Streamlining Kubernetes Apps and Ops
Learn how automation and configuration best practices can help to save time and reduce risks at each stage of software delivery.
Assessing the existing infrastructure
Kubernetes provides enterprises with the flexibility to run their workloads on any platform. However, organizations looking to adopt the technology often face issues around:
- configuring the orchestrator
- managing the platform and containers
- adapting the architecture to run stateful apps
- balancing containers and managed services
Continuous integration and delivery (CI/CD) pipelines can help to alleviate these challenges, as well as:
- speed up deployments
- simplify environment management
- improve security
- reduce risks
- automate routine tasks
- enable monitoring
The choice between automated and manual operations is often determined by the maturity of a Kubernetes deployment. With several vendor distributions and a variety of supported application types, Kubernetes maturity levels can vary greatly from one organization to another.
Companies looking to determine their current stage of adoption and identify areas for improvement need to consider cluster security, high availability, platform operations, and other factors.
This article explores how to improve Kubernetes deployments by revising applications and operations, as well as incorporating best practices, using external tools, and delivering automation.
Focusing on applications
Below are some best practices for deploying applications on Kubernetes.
Setting up appropriate resource limits and requests ensures that apps always have enough memory and CPU time to run smoothly. This increases cluster stability.
Building apps on Kubernetes from the very start shortens development cycles as it becomes possible to perform testing in production-like conditions.
Externalizing configurations with ConfigMaps and Secrets enables companies to test app artifacts across multiple environments.
Automating health checks promotes stable performance and gives Kubernetes the ability to restart applications or hold network traffic when necessary.
Implementing firewalls and security policies helps to minimize the potential impact of an attack or an error.
Streamlining operations
This section contains recommendations on deploying and maintaining Kubernetes.
Scheduling optimization, proper resource allocation, and pod distribution are crucial for safe deployment and scalability.
Container image management with common vulnerabilities and exposure scanning, as well as timely security patches harden your environment.
Authentication and authorization ensure secure access to the Kubernetes API. Role-based access control and service accounts make it possible to set up permissions for the orchestrator’s users and groups.
Cluster management involves the automation of updates and scaling, ensuring high availability, as well as enabling disaster recovery and business continuity. Vendor distributions of Kubernetes often have valuable know-how on implementing such functionality. For example, the documentation for Azure Kubernetes Service—Microsoft’s managed container orchestration platform—suggests:
- using various network models and firewalls
- securing node SSH access
- dynamically provisioning storage volumes and backups
- setting up region pairs and geo-replication of container images
Using best practices and external tools
This part explores how to employ CI/CD, testing, and using external services.
Choose the right tools that help to accelerate your development cycles, for example:
- keptn to build and integrate reliable CI/CD pipelines
- Terraform to automate infrastructure provisioning
- Istio to save time on routing network traffic
Use microservices to build distributed systems with components that you can scale and manage independently.
Automate testing, especially unit, integration, performance, and smoke tests, to save time going forward.
Build a CI/CD pipeline to automate repetitive processes from the development stage to production deployment and ongoing maintenance.
Implement monitoring, logging, tracing, etc., to gain insights into your apps and platform.
Following expert recommendations
Being a major Kubernetes vendor, Microsoft also provides the following recommendations and best practices to accelerate deployments:
- use domain analysis to model microservices
- design microservices to be domain-driven
- identify the boundaries of microservices
With the distributed nature of microservices-based architecture, Microsoft recommends using CI/CD pipelines to:
- build and deploy services without impacting other ones
- test versions of new services in development environments before production deployment
- deploy a new version of a service alongside the old one
- enable advanced access control policies
- decrease deployment risks
Having an automated pipeline ensures that the production deployment remains stable even in case of errors. By following CI/CD best practices, companies can safely deploy new code without downtime and quickly roll back if issues arise.
Automation of software delivery and testing is a major part of Kubernetes maturity as it helps to accelerate releases and avoid technical debt. However, building up the necessary expertise can be costly and time-consuming. Partnering with a trusted system integrator can help organizations to accelerate the process and get the most out of their Kubernetes deployment.