Since Kubernetes turns ten this year, I spent some time reflecting on how Kubernetes completely redefined my career. Eight years ago, I was racking servers, running Puppet (poorly), and struggling to make our service highly available using Corosync, Pacemaker, and HAProxy. Rotating certificates was a nightmare process every year and managing DNS zones manually with Bind9 was awful. (Just a note that these technologies have all continued to develop; my comments apply to my experience in 2016.) Were there other tools and methods that could have made my life better back then? Probably. Did I inherit a lot of technical debt that could have been handled better? Definitely. What we really needed was a change in how we managed large-scale workloads.
Introducing Kubernetes
Enter Kubernetes in 2014. Suddenly, cloud architecture started to make sense — there was an application programming interface (API) that defined all the autoscaling, high availability, monitoring, and automating that we had been trying to cobble together in a bunch of different ways for years. Even better, there were already open source tools that completely removed many of the DNS, certificate, and other challenges that we faced. Sure, Kubernetes opened up a whole new world of problems, but these were fun and exciting. Plus, we had a huge community of users in the Cloud Native Computing Foundation (CNCF) and beyond.
The advent of Kubernetes was perfectly timed to completely transform the way I personally understood and built infrastructure. So much has changed since those early days of Kubernetes, but I can’t imagine what the world of infrastructure would look like without this radical technology and the entire open source ecosystem built around it.
Fairwinds & Kubernetes
I joined Fairwinds (then called ReactiveOps, Inc.) as a senior Site Reliability Engineer (SRE) in May of 2018, two years into my Kubernetes journey. ReactiveOps was founded in March 2015, less than a year after Kubernetes was released on June 6, 2014.
In 2013, Docker was released as an open source tool to allow devs to build, deploy, and manage containerized apps. Containers gained traction as a way to deploy applications quickly in any environment by creating a unit (or container) of software where all the application code was packaged with all of its libraries and dependencies. Now that we had this artifact that we could easily deploy, we needed a way to manage or “orchestrate” all those containers.
Kubernetes (you may already know that the name comes from the Ancient Greek for “pilot” or helmsman” —the person who steers the ship) was started in 2013 by three engineers at Google: Craig McLuckie, Joe Beda, and Brendan Burns. They pitched the idea of building an open source container management system to bring their internal infrastructure expertise into the world of large-scale cloud computing.
Kubernetes was designed to orchestrate containers. It was actually the first project accepted into the CNCF incubator in March 2016, at which point Fairwinds SREs were already working with clients to build, deliver, and manage production-grade Kubernetes infrastructure that was fast, secure, and stable.
Some of the clients we have today have been with Fairwinds before I started, inspiring some of our open source projects and our Fairwinds Insights software, which incorporates our open source tools into the platform. We built these projects specifically for Kubernetes, both to help the Cloud Native community as a whole and to help us deliver secure and reliable K8s management for our customers. All these open source offerings were built based on common issues we encountered when managing complex Kubernetes environments:
- Polaris: policy engine that validates and remediates K8s resources and enables users to write custom policies in JSON
- Goldilocks: a utility that helps users identify a starting point for resource requests and limits
- Nova: a command line interface (CLI) users can use to find outdated or deprecated Helm charts running in a cluster
- Pluto: helps users find deprecated Kubernetes API versions in their Infrastructure as Code repositories and Helm releases
- GoNoGo: a spec users can use define and discover whether an add-on installed with Helm is safe to upgrade, reducing time required to manually review objects in a cluster
- RBAC Manager: an operator that simplifies authorization in K8s and supports declarative configuration for role-based access control (RBAC) with new custom resources
- RBAC Lookup: a CLI that allows users to easily find K8 roles and cluster roles bound to any user, service, account, or group name
- Rok8s-scripts: a framework for building GitOps workflows with Docker and K8s that can be added to CI/CD pipelines to build, push, and deploy applications using best practices
- Reckoner: uses YAML syntax to install and manage multiple Helm charts in a single file and allows users to install charts from git commit/branch/release
- Saffire: allows users to switch between multiple registries at any time to continuously scale workloads, create new nodes, and avoid single points of failure
- Gemini: a user-friendly interface built on the K8s native VolumeSnapshot API that allows for automated backups, deletes stale backups, and restores data
- Base Image Finder: scans containerized images, detects the base image currently in use, and recommends newer, less vulnerable versions to use
Managed Kubernetes-as-a-Service
Everyone talks about how complex Kubernetes is (including me) and it’s true. Part of that complexity enables organizations to deploy K8s exactly the way they want. That’s part of what makes it great —and part of what makes it hard to get started. We created the Kubernetes Maturity Model, which has now been adopted by the CNCF as the Cloud Native Maturity Model to help people start their cloud native journey and provide a framework for success.
If you just want to get started deploying to Kubernetes and focus on delivering your unique products and services, we’ve been doing that for a long time at Fairwinds. Our Managed Kubernetes-as-a-Service enables you to accelerate your time to market by providing vendor-agnostic Kubernetes management at enterprise scale. We’ve been delivering people-led services enabled with software for almost as long as Kubernetes has been available. We’ve gone through many changes in K8s as it evolves and gains traction in the market, keeping our clients’ infrastructure stable, secure, reliable, through all those changes.
Thanks Kubernetes, and happy 10th birthday! (Or as the CNCF likes to call it, KuberTENes!)
*** This is a Security Bloggers Network syndicated blog from Fairwinds | Blog authored by Andy Suderman. Read the original post at: https://www.fairwinds.com/blog/10-years-kubernetes-innovation