Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to Make Kubernetes Rhyme with Production Readiness

tiffany jernigan
April 21, 2023
Technology
0
110

How to Make Kubernetes Rhyme with Production Readiness

https://twitter.com/maeddes
https://twitter.com/tiffanyfayj

One might naively think that to deploy a production app on Kubernetes, all one needs is a Kubernetes cluster. Indeed, before going to production, we'll need a Kubernetes cluster, and therefore, we'll need to make a few decisions: on-premises or on cloud? Managed or self-hosted?

But there is way more to it because our new cluster will almost always require a few additions before being truly production-ready. Even if we choose a state-of-the-art managed cluster from a leading cloud provider, we still need to add something to handle logging and metrics. Supporting Ingress resources or Network Policies can also require extra work; as does managing persistent volumes or inbound traffic when running on-premises.

Finally, while most of us used commands like "kubectl run" or "kubectl apply" to run our first Kubernetes containers and workloads, going to production requires a few extra tools to tailor our YAML manifests to various environments (e.g. kustomize, Helm, or Carvel), and automate its deployment (e.g. ArgoCD, Flux).

The goal of this talk is to give us a production-readiness checklist. Without being exhaustive, this checklist will bring awareness to the gap that exists between Kubernetes "cluster" and "a *production* cluster", and give solid leads about how to bridge that gap.

tiffany jernigan

April 21, 2023
Tweet

More Decks by tiffany jernigan

See All by tiffany jernigan
Coffee, Code, and Connections
tiffanyfay
0
11
Stop giving root access and start securing your Kubernetes clusters instead
tiffanyfay
0
100
Beyond cluster-admin: Getting Started with Kubernetes Users and Permissions
tiffanyfay
1
230
Cloud Native Security For The Rest Of Us
tiffanyfay
2
150
Getting Started with Kubernetes - 30min
tiffanyfay
0
450
Make_Your_Kubernetes_Clusters_Production-Ready_with_Tanzu.pdf
tiffanyfay
0
78
Getting Started with Kubernetes 2020-6-11
tiffanyfay
0
220
Dear AWS Please Run My Containers for Me
tiffanyfay
0
140
Kubernetes on AWS - Berlin
tiffanyfay
0
450

Other Decks in Technology

See All in Technology
エンジニア向け会社紹介資料
caddi_eng
14
230k
OSSコミットしてZennの課題を解決した話
dyoshikawa1993
0
150
楽しくGoを学び合う、LayerXの勉強会文化 / LayerX's study culture of having fun and learning Go together
ar_tama
2
350
AOAI Dev Day LLMシステム開発 Tips集
hirosatogamo
15
3.8k
RAGのサービスをリリースして1年3ヶ月が経ちました
segavvy
4
960
初中級者用如何使用backlog -VALE TUDOEDITION-
in0u
0
140
What is DRE? - Road to SRE NEXT@広島
chanyou0311
3
630
開発生産性をむしろ向上させる
セキュリティパートナーの作り方 / Dev Productivity Con 2024
flatt_security
0
390
エンジニアリングマネージャーはどう学んでいくのか #devsumi / How Do Engineering Managers Continue to Learn and Grow?
expajp
4
1.3k
AI研修【MIXI 24新卒技術研修】
mixi_engineers
PRO
0
130
What if...? 처음부터 다시 LLM 어플리케이션을 개발한다면
huffon
0
1k
AWSでRAGを作る法方
sonoda_mj
1
140

Featured

See All Featured
Faster Mobile Websites
deanohume
303
30k
The Invisible Side of Design
smashingmag
294
50k
Infographics Made Easy
chrislema
238
18k
Become a Pro
speakerdeck
PRO
15
4.8k
Building Better People: How to give real-time feedback that sticks.
wjessup
357
18k
Automating Front-end Workflow
addyosmani
1362
200k
Leading Effective Engineering Teams 2024
addyosmani
3
300
A designer walks into a library…
pauljervisheath
201
24k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
129
32k
Building Effective Engineering Teams - LeadDev
addyosmani
47
2.2k
Music & Morning Musume
bryan
43
5.9k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
502
140k

Transcript

  1. How to Make Kubernetes Rhyme with Prod-Readiness Tiffany Jernigan VMware

    Matthias Häußler Novatec

  2. @maeddes @tiffanyfayj Who we are Tiffany Jernigan Sr. Dev Advocate,

    VMware @tiffanyfayj Matthias Häußler Chief Technologist, Novatec @maeddes

  3. @maeddes @tiffanyfayj Why this talk?

