Josh Dougherty (00:00):
Welcome to a special panel discussion with a team of Redapt's experts around adopting Kubernetes. We're going to talk about the benefits and pitfalls of adopting Kubernetes, cover some use cases of what you can consider for your organization, and explore how Redapt can help organizations accelerate their adoption. I have three of Redapt's key experts on this topic. Matt Francis, senior director of storage and platforms. Hi, Matt. Good to have you.
Matt Francis (00:38):
Thank you.
Josh Dougherty (00:40):
Mike Little, the director of engineering services.
Michael Little (00:43):
Thanks for having me.
Josh Dougherty (00:45):
And Paul Welch, the senior vice president of product engineering.
Paul Welch (00:49):
Thank you.
Josh Dougherty (00:51):
Could one of you, maybe Mike, dive in and give me a high-level explanation of how someone who isn't as familiar with Kubernetes should think about it?
Michael Little (01:15):
Kubernetes is an orchestration layer for containers, and we'll unpack that a bit. But containers allow you to run your applications in a very defined environment. Kubernetes allows you to orchestrate those containers across a vast array of compute resources. So, a big pool of resources in a cluster, and Kubernetes orchestrates where those run and how they connect to each other. It’s a pretty amazing, relatively new technology that a lot of our customers are finding a great amount of value with.
Matt Francis (01:56):
Our customers are definitely adopting it, because it changes their development model. Instead of having to work on a monolithic application that has a lot of interdependencies, and whenever you try to introduce a new feature, you have to retest the entire stack, the containerization allows them to focus on individual services and only iterate the changes in those services. This means organizations are able to adopt features in their applications at a much more rapid pace.
Paul Welch (02:28):
From a business perspective, everyone's trying to deliver new apps and features faster. Kubernetes is a great platform to enable you to build and run your applications at a much faster velocity.
Josh Dougherty (02:45):
One of the key benefits of Kubernetes is that it allows us to allow someone to manage applications across multiple clouds and also inside an on-prem data center. Paul, can you talk more about that and those benefits Kubernetes provides?
Paul Welch (03:06):
Kubernetes will take all of your infrastructure resources and treat them as a pool that runs your entire application. The orchestration layer is the same software that runs, no matter which provider you're running it in, whether it's a public cloud, or in some bare metal servers in your data center. To the application team, the way they package the application, and to your SRE teams and operations teams, the way they deploy and manage the applications is the same. It gives you a consistent manageability for the process.
Matt Francis (03:48):
A lot of the power comes in, and all the services are now decoupled from each other. That also allows us to run those services in different locations and scale those services independently of each other. For instance, if you're running a web store, you may need to have more resources dedicated to the front end. At other times during the day, more resources may be required for the backend checkout service. Kubernetes has the ability to spin up and down resources on-demand, which makes it much more flexible and more adaptable to the demands being put on it.
Josh Dougherty (04:26):
I'm interested to hear how Kubernetes helps someone take that leap into an agile workflow?
Michael Little (04:52):
As you re-architect your application to take advantage of containers and Kubernetes in a much smaller service, or what's referred to as microservice architecture, the impact of a given change is much smaller, because your account service can make changes, but a payment service doesn't need to make any changes. As long as the contract between those services is met, you can make subtle changes. It allows you to be a lot more agile and have a much higher velocity, because you're making changes to your service. You're not having to test across the whole monolith of your application. You're validating the contract between services for each change. Beyond that, you don't have to worry about how they interact because that's handled by what I refer to as the contract, even though there are no lawyers involved.
Josh Dougherty (05:57):
Kubernetes can't be simple to deploy at a small scale, but how does someone think through effectively scaling up Kubernetes and doing it in a way that stays efficient?
Matt Francis (06:21):
You can get a Kubernetes cluster running in a minute, but that is definitely on a small scale. The real challenges come whenever you try to run Kubernetes at scale, not only from the operational perspective, but also security perspective. One of the current challenges is, since it is a newer technology, many times you have to be able to find the talent out in the public. This tends to be a lot more challenging than traditional virtualization architectures. Being able to find the right talent and put the right processes in place can definitely be a bit cumbersome.
Josh Dougherty (07:00):
Can one of you talk a bit more about the security challenges? Specific to security, what does someone need to be thinking about as they're adopting Kubernetes?
Paul Welch (07:15):
Security's such a big topic. In some ways, Kubernetes can be a much more secure environment. There's tooling out there to do things like scan your containers for security vulnerabilities before you deploy them. There are tools and techniques to make sure that all of your traffic is encrypted in-flight. Of course, there are all the same security technologies as for anything else in your environment, like monitoring tools.
Michael Little (07:54):
In general, Kubernetes has some challenges because it's a shared resource. Those challenges aren't really different from the containerization technologies at a basic level, but they become bigger problems as you scale. You potentially have a noisy neighbor problem if you're not dealing with resource allocation. You also have an internal network where you have to be very cognizant of how it's designed so you can isolate your workloads at the appropriate level. Mutual TLS for transport security— the nice thing, if done well, is that containers are immutable. So, the container itself shouldn't need a heavy write layer. Some of this is designed and whether it's worth it to go to the effort of doing that is often a decision that they have to make. There are some challenges around it, but there are also benefits.
Finding out if it's worth it and taking that whole view of security, such as monitoring, etc, is super important, even outside of Kubernetes. Since we're talking about Kubernetes, that's the focus here. The nice thing is that, if a container gets compromised in a well-designed environment, you can kill the container and Kubernetes can start up another one very quickly. The ability to limit impact using certain techniques is available as well.
