Anticipating the future of the Cloud Native world
Kubernetes and Cloud Native tools have awesome potential and an exciting future. But what exactly can we expect from this technology? Praqma’s cloud experts, including Sami Alajrami, went to KubeCon 2018 to report back all the latest.
KubeCon+CloudNativeCon is the biggest event in Europe for Kubernetes and the Cloud Native ecosystem. Three full days of announcements from all the major cloud providers, customer use cases, experience reports, and CNCF projects updates meant there was a lot of cloud news to digest. In this post, I try to make sense of it all with my list of key takeaways.
In one of the keynotes, CNCF COO, Alexis Richardson, presented the CNCF 2020 vision. While the current focus is on Security, Storage and Interfaces, the next couple of years will see a rise of “GitOps” as a new way of working that abstracts all infrastructure/cluster plumbing from the developers point of view to a “Git Push” command.
Deploying and managing your applications in Kubernetes has been made easy with the concept of Operators. Operators are installed as pods in your cluster and define and use Custom Resource Definitions (CRDs) to implement application management logic. This makes your applications Kube Native To make building operators easier, CoreOS introduced the “Operator Framework” which brings a SDK for developers and Kubernetes runtime tools to accelerate operators development.
Security is one of the areas that has had lots of CNCF attention in the past year. This resulted in projects like: SPIFFE/SPIRE, Notary/TUF and Open Policy Agent joining the CNCF. Several talks at this year’s KubeCon focused on securing Kubernetes clusters and the applications running in them. Some of the top ones included: controlling user privileges inside containers, container images scanning, making sure the cluster defaults are secure/changed to be secure, and following the best security practice recommended by the Center for Internet Security (CIS) Kubernetes guide.
The emergence of Kubernetes has led to an acceleration in the transition from monolithic applications to microservices. This trend has also witnessed increased granularity and decoupling of services which make up modern, cloud native applications. For an application comprising of hundreds or thousands of services, and can scale on demand or under load, service-to-service communication is a notable challenge. The logic for how services should communicate is typically baked into application code.
A service mesh provides a dedicated layer for service-to-service communication which is decoupled from the application code. Linkerd (an incubating level CNCF project) and Istio (an open-source Google project) are two promising implementations that were presented at KubeCon 2018.
As the number of Kubernetes clusters grows, multicluster becomes a requirement for many organizations. One approach is to have a federation API federating all other clusters’ API servers. But this API becomes a single point of failure. As a result, “Cluster Registry” emerged to maintain a list of clusters and associated metadata. CoreOS built on top of this project to offer “Tectonic Multi-cluster Registry” which syncs the cluster registry in each cluster and supports operating on applications across clusters. It’s also worth noting that Federation V2 is in the works by the Kubernetes Multicluster Special Interest Group.
Serverless has been a hot trend for the past couple of years and now apps are being architected as functions. Austen Collins from Serverless predicts) that the future will have functions everywhere. Functions will work across clouds and even on premise. To enable interoperability across multiple clouds, events (which trigger functions) need to be standardized. “CloudEvents” is a specification for describing events in a standard way.
Adopting Kubernetes requires many changes to your culture and engineering approaches. Craig Tracey, who works as a Solutions Engineer at Heptio, shared his experiences on managing Kubernetes Day 2 and beyond. This is a great talk for anyone thinking of deploying Kubernetes in any form of environment. There’s a lot of takeaways and hard-won experiences about tackling availability, authentication, authorization, and much more. Be sure to take notes!
If you have missed the conference, you can watch all the talks on Youtube.
The Praqma team at KubeCon’s social event in Tivoli
Any Dilbert CEO can doodle a cloud on a whiteboard and say: “That is where we run our software!” So what exactly is Cloud Native and why should we care?
What is Cloud Native?
Building modern systems
Helm charts lifecycle management is a manual task. Helmsman allows you to automate your Helm charts lifecycle management using declarative configuration files.
Automating Helm deployments to Kubernetes with Helmsman
How to automatically deploy Helm charts to a Kubernetes cluster
Installation and management of CI servers is a critical task for any IT team. Kubernetes and its package manager (Helm) provide an easy way to customize Jenkins installations. Let’s see how to do this and add Windows build slaves.
Deploying Jenkins on Kubernetes
A setup for working with Windows build slaves
What testing steps should you include in your Continuous Delivery pipeline? Don’t just string together existing manual processes - use simple, collaborative tools to design something better!
Pipeline - The Game that Delivers!
A new card game to design Continuous Delivery pipelines
Praqma joins the RADON project
Unlocking the Benefits of Serverless FaaS for the European Software Industry
In the Accelerate book, researchers explain several metrics which they have shown will measure the performance of a DevOps organization, and crucially, drive performance of the organization as a whole. I will explain why this is important, using an analogy with your risk of a heart attack.
Winning with DevOps and Reducing Your Risk of a Heart Attack
Clinical Trials and Software Process
Your repositories are cluttered, you’re storing irrelevant builds, and your disks are full. Luckily, you’ve come to the right place for advice. Here’s how to set up automatic cleanup.
Artifactory Retention Policies
How to set up automatic Artifactory repository cleaning
In many security and safety critical environments there can be requirements for long-term reproducibility of artifacts that are created. In this talk from NDC Tech Town, Mike Long shows how to use Docker to create binary reproducible applications from a C++ application.
Binary Reproducible Builds
How to Create Binary Reproducible Builds using Native Build Tools and Docker
In distributed architectures networking is usually taken as a given. However, when it does not function as we expect it is often hard to understand the reason. This blog post outlines some general insights into networking with more specific techniques for understanding the networking infrastructure of a Kubernetes cluster.
Debugging Kubernetes Networking
How to Find a Needle in a Virtualized Network
Choosing the perfect CI/CD tool for your project can be tricky. In this post we compare two managed CI/CD services - CircleCI and Google Cloud Build. Sami Alajrami is on hand to score our exciting CI/CD matchup.
CircleCI vs Google Cloud Build
How to choose the CI/CD tool that’s right for you
Simply aligning your IT capability with your business goals isn’t enough to grow your company. To achieve real IT-enabled growth you’ll need to build on a foundation of technical excellence and thanks to DORA that’s something you can now actually measure.
Avoiding the Agile Alignment Trap
Why a new software process won’t fix your delivery effectiveness
Setting up an on-premise highly available Kubernetes cluster comes with many challenges. Rancher can help build a production grade cluster. Watch our Certified Kubernetes Administrator Henrik Hoegh set up a cluster and test the deployment.
How to install a Kubernetes Cluster with Rancher
A video guide to setup a highly available on-premise Kubernetes Cluster
Hear about upcoming events in Scandinavia, latest tech blogs, and training in the field of Continuous Delivery and DevOps