  4. @maeddes @tiffanyfayj

  5. @maeddes @tiffanyfayj 🎉 🎉 🥰 🥰 🥳

  6. @maeddes @tiffanyfayj What is production readiness?

  7. @maeddes @tiffanyfayj 🎉 🎉 🥰 🥰 🥳

  8. @maeddes @tiffanyfayj Prod readiness in detail • Has undergone rigorous

    testing and quality assurance • Ensured it’s reliable, stable and secure • Performs optimally under expected load and traffic conditions • Adaptive to unexpected load/traffic conditions and failures • Properly documented & described • Consistently and repeatably buildable • Monitored and Observable - Ability to identify and resolve issues quickly • "Future-proofing": Being able to upgrade to patch security issues

  9. @maeddes @tiffanyfayj What does “vanilla” Kubernetes provide?

  10. @maeddes @tiffanyfayj @maeddes @tiffanyfayj

  11. @maeddes @tiffanyfayj @maeddes @tiffanyfayj

  12. @maeddes @tiffanyfayj @maeddes @tiffanyfayj

  13. @maeddes @tiffanyfayj @maeddes @tiffanyfayj

  14. @maeddes @tiffanyfayj @maeddes @tiffanyfayj

  15. @maeddes @tiffanyfayj

  16. @maeddes @tiffanyfayj

  17. @maeddes @tiffanyfayj What is “vanilla” Kubernetes missing?

  18. @maeddes @tiffanyfayj Summary

  19. @maeddes @tiffanyfayj Infrastructure

  20. @maeddes @tiffanyfayj Infrastructure

  21. @maeddes @tiffanyfayj Networking - Inbound traffic @maeddes @tiffanyfayj

  22. @maeddes @tiffanyfayj Networking - Traffic control

  23. @maeddes @tiffanyfayj Networking - Traffic control

  24. @maeddes @tiffanyfayj O11y

  25. @maeddes @tiffanyfayj O11y

  26. @maeddes @tiffanyfayj Security - API Access / RBAC

  27. @maeddes @tiffanyfayj Workloads

  28. @maeddes @tiffanyfayj Workloads

  29. @maeddes @tiffanyfayj Workloads

  30. @maeddes @tiffanyfayj Workloads

  31. @maeddes @tiffanyfayj GitSecOps

  32. @maeddes @tiffanyfayj “Summary”

  33. @maeddes @tiffanyfayj Summary

  34. @maeddes @tiffanyfayj pod logs logs observability kubelet logs control plane

    logs metrics-server metrics time series database (Prom, etc) tracing tracing ingress controller networking service mesh Gateway API network policies security secret manager PVC backups infrastructure/ backups control plane backups (if applicable) cluster autoscaler (when applicable)
  35. None

  36. @maeddes @tiffanyfayj Infrastructure

  37. @maeddes @tiffanyfayj Network

  38. @maeddes @tiffanyfayj Observability

  39. @maeddes @tiffanyfayj Security

  40. @maeddes @tiffanyfayj Workloads

  41. @maeddes @tiffanyfayj And now what?

  42. @maeddes @tiffanyfayj

  43. @maeddes @tiffanyfayj Management

  44. @maeddes @tiffanyfayj @maeddes @tiffanyfayj

  45. @maeddes @tiffanyfayj Novatec Training Environment

  46. @maeddes @tiffanyfayj

  47. @maeddes @tiffanyfayj Cloud vs On-Prem

  48. @maeddes @tiffanyfayj Managed vs Self-Hosted @maeddes @tiffanyfayj

  49. @maeddes @tiffanyfayj

  50. @maeddes @tiffanyfayj Summary • In the end there is no

    right or wrong, it is more about the decision where to invest the time and money ▪ Maintain the stack yourself -> Invest in the skill and have it in-house ▪ Have someone done it for you -> Invest in service providers • In general we recommend to use the highest abstraction possible Don’t solve problems which have already been solved! • Using and relying on a ready tested platform will let you focus more on higher abstractions -> your apps! • If there is a managed solution that suits your needs -> use it! • If you want to manage the stack yourself -> get enablement & consultancy

  51. @maeddes @tiffanyfayj Please reach out to us! Tiffany Jernigan Sr.

    Dev Advocate, VMware @tiffanyfayj Matthias Häußler Chief Technologist, Novatec @maeddes Feedback :)
  52. None

  53. @maeddes @tiffanyfayj Sponsor Shout-Out! Thank you to our Session Recording

    Sponsor: