is vast and full of pain. Want to know what it's like to implement Kubernetes in production for the first time before you collect the bumps and bruises yourself? Join me to learn about the ups and downs of one company's initial experience - including who was involved, the scope, and what was intentionally deferred.

We will cover:
* Why even consider Kubernetes (Hint: you might not benefit from it!)
* How a real company approached their first proof-of-concept
* How goals changed during implementation of k8s
* What we learned so far
* What we still need to learn

Joshua Sheppard

April 27, 2019
Tweet

More Decks by Joshua Sheppard

See All by Joshua Sheppard
Dissecting Kubernetes - NDC Sydney 2019
joshuasheppard
0
85
Kubernetes: A Cautionary Tale - KCDC 2019
joshuasheppard
0
24
Dissecting Kubernetes (K8s) - devup 2018
joshuasheppard
0
58

Other Decks in Technology

See All in Technology
【論文紹介】 A Survey on Hallucination in Large Language Models: Principles, Taxonomy, Challenges, and Open Questions
tomoaki25
4
150
Kafka Streamsで作る10万rpsを支えるイベント駆動マイクロサービス
joker1007
7
2.3k
ROSCon 2023参加報告:Real-Time Workshop & Zenoh's Current Status and Forecast
takasehideki
1
190
RealSense T265とD415とUFACTORY Lite 6で模倣学習の実験
hygradme
0
290
Oracle Cloud Infrastructure(OCI):ご利用ガイド/Onboarding Session Part2(サポートサービスご案内)
oracle4engineer
PRO
0
2.1k
噂の Amazon Bedrock を Java から使ってみる #javado
tacck
1
120
Webアプリ開発者向け パスキー対応の始め方
ritou
3
2.6k
visionOSについてGlobeeが取り組んでいること
toshi0383
0
200
お客様、そこは秘孔です!突かないでください! HTTP/2 Rapid reset の概要と対策
murachiakira
0
130
20年以上続くサービスの 管理画面リプレイスを行いながら 技術的負債と向き合った話
radkmb
0
1.9k
機械学習システム構築実践ガイド
shibuiwilliam
0
130
VS CodeとPostmanを活用した効率的なAPI開発 / Efficient API development using VS Code and Postman
yokawasa
2
120

Featured

See All Featured
We Have a Design System, Now What?
morganepeng
41
6.4k
Fantastic passwords and where to find them - at NoRuKo
philnash
34
2.2k
Designing for humans not robots
tammielis
246
24k
A better future with KSS
kneath
230
16k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
17
1.4k
How GitHub (no longer) Works
holman
299
140k
Designing for Performance
lara
601
66k
What's new in Ruby 2.0
geeforr
336
30k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
0
250
How to Ace a Technical Interview
jacobian
272
22k
How to name files
jennybc
59
87k
Building Applications with DynamoDB
mza
87
5.3k

Transcript

  1. Kubernetes: A Cautionary Tale

    View Slide

  2. C.H. ROBINSON
    Accelerating commerce through the worlds most powerful supply chain platform

    View Slide

  3. Our people, processes, and technology improve the world's transportation and
    supply chains, delivering exceptional value to our customers and suppliers.
    OVERVIEW
    $16.6B
    in 2018 Gross 

    Revenues
    15,000+
    Employees
    Worldwide
    123K
    Active Customers
    Worldwide
    73K
    Active Carriers
    and Suppliers
    1100+
    IT Employees in
    14 Countries

    View Slide

  4. AI USE CASES
    PRESCRIPTIVE &
    PREDICTIVE
    PERSONALIZED
    FLEET
    OPTIMIZATION
    MODEL BASED
    PRICING
    MAKE
    CONNECTIONS

    View Slide

  5. View Slide

  6. Kubernetes experience?

    View Slide

  7. View Slide

  8. View Slide

  9. View Slide

  10. View Slide

  11. So what do you do?
    (A view from early 2018)

    View Slide

  12. • Why K8s? (Hint: Might not be right for you)
    • One Approach
    • How Goals Changed
    • What We Learned
    • What Remained

    View Slide

  13. Why Kubernetes (k8s)?

    View Slide

  14. Why containers?

    View Slide

  15. View Slide

  16. When do I need Kubernetes (k8s)?

    View Slide

  17. 1. Cloud Hosted (flexibility)
    2. Automation (CI/CD)
    3. Culture (people matter)
    4. Microservices
    5. Containers
    6. Orchestration (e.g. Kubernetes)
    https://container-solutions.com/when-is-the-wrong-time-to-use-kubernetes/

    View Slide

  18. View Slide

  19. View Slide

  20. Why not Swarm?

    View Slide

  21. How hard is K8s to learn?

    View Slide

  22. “It depends.” ;)
    (Not polished in late 2017)

    View Slide

  23. View Slide

  24. View Slide

  25. View Slide

  26. In 2019?

    View Slide

  27. View Slide

  28. View Slide

  29. View Slide

  30. View Slide

  31. View Slide

  32. View Slide

  33. View Slide

  34. View Slide

  35. View Slide

  36. View Slide

  37. View Slide

  38. View Slide

  39. View Slide

  40. View Slide

  41. Valuable for my team?
    – we learned a lot…
    … and apps stayed up.

    View Slide

  42. Valuable for my company?
    Definitely.

    View Slide

  43. View Slide

  44. View Slide

  45. View Slide

  46. View Slide

  47. View Slide

  48. View Slide

  49. View Slide

  50. View Slide

  51. View Slide

  52. View Slide

  53. View Slide

  54. View Slide

  55. What We Learned
    • Don’t roll your own
    • Certificates are important
    • Networking knowledge is critical
    • Secrets aren’t secret
    • Some apps don’t benefit

    View Slide

  56. Don’t Roll Your Own
    If you don’t sell k8s, don’t build it
    • ~22 Hosted solutions
    • ~28 Cloud turnkey solutions
    • ~18 On-premises turnkey solutions
    https://kubernetes.io/docs/setup/pick-right-solution/

    View Slide

  57. Certificates Are Important
    You need to “generate TLS certificates
    for the following components: etcd,
    kube-apiserver, kube-controller-
    manager, kube-scheduler, kubelet,
    and kube-proxy.”
    … And that’s before even considering your apps.

    View Slide

  58. Networking Knowledge is Critical
    “Kubernetes cluster networking is perhaps one of the most
    complex components of the Kubernetes infrastructure because
    it involves so many layers and parts (e.g., container-to-container
    networking, Pod networking, services, ingress, load balancers),
    and many users are struggling to make sense of it all.”
    - Kirill Goltsman, Supergiant

    View Slide

  59. Secrets Aren’t Secret
    • ENV vs volume mount
    • Base64 encoding in cluster
    • `kubeseal`
    • HashiCorp Vault

    View Slide

  60. Some Apps Don’t Benefit
    • Where do they scale?
    • Are they “cluster-aware”?
    • What about failed deployments?

    View Slide

  61. What Remains
    • CI/CD into K8s
    • How to get our nodes (vendor?)
    • Improved storage, external state
    • Namespaces and environments

    View Slide

  62. Multiple Environments
    • Dev == Minikube?
    • Integration == Namespace? Cluster?
    • Production == 1+ clusters?
    • Testing apps vs testing k8s upgrades

    View Slide

  63. Closing
    • Think before you k8s - do you need it?
    • Plan to learn - in stages, over time
    • People matter - especially networking folk ;)
    • Expect plans to evolve
    • Blaine? Eden Prairie?

    View Slide