SlideShare a Scribd company logo

Effectiveness tips from Kubernetes trenches by Captain Obvious

Mikalai Alimenkou
Mikalai Alimenkou

Nowadays almost everybody knows about Kubernetes, some teams are using it and some are only dreaming about it. Despite the popularity, Kubernetes is not simple and there are so many ways of abuse this peaceful technology. In this talk I would like to present quite obvious set of tips, based on failures and ineffectiveness at different companies I have worked with during last several years.

Technology
1 of 34
Effectiveness tips from K8S trenches by Captain Obvious Mikalai Alimenkou @xpinjection https://t.me/xpinjection_channel https://xpinjection.com
Telegram channel https://t.me/xpinjection_channel
Disclaimer This talk is based on personal experience
K8S is an orchestration flagman
Everything is so simple…
But reality is not always the same
Feel the difference Deploy single microservice to Kubernetes Deploy and maintain production workload to Kubernetes
All tips are really obvious
#1. Don’t start with K8S ;)
Focus on business first Don’t invest into complex infrastructure from start Use PaaS cloud solutions if possible “Buy” more time for business focus Containerize your services for flexibility Experiment with K8S on local dev environments
#2. Develop Cloud Native services
Use best practices and enablers Choose Cloud Native platform if possible Follow best practices for 12+ factor applications Use available enablers and libraries Focus on the most important aspects: - flexible configuration; - full observability; - stateless. You could migrate anywhere later
#3. Avoid K8S maintenance
Delegate complexity Build on managed K8S where possible Try K8S wrappers instead of vanilla K8S Use public Helm charts for dependencies Try public K8S operators to delegate maintenance for dependencies as well Use service mesh if don’t want to rely on developers level and use cross-language microservices
#4. Switch to declarative mindset
Forget imperative habits from the past All K8S resources are just declarations OK response on API call means resource is accepted Avoid imperative commands for all types of action Deployment may fail even at container level Use extended monitoring to control actual state of the cluster Log kubernetes.io/change-cause for deployment traceability
#5. Don’t be hype-driven maniacs NO ROOM FOR LEGACY!
Keep you platform as simple as possible Service mesh is great but not for everybody Every new component increases maintenance cost Start with plain K8S manifests Use templating and customization if more flexibility is required Switch to Helm only in complex cases
#6. Define clear roles/responsibilities
Establish clear DevOps boundaries Infrastructure engineers responsible for low level infrastructure (cloud, bare metal, mixed) Dedicated K8S engineers responsible for K8S platform Developers responsible for their services deployment, configuration and support SRE engineers responsible for SRE practices and toolset establishment
More balanced development
#7. Implement business health checks
Don’t be lazy developer Don’t rely on simple HTTP ping Distinguish liveness and readiness probes Be careful with returned HTTP status Add business context to liveness and readiness probes Implement and configure graceful shutdown where possible
#8. Simplify dev environments
Provide environments for all needs Share data storages between environments if possible Make environment lightweight to use everywhere (feature branches, pull requests, CI builds, dev/qa/demo) Share the same K8S cluster with isolated namespaces Use node level cache for quick start Automate environment setup for developers Use CD tools like scaffold for development speed
#9. Don’t forget about limits
Defaults bring hidden issues Define RAM/CPU requirements for all services Limit resources usage per namespace Be careful with default network policy Complex network setup requires special skills Pay attention to security guidelines Apply strict access policies Use dedicated clusters for isolated environments
#10. Not all nodes are equal
K8S is not about “commodity hardware” Use labels for nodes to control deployment specifics (storage type, node size, CPU capacity, etc.) Carefully choose node size, taking into account all sidecar containers and daemon sets Save money on spot instances for dev environments Don’t forget about latency and volume speed for data storages Use node level caches to speed up deployments
Summary and take aways K8S is great orchestration tool, but not given for free Containerized Cloud Native services run everywhere New roles needed to set proper DevOps boundaries K8S ecosystem is hype-driven and growing very quickly Environment should be really easy to start Everything is still working on hardware Pay special attention to security and network
@xpinjection https://xpinjection.com https://t.me/xpinjection_channel

Recommended

Ride the database in JUnit tests with Database Rider
Ride the database in JUnit tests with Database RiderRide the database in JUnit tests with Database Rider
Ride the database in JUnit tests with Database Rider
Mikalai Alimenkou
 
