Here’s what I learned
loki: OSS logging tool
mizu:(https://getmizu.io) API traffic viewer for Kubernetes
k8sGitOps: FluxCD and ArgoCD are the two major ones
Tekton: CI tool
k9s: CLI tool for accessing and managing k8s resources
kaniko: a tool to build docker images on k8s cluster
kustomize: a configuration management tool which allows you to dynamically generate k8s manifests
bat: cat with syntax highlight
kns: a quick k8s Namespase switcher
At the conference, I interfaced with several people to gather their opinion on multi-cluster
kubernetes management and federation tools. They all seemed to agree that the choice on whether to use such a tool or not boils down to the requirements of your business. For example, you might choose to have multiple “self-managed” clusters per team or product or departments. However, you might also might want to manage all these clusters centrally from a management cluster, this is where federation and provisioning tools come into play.
There are various tools that fall into the
k8s management domain. Some management tools come as
SaaS, like in the case of
Spectro Cloud, while others are self-hosted like
Upbound. In the end all of these tools achieve the same thing. One tool that stood out the most in my conversations was
Crossplane which on top of trying to create and manage
k8s clusters, also tries also to abstract hyperscaler infrastructure provisioning, such as AWS RDS, somewhat overlapping with
IaC tools such as
At CD2022, I had the opportunity to learn about
Kubernetes Operators, what they are, how to implement them and how to share them or find the ones that already exist.
What are Kubernetes operators?
Operators allow an engineer to extend the functionality of the base
Kubernetes platform with custom functionality. That functionality can be anything you can think of that can be implemented in code. When you create an operator, you define its API (
CRD) and acceptable values for that APIs’ parameters. Once created and installed on your
k8s cluster, you can create a resource for your operator using the
kubectl utility. Your resource will trigger your Operator’s code which in turn implements a functionality.
How to find existing operators?
The place to share and find
Kubernetes operators is https://operatorhub.io. There you can find existing operators, which other people, or companies, share, or add the one you created. Some popular operators include the ones that abstract the creation of
Grafana. Think of them as your
Terraform modules for your
CDKallows you to define
AWS infrastructure using commonly used programming languages, such as
transpile code from one language to another, which can bridge the communication between people with different opinions. However, it’s important to note that
AWS CDK does not invoke the
AWS API directly, like
Terraform does. Instead, it creates
CloudFormation templates which in turn create the defined infrastructure. Essentially, one could think of
CDK as a generator.
Managing storage or DBs on Kubernetes clusters has always been a challenge.
Portworx has created a product which abstracts the management of storage on
Kubernetes. At CD2022 I had the opportunity to get a walkthrough on what
Portworx is at it’s core. Essentially, Portworx provides a
Kubernetes operator which extends the platform with
Custom Resource Definitions (CRDs). These
CRD allow the developer to define the type and size of storage they require. In turn the operator creates the necessary PVs and PVCs to satisfy the requirements. On top of that,
portworx provides the ability to take snapshots and backups.
Launch Darkly is a
SaaS which allows you to implement feature toggles which allow you to enable or disable some functionality. At CD2022 I had the opportunity to talk with one of the engineers and found out how LD works with a high overview. In essence, LD provides the developer with a library to include in their code. This library talks with LD’s feature toggle panel and gets the state (toggles) of the features. When a feature is toggled, the code from the library returns a string which tells the app that the feature has been turned on. It is then up to the app to interpret the feature toggle with additional functionality.
I joined a talk from Nicolas Vermande who showed us that
Kubernetes operators extract a lot of the responsibility of managing and maintaining the availability of a database from the engineer. Simply put, if you plan on running a database or a stateful workload on
kuberntes make sure there’s an operator for it which can handle all the responsibility of maintaining and upgrading that application.
An interesting concept was presented at CD22 where the authors claim that
CRD are a glue logic between our
k8s clusters and
SaaS providers. Apart from not being scalable on multiple clusters, they’re hard to trust and add unnecessary complexity. Instead of using
operators the authors presented a possible future implementation (in
Kubernetes) in which the only thing an engineer has to manage is an API resource. The resource will create and provide a URL for the
SaaS service which will be exposed and consumed by the apps running on
k8s. Essentially, the authors propose the operator logic/code to be deployed, executed and managed on the
SaaS provider and the only thing that the engineer will have to manage is the API connection resource thus simplifying the scalability of
CRD on multiple clusters.
More than often organizations, especially large enterprises, have difficulty trusting the underlying infrastructure on top of which workloads are executed. Thus adoption of public clouds stagnates. In this case, the author presented 3 possible solutions which can alleviate that anti-trust. The solutions includes the usage
MarbleRun , a tool which leverages
Intels’ SGX technology to execute the
k8s ControlPlane in a trusted environment. Not only that, the author introduced
Constellation, a tool which allows you to secure not only the
Control Plane but also the workloads which run on top of
k8s. The aforementioned tools can be used with a lift-and-shift strategy.
Contaner Days 2022 is a decent international conference and I feel that I did get in touch with current and some future developments in the space on containerized workloads.
Hamburg is the 2nd largest city (by population) in Germany and has a great public transport with lots of options for car, bike and step sharing. There are plenty of things to do during the day and night. Check out the U-boat museum, a real 1970 Russian submarine, if you’re around.
Upbound was a highly praised tool which attempts to abstract infrastructure provisioning from the engineer and make things as seamless as possible. It’s probably the tool I’m going to be exploring next.
Thanks for reading!