SlideShare une entreprise Scribd logo

Kubernetes is Awesome but Complex

Nico Meisenzahl
Nico Meisenzahl

Technologie
1  sur  29
Télécharger pour lire hors ligne
Kubernetes is awesome – but… Continuous Lifecycle / Container Conf 2022
Who we are © white duck GmbH 2022 Nico Meisenzahl (Head of DevOps Consulting and Operations, Cloud Solution Architect, Azure & Developer Technologies MVP, GitLab Hero) Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl/ Philip Welz (Senior Kubernetes & DevOps Engineer, GitLab Hero, CKA, CKAD & CKS) Twitter: @philip_welz LinkedIn: https://www.linkedin.com/in/philip-welz
Agenda • Kubernetes’ mission • Kubernetes flexibility also leads to complexity • 3 things you should ask yourself • Development must be familiar with Kubernetes • Some technical pitfalls we have seen © white duck GmbH 2022
Our (white duck) focus / background • “cloud-native” • focused on cloud-only • developer-centric consulting • we heavily rely on PaaS and managed services This is the context in which we work and have expertise. © white duck GmbH 2022
KUBERNETES’ MISSION © white duck GmbH 2022
Kubernetes … • provides you with a framework to run distributed systems resiliently • takes care of scaling and failover for your application, provides deployment patterns, and more • aims to support an extremely diverse variety of workloads, including stateless, stateful workloads and batch jobs © white duck GmbH 2022
Allows you to … • fully leverage the benefits of containers • increase developer velocity • deploy applications anywhere • be cloud-agnostic • run workloads efficiently • operate cost efficient • reduce Time to Market © white duck GmbH 2022
Too good to be true? Unfortunately, all that glitters isn’t gold. Therefore, we decided to deliver this talk. © white duck GmbH 2022
KUBERNETES FLEXIBILITY ALSO LEADS TO COMPLEXITY © white duck GmbH 2022
An example • “why did you decide to use Kubernetes?” • “because everyone uses it…” • “what workload do you run?” • “we containerized our monolithic stateful application” • “we are running one container” A common dialog with potential new clients. © white duck GmbH 2022
Power but also complexity • as mentioned, Kubernetes is very flexible that also brings complexity • this power can help you to speed up • if you don’t use the power, you just end up with the complexity Sadly, we see the latter far too often! © white duck GmbH 2022
3 THINGS YOU SHOULD ASK YOURSELF © white duck GmbH 2022
3 things you should ask yourself 1. do I need Kubernetes? 2. does my workload work well with Kubernetes? 3. do I have the people power and knowledge? © white duck GmbH 2022
Do I need Kubernetes? • do you run more than one instance? • do you require advanced deployment/rollout options? • do you need to scale in/out quickly? • do you need to scale parts of your application? © white duck GmbH 2022
Does my workload work well with Kubernetes? • is your application containerized or containerizable? • did you follow “the twelve factors”? • https://12factor.net • is your application stateless or at least state aware? • are your able to scale in/out? © white duck GmbH 2022
Do I have the people power and knowledge? • operating your cluster requires a team or at least dedicated time • also, when using managed Cloud offerings! • the Kubernetes ecosystem slowed down a bit but is still fast changing • 3 releases a year with 12 month of support each • so do the managed Cloud offerings • most of them are the cloud providers most-scaling services © white duck GmbH 2022
Teams having trouble staying ahead of the curve • “I’m doing a cluster update now and then” • no dedicated team or time to maintain the cluster • not being part of the ecosystem and therefore not up-to-date This can lead to not understanding/seeing dependencies and a lot of trouble! © white duck GmbH 2022