Modern CI/CD in the microservices world with Kubernetes
Modern CI/CD in the microservices world with KubernetesModern CI/CD in the microservices world with Kubernetes
Modern CI/CD in the microservices world with Kubernetes
Mikalai Alimenkou
 
Bro, manage test data like a pro! [QA Fest 2018]
Bro, manage test data like a pro! [QA Fest 2018]Bro, manage test data like a pro! [QA Fest 2018]
Bro, manage test data like a pro! [QA Fest 2018]
Mikalai Alimenkou
 
Leveraging the Cloud for Continuous Delivery while Protecting your IP
Leveraging the Cloud for Continuous Delivery while Protecting your IPLeveraging the Cloud for Continuous Delivery while Protecting your IP
Leveraging the Cloud for Continuous Delivery while Protecting your IP
Perforce
 
How To Build Kubernetes Policies To Ensure Compliance for Databases.pptx
How To Build Kubernetes Policies To Ensure Compliance for Databases.pptxHow To Build Kubernetes Policies To Ensure Compliance for Databases.pptx
How To Build Kubernetes Policies To Ensure Compliance for Databases.pptx
LibbySchulze
 
Fundamental Spring Boot: Keep it Simple, Get it Right, Be Productive and Have...
Fundamental Spring Boot: Keep it Simple, Get it Right, Be Productive and Have...Fundamental Spring Boot: Keep it Simple, Get it Right, Be Productive and Have...
Fundamental Spring Boot: Keep it Simple, Get it Right, Be Productive and Have...
VMware Tanzu
 
Webinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins PlatformWebinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins Platform
Kiratech
 
App sec in the time of docker containers
App sec in the time of docker containersApp sec in the time of docker containers
App sec in the time of docker containers
Akash Mahajan
 

Recommended

Ride the database in JUnit tests with Database Rider
Ride the database in JUnit tests with Database RiderRide the database in JUnit tests with Database Rider
Ride the database in JUnit tests with Database Rider
Mikalai Alimenkou
 
Modern CI/CD in the microservices world with Kubernetes
Modern CI/CD in the microservices world with KubernetesModern CI/CD in the microservices world with Kubernetes
Modern CI/CD in the microservices world with Kubernetes
Mikalai Alimenkou
 
Bro, manage test data like a pro! [QA Fest 2018]
Bro, manage test data like a pro! [QA Fest 2018]Bro, manage test data like a pro! [QA Fest 2018]
Bro, manage test data like a pro! [QA Fest 2018]
Mikalai Alimenkou
 
Leveraging the Cloud for Continuous Delivery while Protecting your IP
Leveraging the Cloud for Continuous Delivery while Protecting your IPLeveraging the Cloud for Continuous Delivery while Protecting your IP
Leveraging the Cloud for Continuous Delivery while Protecting your IP
Perforce
 
How To Build Kubernetes Policies To Ensure Compliance for Databases.pptx
How To Build Kubernetes Policies To Ensure Compliance for Databases.pptxHow To Build Kubernetes Policies To Ensure Compliance for Databases.pptx
How To Build Kubernetes Policies To Ensure Compliance for Databases.pptx
LibbySchulze
 
Fundamental Spring Boot: Keep it Simple, Get it Right, Be Productive and Have...
Fundamental Spring Boot: Keep it Simple, Get it Right, Be Productive and Have...Fundamental Spring Boot: Keep it Simple, Get it Right, Be Productive and Have...
Fundamental Spring Boot: Keep it Simple, Get it Right, Be Productive and Have...
VMware Tanzu
 
Webinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins PlatformWebinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins Platform
Kiratech
 
App sec in the time of docker containers
App sec in the time of docker containersApp sec in the time of docker containers
App sec in the time of docker containers
Akash Mahajan
 
Using csi snapshot.pptx
Using csi snapshot.pptxUsing csi snapshot.pptx
Using csi snapshot.pptx
LibbySchulze
 
A practical introduction to observability
A practical introduction to observabilityA practical introduction to observability
A practical introduction to observability
Nikolay Stoitsev
 
Rebuilding Legacy Apps with Domain-Driven Design - Lessons learned
Rebuilding Legacy Apps with Domain-Driven Design - Lessons learnedRebuilding Legacy Apps with Domain-Driven Design - Lessons learned
Rebuilding Legacy Apps with Domain-Driven Design - Lessons learned
Kacper Gunia
 
