The dynamic nature of hybrid cloud requires a corresponding willingness to regularly review and update your strategy and its execution. Consider this practical advice on smart moves
Kubernetes: Everything you need to know
Kubernetes helps orchestrate and automate tasks associated with containers - an essential need as you scale. Here's a deep dive for IT leaders on what Kubernetes can do, key terms, best practices, trends for 2020, and more
Minikube makes a great do-it-yourself learning opportunity. “To get hands-on with Kubernetes or to run a trial of it, the easiest way to get started is to use Minikube on one of the Linux OS flavors,” says Raghu Kishore Vempati, principal systems engineer for innovation at Altran. “Minikube allows teams to experiment quickly and easily. The setup is simple.”
Here are four other tutorials to consider:
Learn Kubernetes Basics tutorial – Kubernetes official site
When you’ve got the lingo, concepts, and emerging trends down pat, consider digging into this tutorial on the basics of Kubernetes orchestration via the official project site.
This browser-based tool offers 17 hands-dirty scenarios for learning Kubernetes, including fundamentals such as deploying a container using the kubectl command-line interface and more advanced tasks such as Ingress routing. It also includes a “playground” environment for unstructured tinkering and learning.
Kubernetes by Example – Red Hat OpenShift
These step-by-step walk-throughs of Kubernetes concepts and capabilities, created by the Red Hat OpenShift team, includes commands for the kubectl command-line interface for various tasks and operations. These can then be replicated in DIY fashion, either in a local environment or in an online environment on openshift.com.
This edX course developed by The Linux Foundation functions like a “101” course for people and teams new to the tool. The edX course page includes a bullet-point syllabus for the topics covered, including (near the end of the class) the value of the Kubernetes community and how to get involved. The course is free, with a paid option ($99) for those who want a verified certificate of successful completion.
Scalable Microservices with Kubernetes – Udacity
This free course introduces the ins and outs of managing containerized applications with Kubernetes, especially in the context of today’s 24-7 expectations for applications and services and the demands those expectations place on infrastructure.
This free course is a series of on-demand, online videos that introduces you to Linux containers and container orchestration technology. In these short lectures and in-depth demonstrations, you will learn about containerizing applications and services, testing them, and deploying them on a Kubernetes cluster using Red Hat OpenShift. You will also learn how to build and deploy an application from source code using the source-to-image facility of OpenShift.
Want to learn more about building and deploying Operators? Get this free eBook.
In this free eBook aimed at developers, get detailed, reusable Kubernetes patterns for container deployment and orchestration. Learn everything Kubernetes offers for each particular pattern, with tested conclusions for each concept and full code examples.
This book (available in both electronic and physical editions) is considered one of the better introductions to Kubernetes fundamentals, especially for beginning audiences. It’s written by noted K8s expert Kelsey Hightower along with two of the orchestrator’s original creators at Google: Brendan Burns and Joe Beda.
Red Hat security strategist Kirsten Newcomer encourages people to think of container security as having ten layers – including both the container stack layers (such as the container host and registries) and container lifecycle issues (such as API management). For complete details on the ten layers and how orchestration tools such as Kubernetes fit in, check out this podcast with Newcomer, or this whitepaper: Ten Layers of Container Security.
- Application and environment misconfigurations
- Poor container security hygiene
- Production deployments expose misconfigurations and other vulnerabilities
Taking a DevSecOps approach – which bakes security into dev processes from the start - helps, as does active participation in the Kubernetes community. For more security tips, read also:
Don't let the growing popularity of containers and Kubernetes dupe you into thinking that you should use them to run any and every type of application. You need to distinguish between "can" and "should."
One basic example of this distinction is the difference between building an app specifically to be run in containers and operated with Kubernetes (some would refer to this as cloud-native development) and using these containers and orchestration for existing monolithic apps.
Building new applications specifically for containers and Kubernetes might be the better starting point for teams just beginning with containers and orchestration.
Here are seven best practices to keep in mind:
1. Think and build modern: Think microservices, for example. Define container images as logical units that can scale independently. Consider cloud-native APIs.
2. CI/CD and automation are your friends: A well-conceived CI/CD pipeline is an increasingly popular approach to baking automation into as many phases of your development and deployment processes as possible. Check out our recent primer for IT leaders: How to build a CI/CD pipeline.
3. Keep container images as light as possible: Keep your container images as small as possible for performance, security, and other reasons. Only include what you absolutely need. Remove all other packages – including shell utilities – that are not required by the containerized application.
4. Don’t blindly trust images: If you’re going to grab a container image rather than build it from scratch, don’t have blind faith in its security. Any images you use, even ones in your own repositories, should be scanned for vulnerabilities and compliance, experts advise.
5. Plan for observability, telemetry, and monitoring from the start: Kubernetes’ self-healing capabilities are a piece of the platform’s appeal, but they also underscore the need for proper visibility into your applications and environments. This is where observability, telemetry, and monitoring become key.
6. Consider starting with stateless applications: One early line of thinking about containers and Kubernetes has been that running stateless apps is a lot easier than running stateful apps (such as databases). That’s changing with the growth of Kubernetes Operators, but teams new to Kubernetes might still be better served by beginning with stateless applications.
7. Remember, this is hard: “None of the abstractions that exist in Kubernetes today make the underlying systems any easier to understand. They only make them easier to use,” says Chris Short, Red Hat OpenShift principal technical marketing manager. Your teams should be ready to learn from mistakes, Short notes.
For full detail on each of these seven best practices, read 7 best practices: Building applications for containers and Kubernetes. Want to migrate existing apps rather than build from scratch? Read Migrating applications to containers and Kubernetes: 5 best practices.
Check out these eBooks, articles, and webinars for even more learning on Kubernetes, and share with your team:
eBook: O'Reilly: Kubernetes patterns for designing cloud-native apps
Kubernetes glossary cheat sheet: 10 key concepts in plain English
Containers primer: Learn the lingo of Linux containers
Deep dive: Understanding Kubernetes for enterprises