An example • application isn’t reachable after updating a managed cluster • update also introduced an updated Ingress Controller, that enforced Ingress Class (what was mentioned in the docs) • Ingress Class was missing in all Ingress manifests • also, Cert Manager HTTP challenges stopped working • what was realized weeks later after the certificates expired • just one of many… © white duck GmbH 2022
DEVELOPMENT MUST BE FAMILIAR WITH KUBERNETES © white duck GmbH 2022
Awareness is important • not every developer needs to be a Kubernetes expert • but knowing the basics, features and patterns is important to build successful applications • a containerized/Kubernetes-based developer inner loop can • help to gain awareness and learn basics • enable teams to be able to debug production systems • unfortunately, dev teams sometimes completely rely on operations (how you shouldn’t do it) © white duck GmbH 2022
SOME TECHNICAL PITFALLS WE HAVE SEEN © white duck GmbH 2022
Challenges with databases and data services • if you believe the Internet, the database or data service is just a “helm install” away • that is true, but don’t miss Day-2 operations • you will have to think about and implement high availability, security, backup of your service as well as your storage solution • we recommend using PaaS outside the cluster (if possible) • this allows you to focus on the important things – implementing features © white duck GmbH 2022
Persistent storage with Kubernetes • you will need a dedicated team to handle this • just being a Kubernetes expert will not be enough • Database administrator • Storage administrator • Cloud engineer • can cause issues when scaling nodes • also, cluster operations can get more complex with stateful applications • think of blue/green cluster deployments © white duck GmbH 2022
The downside of (Micro-)Monolith • you can run them in Kubernetes but it’s just not great • we already talked about having the power but not using it • an example • most of the time monolith applications aren’t stateless • e.g., persisting sessions locally • you will have to invest to make them stateless or at least state- aware or rely on sticky sessions. • even if you can scale them, you can just scale your whole application • having a complex upgrade task or manual/complex configuration steps are other examples © white duck GmbH 2022
Missing Pod Disruption Budget • they are missing 99% of the time • helps you run highly available applications even when you introduce frequent voluntary disruptions • root causes might be • a newer feature (staying ahead of the curve) • not part of the “helm create” templates • that being said, it needs to be done right © white duck GmbH 2022
The importance of health probes • Kubernetes needs them to know what's going on • examples we saw • /healthz delivering an HTTP 200 – always • relying on external dependencies • same checks for liveness and readiness • another good example for “dev needs K8s awareness” • if done right, health probes can help with throttling/self- healing © white duck GmbH 2022
Kubernetes/Container Security • unfortunately, sometimes totally underrated • a good starting point include • secure application / deployment code (SAST, SBOM) • secure container images (selfcontained, distroless) • Kubernetes policies • Kubernetes Network policies • Container Runtime Security • more details: https://github.com/nmeisenzahl/hijack-kubernetes © white duck GmbH 2022
Still, … we love Kubernetes! © white duck GmbH 2022
Questions? © white duck GmbH 2022 Nico Meisenzahl (Head of DevOps Consulting and Operations, Cloud Solution Architect, Azure & Developer Technologies MVP, GitLab Hero) Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl/ Philip Welz (Senior Kubernetes & DevOps Engineer, GitLab Hero, CKA, CKAD & CKS) Twitter: @philip_welz LinkedIn: https://www.linkedin.com/in/philip-welz Slides: https://www.slideshare.net/nmeisenzahl