Redefining cloud native debugging
Redefining cloud native debugging Redefining cloud native debugging
Redefining cloud native debugging
LibbySchulze
 
DevSecCon Lightning 2021- Container defaults are a hackers best friend
DevSecCon Lightning 2021- Container defaults are a hackers best friendDevSecCon Lightning 2021- Container defaults are a hackers best friend
DevSecCon Lightning 2021- Container defaults are a hackers best friend
Eric Smalling
 
Choosing the right storage for stateful workloads on Kubernetes
Choosing the right storage for stateful workloads on KubernetesChoosing the right storage for stateful workloads on Kubernetes
Choosing the right storage for stateful workloads on Kubernetes
LibbySchulze
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CD
Nebulaworks
 
Infrastructure as Code principles and practices
Infrastructure as Code principles and practicesInfrastructure as Code principles and practices
Infrastructure as Code principles and practices
OpenSense Labs
 
Hexagonal architecture for java applications
Hexagonal architecture for java applicationsHexagonal architecture for java applications
Hexagonal architecture for java applications
Fabricio Epaminondas
 
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
Daniel Bryant
 
Collaborating with OpenDaylight for a Network-Enabled Cloud
Collaborating with OpenDaylight for a Network-Enabled CloudCollaborating with OpenDaylight for a Network-Enabled Cloud
Collaborating with OpenDaylight for a Network-Enabled Cloud
Tesora
 
Breaking tradition the future of package management with kubernetes
Breaking tradition the future of package management with kubernetesBreaking tradition the future of package management with kubernetes
Breaking tradition the future of package management with kubernetes
LibbySchulze
 
Launch .NET Applications in the Cloud
Launch .NET Applications in the CloudLaunch .NET Applications in the Cloud
Launch .NET Applications in the Cloud
RightScale
 
Python Web Conference 2022 - Why should devs care about container security.pdf
Python Web Conference 2022 - Why should devs care about container security.pdfPython Web Conference 2022 - Why should devs care about container security.pdf
Python Web Conference 2022 - Why should devs care about container security.pdf
Eric Smalling
 
(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp
(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp
(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp
Priyanka Aash
 
Open source cloud native security with threat mapper
Open source cloud native security with threat mapperOpen source cloud native security with threat mapper
Open source cloud native security with threat mapper
LibbySchulze
 
Introduction to developing modern web apps
Introduction to developing modern web appsIntroduction to developing modern web apps
Introduction to developing modern web apps
Fabricio Epaminondas
 
ADDO Open Source Observability Tools
ADDO Open Source Observability Tools ADDO Open Source Observability Tools
ADDO Open Source Observability Tools
Mickey Boxell
 
Continuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchainContinuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchain
Serena Software
 
Webinar: How and Why to Containerize Your Legacy Applications
Webinar: How and Why to Containerize Your Legacy ApplicationsWebinar: How and Why to Containerize Your Legacy Applications
Webinar: How and Why to Containerize Your Legacy Applications
Storage Switzerland
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 
9 ways to consume kubernetes on open stack in 15 mins (k8s meetup)
9 ways to consume kubernetes on open stack in 15 mins (k8s meetup)9 ways to consume kubernetes on open stack in 15 mins (k8s meetup)
9 ways to consume kubernetes on open stack in 15 mins (k8s meetup)
Stacy Véronneau
 

More Related Content

What's hot

A practical introduction to observability
A practical introduction to observabilityA practical introduction to observability
A practical introduction to observability
Nikolay Stoitsev
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CD
Nebulaworks
 
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
Daniel Bryant
 
Launch .NET Applications in the Cloud
Launch .NET Applications in the CloudLaunch .NET Applications in the Cloud
Launch .NET Applications in the Cloud
RightScale
 
Python Web Conference 2022 - Why should devs care about container security.pdf
Python Web Conference 2022 - Why should devs care about container security.pdfPython Web Conference 2022 - Why should devs care about container security.pdf
Python Web Conference 2022 - Why should devs care about container security.pdf
Eric Smalling
 
Continuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchainContinuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchain
Serena Software
 

What's hot (20)

Using csi snapshot.pptx
Using csi snapshot.pptxUsing csi snapshot.pptx
Using csi snapshot.pptx
 
A practical introduction to observability
A practical introduction to observabilityA practical introduction to observability
A practical introduction to observability
 
