Kubernetes "is now very, very boring," declared Janet Kuo, software engineer at Google, at KubeCon + CloudNativeCon North America 2018 in Seattle, Washington, on Wednesday.
Kuo, co-chair of the conference, was providing an update on the state of the open source container orchestration project. "Boring is good," she elaborated. "It means lots of companies are already using it and it just works. It's good for mainstream market users who want to focus on delivering business value instead spending their energy upgrading Kubernetes."
It wasn't always thus. When the first Kubernetes event was held back in 2015, only a few hundred people attended. The Cloud Native Computing Foundation, part of the Linux Foundation, adopted Kubernetes in 2016 and interest surged. The event this year in Seattle brought in more than 8,000 attendees.
Growing interest in the software shows up elsewhere too. According to a CNCF survey earlier this year, 58 per cent of companies are running Kubernetes in production. Among enterprises, that figure is 40 per cent.
On Tuesday, Aparna Sinha, group product manager for Kubernetes at Google, observed that Kubernetes job postings between September 2017 and September 2018 grew 230 per cent – presumably a reference to recent Indeed.com data.
Move fast and code breaks
In the early days, said Kuo, the focus among Kubernetes contributors was on moving fast and adding new features. At the time, the software was only adopted "by a few risk-oriented innovators," she said. "Thanks to their feedback and contributions, Kubernetes has been improved a lot."
Since then, the focus has shifted to scalability and user experience, she said, noting that Kubernetes 1.13.0 was released last week.
"We keep hearing more success stories from end users in how they use Kubernetes to reduce operating costs and be able to deploy and run their applications more efficiently," Kuo observed, pointing to Chick-fil-A as an example. The fast food chain has written about its use of Kubernetes in its 2000 restaurants.
Kuo credited Kubernetes adoption to the project's commitment to open standards and extensibility. "With open standards, you can be confident that you can run your workloads across different Kubernetes environments and you will have consistent behavior," she said, adding that extensibility ensures further growth can be accommodated.
Kubernetes, she said, provides both infrastructure extensibility – so you can control how the software deals with underlying systems – and API extensibility – so you can interact with and manage services in a consistent way.
Like Kubernetes, people are predictable, though often not in a good way. Later in the keynote, Liz Rice, technology evangelist at Aqua Security and conference co-chair, said, "Hands up if you've ever copied some YAML from the internet and run it in a cluster."
Predictably, hands went up, proving that people can be counted on to make bad security decisions. Rice then demonstrated how to safeguard Kubernetes clusters against insecure configuration code. Orchestration software may have become boring, but it remains complicated.
Melanie Cebula, software engineer at AirBnB, made that point when she took a turn on stage.
"What are the challenges with Kubernetes?" she mused. "The configuration and tooling are complex. ...But what I want to stress today is that these are all solvable problems."
About a year ago, she said, she helped migrate AirBnB's first critical production service to Kubernetes. Today, almost 40 per cent of them run Kubernetes.
"Our engineering team is constantly creating new products and businesses, and they need to be able to be able to spin up new services quickly and reliably," she said.
AirBnB has been transitioning from a monolithic to a microservices architecture. "We needed to scale continuous delivery horizontally," she explained. The goal was to make continuous delivery available to the company's 1000 or so engineers to they could add new services.
In Kubernetes, the configuration is declarative, she said, making it more resilient, with less maintenance burden. And efficient job scheduling, she said, helps the company save money.
Cebula offered a set of 10 takeaways for those implementing Kubernetes.
- Reduce Kubernetes boilerplate
- Standardize on environments and namespaces
- Everything about a service should be in one place in git
- Make best practices the default by generating configuration
- Create a wrapper for
- Automate common K8s workflows
- CI/CD should run the same commands that engineers run locally, in a container
- Validate configuration as part of CI/CD
- Code and configuration should be deployed with the same process
- Use custom resources and custom controller to integrate with your infrastructure
After the keynote concluded, Fernando Montenegro, a security analyst with 451 Research, observed, "The way [Cebula] showed how AirBnB builds best practices into their defaults... if we can apply the same thing to our security, we will be more secure."
Imagine how boring that would be. ®
Sponsored: Ransomware has gone nuclear