Recommandé

Kubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideBytemark
 
A Guide to Adopting Kubernetes
A Guide to Adopting KubernetesA Guide to Adopting Kubernetes
A Guide to Adopting KubernetesNGINX, Inc.
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Winton Winton
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes ArchitectureKnoldus Inc.
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Kubernetes
KubernetesKubernetes
KubernetesHenry He
 
Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)Akash Agrawal
 
Quick introduction to Kubernetes
Quick introduction to KubernetesQuick introduction to Kubernetes
Quick introduction to KubernetesEduardo Garcia Moyano
 

Recommandé

Kubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideBytemark
 
A Guide to Adopting Kubernetes
A Guide to Adopting KubernetesA Guide to Adopting Kubernetes
A Guide to Adopting KubernetesNGINX, Inc.
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Winton Winton
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes ArchitectureKnoldus Inc.
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Kubernetes
KubernetesKubernetes
KubernetesHenry He
 
Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)Akash Agrawal
 
Quick introduction to Kubernetes
Quick introduction to KubernetesQuick introduction to Kubernetes
Quick introduction to KubernetesEduardo Garcia Moyano
 
Service Discovery In Kubernetes
Service Discovery In KubernetesService Discovery In Kubernetes
Service Discovery In KubernetesKnoldus Inc.
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overviewGabriel Carro
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Weaveworks
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with KubernetesEastBanc Tachnologies
 
Kubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemKubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemSreenivas Makam
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes BasicsEueung Mulyana
 
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...Brian Grant
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionPeng Xiao
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security OverviewSreenivas Makam
 
Kubernetes
KubernetesKubernetes
KubernetesMeng-Ze Lee
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingSreenivas Makam
 
VMware Tanzu Service Mesh from the Developer’s Perspective
VMware Tanzu Service Mesh from the Developer’s PerspectiveVMware Tanzu Service Mesh from the Developer’s Perspective
VMware Tanzu Service Mesh from the Developer’s PerspectiveVMware Tanzu
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architectureJanakiram MSV
 
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...SlideTeam
 
Learning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNILearning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNIHungWei Chiu
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introductionSparkbit
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to KubernetesParis Apostolopoulos
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 
Kubernetes PPT.pptx
Kubernetes PPT.pptxKubernetes PPT.pptx
Kubernetes PPT.pptxssuser0cc9131
 
Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Nico Meisenzahl
 
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a WalkthroughContainer Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 

Contenu connexe

Tendances

Service Discovery In Kubernetes
Service Discovery In KubernetesService Discovery In Kubernetes
Service Discovery In KubernetesKnoldus Inc.
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overviewGabriel Carro
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Weaveworks
 
Kubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemKubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemSreenivas Makam
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...Brian Grant
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionPeng Xiao
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security OverviewSreenivas Makam
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingSreenivas Makam
 
VMware Tanzu Service Mesh from the Developer’s Perspective
VMware Tanzu Service Mesh from the Developer’s PerspectiveVMware Tanzu Service Mesh from the Developer’s Perspective
VMware Tanzu Service Mesh from the Developer’s PerspectiveVMware Tanzu
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architectureJanakiram MSV
 
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...SlideTeam
 
Learning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNILearning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNIHungWei Chiu
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introductionSparkbit
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 

Tendances (20)

Service Discovery In Kubernetes
Service Discovery In KubernetesService Discovery In Kubernetes
Service Discovery In Kubernetes
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overview
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with Kubernetes
 
Kubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemKubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystem
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security Overview
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes Networking
 
VMware Tanzu Service Mesh from the Developer’s Perspective
VMware Tanzu Service Mesh from the Developer’s PerspectiveVMware Tanzu Service Mesh from the Developer’s Perspective
VMware Tanzu Service Mesh from the Developer’s Perspective
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architecture
 
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
 
Learning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNILearning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNI
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introduction
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
Kubernetes PPT.pptx
Kubernetes PPT.pptxKubernetes PPT.pptx
Kubernetes PPT.pptx
 

Similaire à Kubernetes is Awesome but Complex

Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Nico Meisenzahl
 
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a WalkthroughContainer Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?Nico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being HackedKCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being HackedNico Meisenzahl
 
How to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being HackedHow to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being HackedNico Meisenzahl
 
Stop Caring About Kubernetes
Stop Caring About KubernetesStop Caring About Kubernetes
Stop Caring About KubernetesDavid Lewis
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughKCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & SecurityNico Meisenzahl
 
ContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack KubernetesContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack KubernetesNico Meisenzahl
 