Rebuilding Legacy Apps with Domain-Driven Design - Lessons learned
Rebuilding Legacy Apps with Domain-Driven Design - Lessons learnedRebuilding Legacy Apps with Domain-Driven Design - Lessons learned
Rebuilding Legacy Apps with Domain-Driven Design - Lessons learned
 
Redefining cloud native debugging
Redefining cloud native debugging Redefining cloud native debugging
Redefining cloud native debugging
 
DevSecCon Lightning 2021- Container defaults are a hackers best friend
DevSecCon Lightning 2021- Container defaults are a hackers best friendDevSecCon Lightning 2021- Container defaults are a hackers best friend
DevSecCon Lightning 2021- Container defaults are a hackers best friend
 
Choosing the right storage for stateful workloads on Kubernetes
Choosing the right storage for stateful workloads on KubernetesChoosing the right storage for stateful workloads on Kubernetes
Choosing the right storage for stateful workloads on Kubernetes
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CD
 
Infrastructure as Code principles and practices
Infrastructure as Code principles and practicesInfrastructure as Code principles and practices
Infrastructure as Code principles and practices
 
Hexagonal architecture for java applications
Hexagonal architecture for java applicationsHexagonal architecture for java applications
Hexagonal architecture for java applications
 
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
 
Collaborating with OpenDaylight for a Network-Enabled Cloud
Collaborating with OpenDaylight for a Network-Enabled CloudCollaborating with OpenDaylight for a Network-Enabled Cloud
Collaborating with OpenDaylight for a Network-Enabled Cloud
 
Breaking tradition the future of package management with kubernetes
Breaking tradition the future of package management with kubernetesBreaking tradition the future of package management with kubernetes
Breaking tradition the future of package management with kubernetes
 
Launch .NET Applications in the Cloud
Launch .NET Applications in the CloudLaunch .NET Applications in the Cloud
Launch .NET Applications in the Cloud
 
Python Web Conference 2022 - Why should devs care about container security.pdf
Python Web Conference 2022 - Why should devs care about container security.pdfPython Web Conference 2022 - Why should devs care about container security.pdf
Python Web Conference 2022 - Why should devs care about container security.pdf
 
(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp
(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp
(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp
 
Open source cloud native security with threat mapper
Open source cloud native security with threat mapperOpen source cloud native security with threat mapper
Open source cloud native security with threat mapper
 
Introduction to developing modern web apps
Introduction to developing modern web appsIntroduction to developing modern web apps
Introduction to developing modern web apps
 
ADDO Open Source Observability Tools
ADDO Open Source Observability Tools ADDO Open Source Observability Tools
ADDO Open Source Observability Tools
 
Continuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchainContinuous Delivery series: How to automate your infrastructure toolchain
Continuous Delivery series: How to automate your infrastructure toolchain
 
Webinar: How and Why to Containerize Your Legacy Applications
Webinar: How and Why to Containerize Your Legacy ApplicationsWebinar: How and Why to Containerize Your Legacy Applications
Webinar: How and Why to Containerize Your Legacy Applications
 

Similar to Effectiveness tips from Kubernetes trenches by Captain Obvious

Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 
Data Agility for Devops - OSI 2018
Data Agility for Devops - OSI 2018Data Agility for Devops - OSI 2018
Data Agility for Devops - OSI 2018
OpenEBS
 

Similar to Effectiveness tips from Kubernetes trenches by Captain Obvious (20)

Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
 
9 ways to consume kubernetes on open stack in 15 mins (k8s meetup)
9 ways to consume kubernetes on open stack in 15 mins (k8s meetup)9 ways to consume kubernetes on open stack in 15 mins (k8s meetup)
9 ways to consume kubernetes on open stack in 15 mins (k8s meetup)
 
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
 
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
 
Running Kubernetes in Kubernetes
Running Kubernetes in KubernetesRunning Kubernetes in Kubernetes
Running Kubernetes in Kubernetes
 
ThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.js
 
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudPSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
 
Highly available nodejs
Highly available nodejsHighly available nodejs
Highly available nodejs
 
J2EE Performance And Scalability Bp
J2EE Performance And Scalability BpJ2EE Performance And Scalability Bp
J2EE Performance And Scalability Bp
 
Deploying OpenStack Services with Linux Containers - Brisbane OpenStack Meetu...
Deploying OpenStack Services with Linux Containers - Brisbane OpenStack Meetu...Deploying OpenStack Services with Linux Containers - Brisbane OpenStack Meetu...
Deploying OpenStack Services with Linux Containers - Brisbane OpenStack Meetu...
 
