Kubernetes as a Concrete Abstraction Layer
Kubernetes brings container orchestration to an ever-increasing range of platforms, both in the cloud and on-premises. Kubernetes and its ecosystem of tools, including package managers, network plugins, service meshes, monitoring tools, and more, go a long way toward making application stacks portable across different cloud providers and on-premises infrastructure, the cornerstone in the Holy Grail of seamless hybrid and multi-cloud deployments. However, the vision of Kubernetes as an effortless, complete abstraction layer for deploying standardized, full-stack applications across different platforms does not always hold up in the real world.
This talk will provide an overview of common issues related to deploying an application or microservices stack on multiple Kubernetes platforms, why these problems arise, and how to solve and, better yet, prevent them from arising when preparing an application for portability.
Background on the lack of consistency in Kubernetes environments:
-
Kubernetes’ release cycle
-
What the Cloud Native Computing Foundation’s Certified Kubernetes Conformance Program does and does not cover
-
Basic differences in major cloud providers’ Kubernetes offerings
-
Plugins, controllers, and more
Areas with frequent deviations in different Kubernetes environments:
-
Service ingress: supported protocols, proxied vs. direct network ingress, load balancer timeouts
-
Persistent volumes: resizeable or not, high-availability concerns, user/group ID and permissions
-
Support for Kubernetes role-based access control (RBAC), Network Policies, and other not-quite built-in Kubernetes controls
Options for solving (sometimes), mitigating (more often), and preventing portability issues:
-
Service meshes
-
Storage controllers
-
Self-managing clusters in the cloud