Amazon Web Services and PaaS - Enterprise Java for the Cloud Era? - Mark Pric...
Amazon Web Services and PaaS - Enterprise Java for the Cloud Era? - Mark Pric...Amazon Web Services and PaaS - Enterprise Java for the Cloud Era? - Mark Pric...
Amazon Web Services and PaaS - Enterprise Java for the Cloud Era? - Mark Pric...jaxconf
 
10 tips for Cloud Native Security
10 tips for Cloud Native Security10 tips for Cloud Native Security
10 tips for Cloud Native SecurityKarthik Gaekwad
 
Enterprise-Wide Kubernetes Adoption - Principles, Practices and Processes
Enterprise-Wide Kubernetes Adoption - Principles, Practices and ProcessesEnterprise-Wide Kubernetes Adoption - Principles, Practices and Processes
Enterprise-Wide Kubernetes Adoption - Principles, Practices and ProcessesTurja Narayan Chaudhuri
 
Continuous Delivery with CloudBees Core
Continuous Delivery with CloudBees CoreContinuous Delivery with CloudBees Core
Continuous Delivery with CloudBees CoreBhavani Rao
 
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...Nico Meisenzahl
 
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...Nico Meisenzahl
 
ThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsBrad Williams
 
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasEffiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasNico Meisenzahl
 

Similaire à Kubernetes is Awesome but Complex (20)

Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...
 
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a WalkthroughContainer Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
 
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
 
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being HackedKCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
 
How to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being HackedHow to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being Hacked
 
Stop Caring About Kubernetes
Stop Caring About KubernetesStop Caring About Kubernetes
Stop Caring About Kubernetes
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
 
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughKCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
 
Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security
 
ContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack KubernetesContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack Kubernetes
 
Amazon Web Services and PaaS - Enterprise Java for the Cloud Era? - Mark Pric...
Amazon Web Services and PaaS - Enterprise Java for the Cloud Era? - Mark Pric...Amazon Web Services and PaaS - Enterprise Java for the Cloud Era? - Mark Pric...
Amazon Web Services and PaaS - Enterprise Java for the Cloud Era? - Mark Pric...
 
10 tips for Cloud Native Security
10 tips for Cloud Native Security10 tips for Cloud Native Security
10 tips for Cloud Native Security
 
Enterprise-Wide Kubernetes Adoption - Principles, Practices and Processes
Enterprise-Wide Kubernetes Adoption - Principles, Practices and ProcessesEnterprise-Wide Kubernetes Adoption - Principles, Practices and Processes
Enterprise-Wide Kubernetes Adoption - Principles, Practices and Processes
 
Continuous Delivery with CloudBees Core
Continuous Delivery with CloudBees CoreContinuous Delivery with CloudBees Core
Continuous Delivery with CloudBees Core
 
Kubernetes Security
Kubernetes SecurityKubernetes Security
Kubernetes Security
 
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
 
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
 
ThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.js
 
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasEffiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
 

Plus de Nico Meisenzahl

Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsCloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsNico Meisenzahl
 
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedContainer Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedNico Meisenzahl
 
Festive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networkingFestive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networkingNico Meisenzahl
 
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Nico Meisenzahl
 
azdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Clusterazdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes ClusterNico Meisenzahl
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Nico Meisenzahl
 
Continuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack KubernetesContinuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack KubernetesNico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughNico Meisenzahl
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDNico Meisenzahl
 
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureAzure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureNico Meisenzahl
 
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...Nico Meisenzahl
 
Azure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service OperatorAzure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service OperatorNico Meisenzahl
 
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!Nico Meisenzahl
 
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021Nico Meisenzahl
 
Die Evolution von Container Image Builds
Die Evolution von Container Image BuildsDie Evolution von Container Image Builds
Die Evolution von Container Image BuildsNico Meisenzahl
 
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native WayAzure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native WayNico Meisenzahl
 
DevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CDDevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CDNico Meisenzahl
 
GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...
GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...
GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...Nico Meisenzahl
 

Plus de Nico Meisenzahl (19)

Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsCloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
 