Data Agility for Devops - OSI 2018
Data Agility for Devops - OSI 2018Data Agility for Devops - OSI 2018
Data Agility for Devops - OSI 2018
 
DelEx Conference: Jenkins+Terragrunt+Terraform eco-system
DelEx Conference: Jenkins+Terragrunt+Terraform eco-systemDelEx Conference: Jenkins+Terragrunt+Terraform eco-system
DelEx Conference: Jenkins+Terragrunt+Terraform eco-system
 
Cloud Native Dünyada CI/CD
Cloud Native Dünyada CI/CDCloud Native Dünyada CI/CD
Cloud Native Dünyada CI/CD
 
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
 
Kubernetes solutions
Kubernetes solutionsKubernetes solutions
Kubernetes solutions
 
Red Hat multi-cluster management & what's new in OpenShift
Red Hat multi-cluster management & what's new in OpenShiftRed Hat multi-cluster management & what's new in OpenShift
Red Hat multi-cluster management & what's new in OpenShift
 
Kubernetes in 15 minutes
Kubernetes in 15 minutesKubernetes in 15 minutes
Kubernetes in 15 minutes
 
Container security within Cisco Container Platform
Container security within Cisco Container PlatformContainer security within Cisco Container Platform
Container security within Cisco Container Platform
 
Designing Telco Scaled OpenStack Architectures
Designing Telco Scaled OpenStack ArchitecturesDesigning Telco Scaled OpenStack Architectures
Designing Telco Scaled OpenStack Architectures
 
Oracle - Continuous Delivery NYC meetup, June 07, 2018
Oracle - Continuous Delivery NYC meetup, June 07, 2018Oracle - Continuous Delivery NYC meetup, June 07, 2018
Oracle - Continuous Delivery NYC meetup, June 07, 2018
 

More from Mikalai Alimenkou

Rise and fall of Story Points. Capacity based planning from the trenches.
Rise and fall of Story Points. Capacity based planning from the trenches.Rise and fall of Story Points. Capacity based planning from the trenches.
Rise and fall of Story Points. Capacity based planning from the trenches.
Mikalai Alimenkou
 
Saga about distributed business transactions in microservices world
Saga about distributed business transactions in microservices worldSaga about distributed business transactions in microservices world
Saga about distributed business transactions in microservices world
Mikalai Alimenkou
 
Wastful waste or why everything is so slow in development
Wastful waste or why everything is so slow in developmentWastful waste or why everything is so slow in development
Wastful waste or why everything is so slow in development
Mikalai Alimenkou
 
Hexagonal architecture with Spring Boot
Hexagonal architecture with Spring BootHexagonal architecture with Spring Boot
Hexagonal architecture with Spring Boot
Mikalai Alimenkou
 
Wastful waste or why everything is so slow in development
Wastful waste or why everything is so slow in developmentWastful waste or why everything is so slow in development
Wastful waste or why everything is so slow in development
Mikalai Alimenkou
 
Практические трудности в разработке Медкарты для целой страны
Практические трудности в разработке Медкарты для целой страныПрактические трудности в разработке Медкарты для целой страны
Практические трудности в разработке Медкарты для целой страны
Mikalai Alimenkou
 
Hexagonal architecture with Spring Boot [EPAM Java online conference]
Hexagonal architecture with Spring Boot [EPAM Java online conference]Hexagonal architecture with Spring Boot [EPAM Java online conference]
Hexagonal architecture with Spring Boot [EPAM Java online conference]
Mikalai Alimenkou
 
Agile antipatterns: review after 10 years of practice
Agile antipatterns: review after 10 years of practiceAgile antipatterns: review after 10 years of practice
Agile antipatterns: review after 10 years of practice
Mikalai Alimenkou
 
Hexagonal architecture with Spring Boot
Hexagonal architecture with Spring BootHexagonal architecture with Spring Boot
Hexagonal architecture with Spring Boot
Mikalai Alimenkou
 
Бытовая классификация тестировщиков с точки зрения разработчика
Бытовая классификация тестировщиков с точки зрения разработчикаБытовая классификация тестировщиков с точки зрения разработчика
Бытовая классификация тестировщиков с точки зрения разработчика
Mikalai Alimenkou
 