Josh Dougherty (09:41):
All development teams and all organizations have different skill sets and different processes. What type of organization is best set up to dive into Kubernetes right away, as opposed to one that may need to do some background work? Matt, can you share what type of organization you think is ideally more ready to adopt this containerization approach?
Matt Francis (10:09):
At a high level, organizations who have already started to work on DevOps, in which their developers are able to work alongside operations for the deployment of products, and are more mature inside of DevOps, will be the ones who find the adoption of Kubernetes most advantageous and easiest.
Josh Dougherty (10:35):
If someone hasn't adopted DevOps yet, and maybe needs to do some work, how do you recommend getting the foundation in place so they can get started? What are the high-level first steps you would take?
Paul Welch (11:05):
To be able to do Kubernetes optimally, it's important to assess where you're at first, and understand where the gaps exist. It's always good to start with an application out of your portfolio that is closest to being able to be containerized and do a pilot, or proof of concept with that first. Take what you learn, and then bring that to your other app teams.
Josh Dougherty (11:41):
Anything else to add there?
Michael Little (11:45):
I think it's important to work with a partner who has done it. If you're an organization at a lower level of maturity, as far as DevOps and modern best practices, having a friend to ride along with you is great. Redapt is a great choice for that.
Josh Dougherty (12:16):
I'd love to shift to talking about a few different use cases. Let’s say that someone's wondering, "What should I do next? Where should I think of adopting first? How can this benefit my organization?" Matt, do you have a specific use case around Kubernetes adoption?
Matt Francis (12:55):
One of the use cases is a retail use case. This is a customer we worked with that has several different entities around the US in retail locations. Their main goal was to be able to deploy software to those retail locations, where there wasn't a lot of IT talent to drive all the operations inside of their store. It was really important for them to have the capability to push out the updates to the software they needed. Also, more importantly, to make sure the different versions of the applications we were running were all consistent. So, whenever one store got an update, so did another. At Redapt we have a portfolio of our different Kubernetes distributions. With this customer, we were able to help them work with one of those platforms, one that had a strong support for global consistency of application deployments.
Josh Dougherty (14:02):
Mike or Paul, are there other industries or specific applications you think are especially beneficial?
Michael Little (14:12):
It's hard to be specific, because we've worked with folks that are putting Kubernetes clusters in cars for self-driving capabilities, and that kind of stuff. There's that very small scale where the clusters are very small. That ability to push out new versions of the application in, basically, a programmatic way was super valuable.
We have other folks that, just as they're containerizing their applications and moving, and they're maybe in one cloud (because we have SaaS customers that may be for a specific customer) they need to be in a different public cloud. That ability to have a consistent deployment environment across physical or locational environments is super powerful. Matt mentioned the distributions—every public cloud has their own. There are several third party... You can always build it yourself from the open-source side. We don't necessarily recommend running that production unless you have a group of skilled folks, but the interface is consistent across all of those. If they're certified as a Kubernetes distribution, the Cloud Native Computing Foundation basically mandates that the API, the interface is identical. So your developers, your SREs, are going to have a consistent experience across clouds.
Paul Welch (15:53):
Mike mentioned that we've worked with customers to deploy very small clusters at many edge locations. I wanted to bring up that we've also worked at the other extreme. We've worked with several gaming companies. For example, massive multiplayer game backend engines, where they needed to scale dynamically to support all these millions of users coming online to play a game.
Josh Dougherty (16:26):
So it can really scale and flex up, from a very small scale all the way up to that global super complex compute process, to support something like a gaming platform. Let's shift, and talk about how an experienced partner like Redapt can help someone accelerate their process. What's the value of bringing in someone like Redapt to help out and help accelerate that adoption process?
Paul Welch (17:06):
The first value we bring is our experience. We've been working with the project since almost the beginning of Kubernetes, and we've done hundreds of implementations with customers in all sorts of environments, use cases, and industries. We bring all that experience to our customers to help them avoid the pitfalls and bring their clusters up to production-ready much faster than they could do it on their own.
Josh Dougherty (17:33):
Matt, anything to add?
Matt Francis (17:35):
As a full-capability services provider, we can really help customers across the spectrum in their journey. If customers are taking their first foray into containerization and have an older monolithic application they want us to help modernize, we are able to provide services around that. We also have the capabilities of not only helping them stand up the Kubernetes platform of their choice, but also all the ancillary services that are necessary in that ecosystem to enable it, like ID and access management, network services, source-code repositories, container registries, and CI/CD pipelines. We can give a customer the full-fledged experience of how to actually start adopting and using the platform, without them having to go through a lot of struggles on their own.
Josh Dougherty (18:28):
How do you equip the teams you're working with to be able to think better about Kubernetes? How do you work with them to help them understand best practices for deployment and management?
Michael Little (18:44):
I think we do a really good job of meeting customers where they're at and where they're coming from. We go through a process we call discovery. It's about getting to know the customer and know what their business challenges are. Then, as a collaborative effort, we can design, based on best practices, the approach they should take and help implement it. If the customer really is focused on design, but is comfortable doing the implementation, or that would like to help with the design, but is comfortable doing the implementation, we're okay with that, too. We have that ability to work at every level. If it's a customer who is just starting to think, "Hey, this Kubernetes thing sounds like it might be helpful," we can help them decide. If they've been doing it for a while and they're running into challenges, we have experts on staff to dive in, figure out where they're at, figure out the best approach going forward, and help them move there.
Josh Dougherty (20:01):
I want to thank all three of you for your time today and for coming and having this conversation. Anyone who's interested in learning more about how Kubernetes could help accelerate their own organization's technology, and how you could move forward with adopting Kubernetes, I encourage you to reach out and get in touch with Redapt.