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedContainer Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
 
Festive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networkingFestive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networking
 
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
 
azdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Clusterazdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Cluster
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
 
Continuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack KubernetesContinuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack Kubernetes
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
 
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureAzure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
 
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
 
GitHub Actions 101
GitHub Actions 101GitHub Actions 101
GitHub Actions 101
 
Azure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service OperatorAzure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service Operator
 
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
 
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
 
Die Evolution von Container Image Builds
Die Evolution von Container Image BuildsDie Evolution von Container Image Builds
Die Evolution von Container Image Builds
 
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native WayAzure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
 
DevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CDDevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CD
 
GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...
GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...
GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...
 

Dernier

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Dernier (20)

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Kubernetes is Awesome but Complex

  • 1. Kubernetes is awesome – but… Continuous Lifecycle / Container Conf 2022
  • 2. Who we are © white duck GmbH 2022 Nico Meisenzahl (Head of DevOps Consulting and Operations, Cloud Solution Architect, Azure & Developer Technologies MVP, GitLab Hero) Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl/ Philip Welz (Senior Kubernetes & DevOps Engineer, GitLab Hero, CKA, CKAD & CKS) Twitter: @philip_welz LinkedIn: https://www.linkedin.com/in/philip-welz
  • 3. Agenda • Kubernetes’ mission • Kubernetes flexibility also leads to complexity • 3 things you should ask yourself • Development must be familiar with Kubernetes • Some technical pitfalls we have seen © white duck GmbH 2022
  • 4. Our (white duck) focus / background • “cloud-native” • focused on cloud-only • developer-centric consulting • we heavily rely on PaaS and managed services This is the context in which we work and have expertise. © white duck GmbH 2022
  • 6. Kubernetes … • provides you with a framework to run distributed systems resiliently • takes care of scaling and failover for your application, provides deployment patterns, and more • aims to support an extremely diverse variety of workloads, including stateless, stateful workloads and batch jobs © white duck GmbH 2022
  • 7. Allows you to … • fully leverage the benefits of containers • increase developer velocity • deploy applications anywhere • be cloud-agnostic • run workloads efficiently • operate cost efficient • reduce Time to Market © white duck GmbH 2022
  • 8. Too good to be true? Unfortunately, all that glitters isn’t gold. Therefore, we decided to deliver this talk. © white duck GmbH 2022
  • 9. KUBERNETES FLEXIBILITY ALSO LEADS TO COMPLEXITY © white duck GmbH 2022
  • 10. An example • “why did you decide to use Kubernetes?” • “because everyone uses it…” • “what workload do you run?” • “we containerized our monolithic stateful application” • “we are running one container” A common dialog with potential new clients. © white duck GmbH 2022
  • 11. Power but also complexity • as mentioned, Kubernetes is very flexible that also brings complexity • this power can help you to speed up • if you don’t use the power, you just end up with the complexity Sadly, we see the latter far too often! © white duck GmbH 2022
  • 12. 3 THINGS YOU SHOULD ASK YOURSELF © white duck GmbH 2022
  • 13. 3 things you should ask yourself 1. do I need Kubernetes? 2. does my workload work well with Kubernetes? 3. do I have the people power and knowledge? © white duck GmbH 2022
  • 14. Do I need Kubernetes? • do you run more than one instance? • do you require advanced deployment/rollout options? • do you need to scale in/out quickly? • do you need to scale parts of your application? © white duck GmbH 2022
  • 15. Does my workload work well with Kubernetes? • is your application containerized or containerizable? • did you follow “the twelve factors”? • https://12factor.net • is your application stateless or at least state aware? • are your able to scale in/out? © white duck GmbH 2022