Code Review tool for personal effectiveness and waste analysis
Code Review tool for personal effectiveness and waste analysisCode Review tool for personal effectiveness and waste analysis
Code Review tool for personal effectiveness and waste analysis
Mikalai Alimenkou
 
Funny stories and anti-patterns from DevOps landscape
Funny stories and anti-patterns from DevOps landscapeFunny stories and anti-patterns from DevOps landscape
Funny stories and anti-patterns from DevOps landscape
Mikalai Alimenkou
 
Developer + tester = quality++
Developer + tester = quality++Developer + tester = quality++
Developer + tester = quality++
Mikalai Alimenkou
 

More from Mikalai Alimenkou (20)

Rise and fall of Story Points. Capacity based planning from the trenches.
Rise and fall of Story Points. Capacity based planning from the trenches.Rise and fall of Story Points. Capacity based planning from the trenches.
Rise and fall of Story Points. Capacity based planning from the trenches.
 
Static analysis tools as the best friend of QA
Static analysis tools as the best friend of QAStatic analysis tools as the best friend of QA
Static analysis tools as the best friend of QA
 
Saga about distributed business transactions in microservices world
Saga about distributed business transactions in microservices worldSaga about distributed business transactions in microservices world
Saga about distributed business transactions in microservices world
 
Wastful waste or why everything is so slow in development
Wastful waste or why everything is so slow in developmentWastful waste or why everything is so slow in development
Wastful waste or why everything is so slow in development
 
Hexagonal architecture with Spring Boot
Hexagonal architecture with Spring BootHexagonal architecture with Spring Boot
Hexagonal architecture with Spring Boot
 
Wastful waste or why everything is so slow in development
Wastful waste or why everything is so slow in developmentWastful waste or why everything is so slow in development
Wastful waste or why everything is so slow in development
 
DevOps checklist or how to understand where is your team in DevOps landscape ...
DevOps checklist or how to understand where is your team in DevOps landscape ...DevOps checklist or how to understand where is your team in DevOps landscape ...
DevOps checklist or how to understand where is your team in DevOps landscape ...
 
DevOps checklist or how to understand where is your team in DevOps landscape
DevOps checklist or how to understand where is your team in DevOps landscapeDevOps checklist or how to understand where is your team in DevOps landscape
DevOps checklist or how to understand where is your team in DevOps landscape
 
Практические трудности в разработке Медкарты для целой страны
Практические трудности в разработке Медкарты для целой страныПрактические трудности в разработке Медкарты для целой страны
Практические трудности в разработке Медкарты для целой страны
 
Hexagonal architecture with Spring Boot [EPAM Java online conference]
Hexagonal architecture with Spring Boot [EPAM Java online conference]Hexagonal architecture with Spring Boot [EPAM Java online conference]
Hexagonal architecture with Spring Boot [EPAM Java online conference]
 
Agile antipatterns: review after 10 years of practice
Agile antipatterns: review after 10 years of practiceAgile antipatterns: review after 10 years of practice
Agile antipatterns: review after 10 years of practice
 
Hexagonal architecture with Spring Boot
Hexagonal architecture with Spring BootHexagonal architecture with Spring Boot
Hexagonal architecture with Spring Boot
 
Bro, manage test data like a pro!
Bro, manage test data like a pro!Bro, manage test data like a pro!
Bro, manage test data like a pro!
 
Бытовая классификация тестировщиков с точки зрения разработчика
Бытовая классификация тестировщиков с точки зрения разработчикаБытовая классификация тестировщиков с точки зрения разработчика
Бытовая классификация тестировщиков с точки зрения разработчика
 
Code Review tool for personal effectiveness and waste analysis
Code Review tool for personal effectiveness and waste analysisCode Review tool for personal effectiveness and waste analysis
Code Review tool for personal effectiveness and waste analysis
 
Funny stories and anti-patterns from DevOps landscape
Funny stories and anti-patterns from DevOps landscapeFunny stories and anti-patterns from DevOps landscape
Funny stories and anti-patterns from DevOps landscape
 
Developer + tester = quality++
Developer + tester = quality++Developer + tester = quality++
Developer + tester = quality++
 
Continuous improvements of developer efficiency with modern IDE
Continuous improvements of developer efficiency with modern IDEContinuous improvements of developer efficiency with modern IDE
Continuous improvements of developer efficiency with modern IDE
 
Design patterns in test automation
Design patterns in test automationDesign patterns in test automation
Design patterns in test automation
 
