How to Make Kubernetes

Rhyme with Prod-Readiness

Tiffany Jernigan

VMware

Matthias Häußler

Novatec

www.containerdays.io

#CDS23

Who we are

Tiffany Jernigan

Sr. Dev Advocate, VMware

@tiffanyfayj

Matthias Häußler

Chief Technologist, Novatec

@maeddes

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

Why this talk?

www.containerdays.io

#CDS23

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

🎉

🎉

🥰

🥰

🥳

@maeddes @tiffanyfayj

What is

production readiness?

www.containerdays.io

#CDS23

@maeddes @tiffanyfayj

🎉

🎉

🥰

🥰

🥳

@maeddes @tiffanyfayj

Prod readiness in detail

​

​

​

​

• Has undergone rigorous testing and quality assurance
• Ensured it’s reliable, stable and secure
• Performs optimally under expected load and traffic conditions
• Adaptive to unexpected load/traffic conditions and failures
• Properly documented & described
• Consistently and repeatably buildable
• Monitored and Observable - Ability to identify and resolve issues quickly
• "Future-proofing": Being able to upgrade to patch security issues

@maeddes @tiffanyfayj

What does “vanilla” Kubernetes provide?

www.containerdays.io

#CDS23

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

What is “vanilla” Kubernetes missing?

www.containerdays.io

#CDS23

@maeddes @tiffanyfayj

Summary

@maeddes @tiffanyfayj

Infrastructure

@maeddes @tiffanyfayj

Infrastructure

@maeddes @tiffanyfayj

Networking - Inbound traffic

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

Networking - Traffic control

@maeddes @tiffanyfayj

Networking - Traffic control

@maeddes @tiffanyfayj

O11y

@maeddes @tiffanyfayj

O11y

@maeddes @tiffanyfayj

Security - API Access / RBAC

@maeddes @tiffanyfayj

Workloads

@maeddes @tiffanyfayj

Workloads

@maeddes @tiffanyfayj

Workloads

@maeddes @tiffanyfayj

Workloads

@maeddes @tiffanyfayj

GitSecOps

@maeddes @tiffanyfayj

“Summary”

@maeddes @tiffanyfayj

Summary

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

Infrastructure

@maeddes @tiffanyfayj

Network

@maeddes @tiffanyfayj

Observability

@maeddes @tiffanyfayj

Security

@maeddes @tiffanyfayj

Workloads

@maeddes @tiffanyfayj

And now what?

www.containerdays.io

#CDS23

@maeddes @tiffanyfayj

Management

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

Novatec Training Environment

@maeddes @tiffanyfayj

Cloud vs On-Prem

@maeddes @tiffanyfayj

Managed vs Self-Hosted

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

@maeddes @tiffanyfayj

Summary

​

​

​

​

• In the end there is no right or wrong,

it is more about the decision where to invest the time and money

• Maintain the stack yourself -> Invest in the skill and have it in-house
• Have someone done it for you -> Invest in service providers

​

• In general we recommend to use the highest abstraction possible

Don’t solve problems which have already been solved!

​

• Using and relying on a ready tested platform will let you focus more on higher abstractions -> your apps!

​

• If there is a managed solution that suits your needs -> use it!
• If you want to manage the stack yourself -> get enablement & consultancy

@maeddes @tiffanyfayj

Please reach out to us!

Tiffany Jernigan

Sr. Dev Advocate, VMware

@tiffanyfayj

Matthias Häußler

Chief Technologist, Novatec

@maeddes

@maeddes @tiffanyfayj