  • 16. Do I have the people power and knowledge? • operating your cluster requires a team or at least dedicated time • also, when using managed Cloud offerings! • the Kubernetes ecosystem slowed down a bit but is still fast changing • 3 releases a year with 12 month of support each • so do the managed Cloud offerings • most of them are the cloud providers most-scaling services © white duck GmbH 2022
  • 17. Teams having trouble staying ahead of the curve • “I’m doing a cluster update now and then” • no dedicated team or time to maintain the cluster • not being part of the ecosystem and therefore not up-to-date This can lead to not understanding/seeing dependencies and a lot of trouble! © white duck GmbH 2022
  • 18. An example • application isn’t reachable after updating a managed cluster • update also introduced an updated Ingress Controller, that enforced Ingress Class (what was mentioned in the docs) • Ingress Class was missing in all Ingress manifests • also, Cert Manager HTTP challenges stopped working • what was realized weeks later after the certificates expired • just one of many… © white duck GmbH 2022
  • 19. DEVELOPMENT MUST BE FAMILIAR WITH KUBERNETES © white duck GmbH 2022
  • 20. Awareness is important • not every developer needs to be a Kubernetes expert • but knowing the basics, features and patterns is important to build successful applications • a containerized/Kubernetes-based developer inner loop can • help to gain awareness and learn basics • enable teams to be able to debug production systems • unfortunately, dev teams sometimes completely rely on operations (how you shouldn’t do it) © white duck GmbH 2022
  • 21. SOME TECHNICAL PITFALLS WE HAVE SEEN © white duck GmbH 2022
  • 22. Challenges with databases and data services • if you believe the Internet, the database or data service is just a “helm install” away • that is true, but don’t miss Day-2 operations • you will have to think about and implement high availability, security, backup of your service as well as your storage solution • we recommend using PaaS outside the cluster (if possible) • this allows you to focus on the important things – implementing features © white duck GmbH 2022
  • 23. Persistent storage with Kubernetes • you will need a dedicated team to handle this • just being a Kubernetes expert will not be enough • Database administrator • Storage administrator • Cloud engineer • can cause issues when scaling nodes • also, cluster operations can get more complex with stateful applications • think of blue/green cluster deployments © white duck GmbH 2022
  • 24. The downside of (Micro-)Monolith • you can run them in Kubernetes but it’s just not great • we already talked about having the power but not using it • an example • most of the time monolith applications aren’t stateless • e.g., persisting sessions locally • you will have to invest to make them stateless or at least state- aware or rely on sticky sessions. • even if you can scale them, you can just scale your whole application • having a complex upgrade task or manual/complex configuration steps are other examples © white duck GmbH 2022
  • 25. Missing Pod Disruption Budget • they are missing 99% of the time • helps you run highly available applications even when you introduce frequent voluntary disruptions • root causes might be • a newer feature (staying ahead of the curve) • not part of the “helm create” templates • that being said, it needs to be done right © white duck GmbH 2022
  • 26. The importance of health probes • Kubernetes needs them to know what's going on • examples we saw • /healthz delivering an HTTP 200 – always • relying on external dependencies • same checks for liveness and readiness • another good example for “dev needs K8s awareness” • if done right, health probes can help with throttling/self- healing © white duck GmbH 2022
  • 27. Kubernetes/Container Security • unfortunately, sometimes totally underrated • a good starting point include • secure application / deployment code (SAST, SBOM) • secure container images (selfcontained, distroless) • Kubernetes policies • Kubernetes Network policies • Container Runtime Security • more details: https://github.com/nmeisenzahl/hijack-kubernetes © white duck GmbH 2022
  • 28. Still, … we love Kubernetes! © white duck GmbH 2022
  • 29. Questions? © white duck GmbH 2022 Nico Meisenzahl (Head of DevOps Consulting and Operations, Cloud Solution Architect, Azure & Developer Technologies MVP, GitLab Hero) Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl/ Philip Welz (Senior Kubernetes & DevOps Engineer, GitLab Hero, CKA, CKAD & CKS) Twitter: @philip_welz LinkedIn: https://www.linkedin.com/in/philip-welz Slides: https://www.slideshare.net/nmeisenzahl