5 top pain points of test automation
5 top pain points of test automation5 top pain points of test automation
5 top pain points of test automation
 

Recently uploaded

API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 

Recently uploaded (20)

API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 

Effectiveness tips from Kubernetes trenches by Captain Obvious

  • 1. Effectiveness tips from K8S trenches by Captain Obvious Mikalai Alimenkou @xpinjection https://t.me/xpinjection_channel https://xpinjection.com
  • 2.
  • 4. Disclaimer This talk is based on personal experience
  • 5. K8S is an orchestration flagman
  • 6. Everything is so simple…
  • 7. But reality is not always the same
  • 8. Feel the difference Deploy single microservice to Kubernetes Deploy and maintain production workload to Kubernetes
  • 9. All tips are really obvious
  • 10. #1. Don’t start with K8S ;)
  • 11. Focus on business first Don’t invest into complex infrastructure from start Use PaaS cloud solutions if possible “Buy” more time for business focus Containerize your services for flexibility Experiment with K8S on local dev environments
  • 12. #2. Develop Cloud Native services
  • 13. Use best practices and enablers Choose Cloud Native platform if possible Follow best practices for 12+ factor applications Use available enablers and libraries Focus on the most important aspects: - flexible configuration; - full observability; - stateless. You could migrate anywhere later
  • 14. #3. Avoid K8S maintenance
  • 15. Delegate complexity Build on managed K8S where possible Try K8S wrappers instead of vanilla K8S Use public Helm charts for dependencies Try public K8S operators to delegate maintenance for dependencies as well Use service mesh if don’t want to rely on developers level and use cross-language microservices
  • 16. #4. Switch to declarative mindset
  • 17. Forget imperative habits from the past All K8S resources are just declarations OK response on API call means resource is accepted Avoid imperative commands for all types of action Deployment may fail even at container level Use extended monitoring to control actual state of the cluster Log kubernetes.io/change-cause for deployment traceability
  • 18. #5. Don’t be hype-driven maniacs NO ROOM FOR LEGACY!
  • 19. Keep you platform as simple as possible Service mesh is great but not for everybody Every new component increases maintenance cost Start with plain K8S manifests Use templating and customization if more flexibility is required Switch to Helm only in complex cases
  • 20. #6. Define clear roles/responsibilities
  • 21. Establish clear DevOps boundaries Infrastructure engineers responsible for low level infrastructure (cloud, bare metal, mixed) Dedicated K8S engineers responsible for K8S platform Developers responsible for their services deployment, configuration and support SRE engineers responsible for SRE practices and toolset establishment
  • 23.
  • 24. #7. Implement business health checks
  • 25. Don’t be lazy developer Don’t rely on simple HTTP ping Distinguish liveness and readiness probes Be careful with returned HTTP status Add business context to liveness and readiness probes Implement and configure graceful shutdown where possible
  • 26. #8. Simplify dev environments
  • 27. Provide environments for all needs Share data storages between environments if possible Make environment lightweight to use everywhere (feature branches, pull requests, CI builds, dev/qa/demo) Share the same K8S cluster with isolated namespaces Use node level cache for quick start Automate environment setup for developers Use CD tools like scaffold for development speed
  • 28. #9. Don’t forget about limits
  • 29. Defaults bring hidden issues Define RAM/CPU requirements for all services Limit resources usage per namespace Be careful with default network policy Complex network setup requires special skills Pay attention to security guidelines Apply strict access policies Use dedicated clusters for isolated environments
  • 30. #10. Not all nodes are equal
  • 31. K8S is not about “commodity hardware” Use labels for nodes to control deployment specifics (storage type, node size, CPU capacity, etc.) Carefully choose node size, taking into account all sidecar containers and daemon sets Save money on spot instances for dev environments Don’t forget about latency and volume speed for data storages Use node level caches to speed up deployments
  • 32.
  • 33. Summary and take aways K8S is great orchestration tool, but not given for free Containerized Cloud Native services run everywhere New roles needed to set proper DevOps boundaries K8S ecosystem is hype-driven and growing very quickly Environment should be really easy to start Everything is still working on hardware Pay special attention to security and network

Editor's Notes

  1. Не может быть волшебных практик как Continuous Delivery. Вжух и уже есть CD! Это требует изменений на культурном уровне. Поэтому переименование ролей никак не помогает что-то улучшать.