Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to Make Kubernetes Rhyme with Production Readiness

How to Make Kubernetes Rhyme with Production Readiness


One might naively think that to deploy a production app on Kubernetes, all one needs is a Kubernetes cluster. Indeed, before going to production, we'll need a Kubernetes cluster, and therefore, we'll need to make a few decisions: on-premises or on cloud? Managed or self-hosted?

But there is way more to it because our new cluster will almost always require a few additions before being truly production-ready. Even if we choose a state-of-the-art managed cluster from a leading cloud provider, we still need to add something to handle logging and metrics. Supporting Ingress resources or Network Policies can also require extra work; as does managing persistent volumes or inbound traffic when running on-premises.

Finally, while most of us used commands like "kubectl run" or "kubectl apply" to run our first Kubernetes containers and workloads, going to production requires a few extra tools to tailor our YAML manifests to various environments (e.g. kustomize, Helm, or Carvel), and automate its deployment (e.g. ArgoCD, Flux).

The goal of this talk is to give us a production-readiness checklist. Without being exhaustive, this checklist will bring awareness to the gap that exists between Kubernetes "cluster" and "a *production* cluster", and give solid leads about how to bridge that gap.

tiffany jernigan

April 21, 2023

More Decks by tiffany jernigan

Other Decks in Technology


  1. @maeddes @tiffanyfayj Who we are Tiffany Jernigan Sr. Dev Advocate,

    VMware @tiffanyfayj Matthias Häußler Chief Technologist, Novatec @maeddes
  2. @maeddes @tiffanyfayj Prod readiness in detail • Has undergone rigorous

    testing and quality assurance • Ensured it’s reliable, stable and secure • Performs optimally under expected load and traffic conditions • Adaptive to unexpected load/traffic conditions and failures • Properly documented & described • Consistently and repeatably buildable • Monitored and Observable - Ability to identify and resolve issues quickly • "Future-proofing": Being able to upgrade to patch security issues
  3. @maeddes @tiffanyfayj pod logs logs observability kubelet logs control plane

    logs metrics-server metrics time series database (Prom, etc) tracing tracing ingress controller networking service mesh Gateway API network policies security secret manager PVC backups infrastructure/ backups control plane backups (if applicable) cluster autoscaler (when applicable)
  4. @maeddes @tiffanyfayj Summary • In the end there is no

    right or wrong, it is more about the decision where to invest the time and money ▪ Maintain the stack yourself -> Invest in the skill and have it in-house ▪ Have someone done it for you -> Invest in service providers • In general we recommend to use the highest abstraction possible Don’t solve problems which have already been solved! • Using and relying on a ready tested platform will let you focus more on higher abstractions -> your apps! • If there is a managed solution that suits your needs -> use it! • If you want to manage the stack yourself -> get enablement & consultancy
  5. @maeddes @tiffanyfayj Please reach out to us! Tiffany Jernigan Sr.

    Dev Advocate, VMware @tiffanyfayj Matthias Häußler Chief Technologist, Novatec @maeddes Feedback :)