KubeCon EU 2020: Skyscrapers’ key take-aways
KubeCon EU 2020: cats, minigames, failure stories but most importantly great sessions and learnings! Read our key take-aways.
Although we preferred to be present live at KubeCon Europe 2020, we are pleased that we were able to experience the virtual edition in complete safety. As a company that works remotely, the virtual sessions immediately felt familiar. Speakers presented live from their living rooms, sessions went smoothly and we even saw a cat pass by!
Of course, networking did not go as smoothly as usual. But we have to admit, in this virtual edition, the organisers have put a lot of effort into making it as interactive as possible. For example, Q&A sessions were given and some sessions were even pre-recorded so that the speaker was online and could answer your questions live during the recording.
Actually, this was quite handy, said one of the speakers in the keynotes! You didn't have to keep an organised schedule and you didn't have to run to attend back-to-back sessions in different conference rooms. You even got notifications about sessions not to be missed! And if you got a bit tired, you could take a break by playing a mini-game. It was all about sitting back, relaxing and enjoying the show. We have to say: Well done, KubeCon!
But enough of this, let’s talk about the sessions! These are our take-aways written by the two attendees from Skyscrapers, Amany and Philip.
Managing an opinionated Kubernetes platform
An important part of our services consists of offering a Kubernetes reference platform for carrying out the workload of our clients. This means that we manage the entire lifecycle of various production and non-production K8 clusters at multiple customers.
Although Kubernetes is the most important component, much more is needed to provide a user-friendly and reliable platform, such as ingress, monitoring, logging, backups, security, cloud provider integration, ... And for each of these components we need to provide lifecycle management, automation, etc. in order to deliver this platform continuously.
So of course, we were very interested in the Managing a Managed Kubernetes Platform session in which they talked about similar challenges and their solutions.
An interesting conversation on the subject was given by Digital Ocean: 20,000 Upgrades Later: Lessons From a Year of Managed Kubernetes Upgrades. Although they work on a very different scale than we do, the lessons described by both the operator and the developer were recognizable and valuable.
Curious as to how we have solved these challenges ourselves? Then stay up to date with our new blog posts!
Some failure stories
Since you learn from mistakes, we were very interested in learning from some bad experiences.
Let's start with Kubernetes DNS Horror Stories (and How to Avoid Them) who talked about how everything is always a DNS problem... In addition to their findings on K8's DNS scalability and common problems such as the typical ndots:5, autopath, netfilter racing conditions, etc., there were also some more pleasant stories about DNS problems they encountered. In addition, the presentation gave a good example of how the DataDog engineers are currently running Kubernetes DNS.
One of the steps they took is using NodeLocal DNSCache, something we have also worked on as an option for our clients' clusters.
Last but not least, we found Five Great Ways to Lose Data on Kubernetes (And How to Avoid Them) an interesting session covering the challenges and possible solutions of dealing with stateful workloads of persistent data, such as databases on Kubernetes.
Announcements and cool features
Of course, it wouldn't be KubeCon if no interesting new features were proposed. Here we go:
- Since Kubernetes v1.18, we have an easy and efficient way to debug pods that run on Kubernetes. We call this kubectl alpha debug. Basically, it runs a temporary container next to the one you're trying to debug with an attachable console where you can use any debugging tool you want, without having to add it to your original container.
- The more software a container runs, the more security risks you are taking, right? With Distroless Images, you can turn the situation to your advantage, as you can have only the software you need, just your application and its runtime dependencies, without any of the extra components usually found in Linux distributions, even the most minimal of them like Alpine. No shell, no package manager or any sort of applications except what you add and truly need. Specially combined with the new ephemeral container debug feature we just discussed, nothing can stop you now from shipping your application in much smaller-sized and more-secured images.
- Autoscaling - which means covering the cluster level and horizontal/vertical scaling of the pod - is a hot topic! Even if you're not planning on using autoscaling, VPA is always valuable to have in the recommendations-only mode. It won't change anything and gives you a chance to investigate the recommendations. No matter how accurate you think your pod requests and limits are.
- With Helm v2 support already ended for bug fixes, and security patches soon ending by November 2020, there was no better reminder but a session on KubeCon addressing all features of v3 (and v3.1+) and urging everyone to pick up their migrations before it's late. One of the many benefits of the upgrade is that you no longer need to fork a Helm chart just because you need to make a change that the maintainer didn't make configurable. Thanks to Post Rendering you can manually manipulate, configure, and/or validate rendered manifests before they are installed by Helm.
That's it, our experience of KubeCon 2020! Would you like to stay up to date with more news? Then continue to follow our social media accounts as more blogs are in the pipeline!