Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kubernetes in Startups vs Enterprise: Using Cus...

spiddy
July 19, 2018

Kubernetes in Startups vs Enterprise: Using Custom Resources to extend workflow

Kubernetes and Containers are taking over the world and it seems that is they fit in every use-case from a small startup to big bank industries. But in reality every environment is unique with it´s own peculiarities. Kubernetes is not the end-game, it´s the platform for platforms. During this talk we´ll discuss about the differences between startups and enterprises and how we can fill the gap integrating inside Kubernetes our custom workflow using Custom Resources and Operators.

We´ll do a demo of a Project entity that helps provision namespaces and grants user access to team members. CRDs are a powerful tool for Kubernetes extensibility but with great power comes great responsibility.

spiddy

July 19, 2018
Tweet

More Decks by spiddy

Other Decks in Programming

Transcript

  1. @spiddy About me Docker Captain | Google Developer Expert Docker

    BCN | Kubernetes BCN Meetup Organizer Consulting @ Harbur Cloud Solutions 2
  2. @spiddy The Container revolution is here • Decoupling of development

    / deployment environment • Standard packaging format • The Twelve-Factor App implementation • Microservice design 5
  3. @spiddy The Waterfall Model 8 “The waterfall model is a

    linear sequential (non-iterative) design approach for software development, in which progress flows in one direction downwards (like a waterfall) through the phases of conception, initiation, analysis, design, construction, testing, deployment and maintenance”
  4. @spiddy The Agile Model 13 “Agile software development describes a

    set of values and principles for software development under which requirements and solutions evolve through the collaborative effort of self-organizing cross-functional teams“
  5. @spiddy Agile Manifesto Values • Individuals and Interactions over Processes

    and Tools • Working Software over Comprehensive Documentation • Customer Collaboration over Contract Negotiation • Responding to Change over Following a Plan 14
  6. @spiddy Monolithic Architecture 18 “A software system is called "MONOLITHIC"

    if it has a monolithic architecture, in which functionally distinguishable aspects are all interwoven, rather than containing architecturally separate components.“
  7. @spiddy Monolithic Architecture Issues • Cannot scale-out individually each function

    • Cannot do easily rollback of version upgrade • Adding a function forces complete rollout • Cannot easily do A/B test of a function 26
  8. @spiddy Modern Architecture - Design Minimal Viable Product - Design

    process embraces changes - Easily Scalable Infrastructure - No Physical boundaries (Zero Trust Network) - Infrastructure as Code - Microservice-Oriented Design 28
  9. @spiddy 42 Containers can scale +/- on demand Containers are

    ephemeral by design Kubernetes orchestrates Containers
  10. @spiddy 43 Kubernetes implements Microservices Containers can scale +/- on

    demand Containers are ephemeral by design Kubernetes orchestrates Containers
  11. @spiddy 44 Microservices imply a distributed system Kubernetes implements Microservices

    Containers can scale +/- on demand Containers are ephemeral by design Kubernetes orchestrates Containers
  12. @spiddy 45 Distributed systems are intrinsically difficult Microservices imply a

    distributed system Kubernetes implements Microservices Containers can scale +/- on demand Containers are ephemeral by design
  13. @spiddy Startup environment • Start from scratch, no legacy code,

    no migration process • Small organization • Flat organization chart • Agile oriented • Microservice oriented 55
  14. @spiddy Startup too small for Kubernetes? • Kubernetes has steep

    learning curve • Kubernetes is focused on automation of CI/CD • Kubernetes is compatible with DevOps • Kubernetes is designed to provide resilience, redundancy and high availability • Kubernetes is designed to run on multiple nodes 56
  15. @spiddy Enterprise environment • Legacy code, migration process is needed

    • Big organization • Hierarchical organization chart • Waterfall oriented • Monolithic oriented 61
  16. @spiddy Kubernetes on Enterprise • Multiple clusters are needed to

    support HA on multiple datacenters • Container Images promotion process ◦ Vulnerability scanning from security team • Networking is hardened ◦ Connection to Internet is restricted/limited ◦ Network isolation per Namespace • Assets are provisioned ◦ Using LimitRanges & ResourceQuotas • Pods are hardened ◦ Using PodSecurityPolicies • Multiple teams need access to clusters ◦ Each team can manage their own resources 62
  17. @spiddy Multiple teams need access to clusters • Teams can

    create projects with their own namespaces (dev, pre, pro) • They can assign project members • They can grant rolebindings to project members 64