If you want to orchestrate containers, Kubernetes is probably on your radar. But are you ready to use it to the fullest?
The CNCF Annual Survey for 2021 revealed that 96% of all organizations were either using or evaluating Kubernetes (K8s). This wasn't a fluke either, as adoption levels remained strong for the 2022 follow-up.
The survey however, also highlighted some sticking points. Although K8s has definitively earned its place as a mainstream global technology, it could be smoother sailing despite the name. Outside the cloud-native community, end users often consider alternative orchestration tools.
Containers are also tough in and of themselves. 44% of respondents hadn't deployed containers and the 41% that had said training was the biggest hurdle to adoption, with security a close second. As Aly Ibrahim explained in this handy talk, building a better workflow is a big help.
K8s has multiple strengths that make it great for enterprise use. Aly pointed out some of the top reasons you might consider adoption:
- K8s is an open-source stalwart: Unlike some projects, this Google-originated project has nine years of success under its belt.
- K8s is production-grade: From the banking and media industries to ChatGPT, K8s runs diverse workloads across industries and scales well.
- K8s is an abstraction layer: It lets you use underlying OS, security, networking, and infrastructure without having to wade into how they work.
- K8s supports declarative management with a powerful controller: You can define what you want in a YAML file. The controller will get you the necessary infrastructure, even if you're going beyond typical container use cases.
- K8s is extensible: Kubernetes is highly adaptable and a lot of the work has already been done, so you don't have to start from scratch.
As mentioned earlier, K8s is now firmly in the mainstream phase of the adoption curve. The innovators and earlier adopters have had their fair shake with the technology, which has matured. Today, vendors and multiple companies are not only using K8s in development, they’re productizing it too.
Aly said that if you're a developer who wants to be more competitive, there's never been a better time to improve your understanding of K8s. Unfortunately, it's tough to master, particularly considering how many projects are built on the ecosystem.
Another tricky issue is that companies love scale. Using multiple clusters and building expandable infrastructures are only natural in the cloud.
So how can you climb the steep learning curve, adopt sustainable management practices, and do it all while maintaining observability? Here are Aly's recommendations for tools to help.
Switching between clusters is a common challenge when working with multiple clusters. The problem is that it's not as simple as it should be—the native kubectl command requires you to go through a whole rigmarole of updating the config, defining the context name, etc.
Using kubectx is a lot easier and it works with auto-completion. It also ships with a companion tool, kubens, which does the same thing but for namespaces.
What's the point? They keep you from having to remember absurdly cumbersome commands for commonplace operations. They also make it easier to orient yourself within complex ecosystems of clusters and namespaces.
If you've ever gone through the ordeal of using kubectl for these tasks, you're probably wondering where you can get kubectx and kubens. Aly's next suggestion had the answer.
krew is a plugin manager. Think dnf for Linux, brew on MacOS, or chocolatey on Windows.
Get started by typing kubectl krew --help. The subcommand kubectl krew list shows you what plugins you've got installed, and kubectl krew search is a great jumping-off point for exploring what you can achieve with K8s.
As Aly mentioned, the available plugins on krew are a mixed bag, so you’ll have to do your homework. After finding something that looks promising in the search results, use the kubectl krew info <plugin_name> subcommand to learn more about that plugin.
Be certain to run kubectl krew update from time to time, as the maintainers are constantly adding new plugins. Also, be aware that most plugins on krew aren’t vendor-provided. Always check with your security team before installing any open-source plugins.
One of Aly's favorite commands solves a big observability problem: staying informed about capacity. For instance, you might manage a cluster but be in the dark about resource availability.
A common way to solve this issue is to use Prometheus or some other monitoring tool connected to Grafana or a similar dashboard. Running kubectl resource-capacity is an easier way to get up to speed from the command line.
The default command pulls metrics from your nodes to reveal your custom-defined CPU and memory requests and limits. To see the current metrics, just add the --util flag.
According to Aly, kube-capacity is helpful for getting an on-the-fly snapshot of whether you need to upgrade your infrastructure. You can also sort the output using custom metrics, namespaces, or pods. The only prerequisite for working with this command is that you'll need Kubernetes Metrics Server running on your clusters.
This plugin is great for understanding what's going on behind the scenes. Aly recommends it for learners, but it also provides useful visibility. It offers two functional modes: a tracing mode and a status mode.
To use the status mode, you'll type something like kubespy status api-version kind namespace, where the api-version is the apiVersion from your YAML file (usually found right at the top). In return, you’ll get a highlighted, diff-like view that shows what's been changed, removed, or added as you tackle tasks like scaling or deploying.
The tracing mode is available by running kubespy trace api-version kind namespace. It’ll sum up the same information with an extra dash of higher-level, human-readable detail. This mode is very good for debugging since it updates as you make changes, keeping you in the know about the effects of your config adjustments.
Sometimes, you'll want to see your pods' logs as you’re working. However, the kubectl command doesn't always satisfy; it only prints logs for a single container within a pod. Alternatively, using a command like stern <resource>/<name> shows you live, color-coded updates for multiple matching pods and containers.
The stern tool can also understand common events and react as needed. For instance, when you change the number of replicas running, stern automatically adjusts its output without you having to restart or reconfigure.
K9s is a terminal-based UI that lets you watch your applications from the command line. It offers multiple views that let you observe things happening in real-time, like resource usage, events, and the status of deployments, pods, and clusters.
K9s has multiple hotkeys you can use to zero in on various contexts, improving the ease of checking logs, reviewing secrets, and managing different cluster elements from a single place. It also supports plugins of its own, like Popeye, which inspects pods to reveal warnings and misconfigurations. When you're trying to adhere to a standard and follow best practices, the visibility offered by K9s is definitely helpful.
Of course, if you don't like the classic CLI layout, there's always...
OpenLens is an open-source dashboard that accomplishes many of the same things you can achieve with K9s, but with a slicker interface. Be aware that this differs from the related Lens project, which lacks an open-source license.
With OpenLens, you can do things like installing Helm charts, checking workloads, and managing configs using convenient dropdown menus. If you prefer mouse interaction (and hate scaring off new devs!) this GUI workflow may prove more accessible.
Let's say you want to do checks before you deploy, such as while you're developing yaml files or Helm charts. If your goal is to adhere to specific standards, then kube-linter may be a good option.
As Aly noted, one nice thing about kube-linter is that it integrates with pipelines, letting you keep using your existing CI/CD tools uninterrupted. You can add your own rules or use the included defaults to check your deployment. Either way, it’s relatively straightforward to see whether configs are living up to your expectations.
When you try a command like kube-linter lint deployment.yaml, not every error you see necessarily means you've got a deployment-breaking problem. It does, however, provide very clear instructions and suggestions for how to make fixes. It even offers links you can follow to read up on corresponding best practices.
This command is an awesome learning tool for beginners who might not know the best or safest way to write YAML configs. kube-linter checks list is a helpful subcommand that lets you read about all of the different checks the linter supports in detail and why they're important.
Red Hat's VS Code extension is just one of many YAML add-ons, but it provides numerous features that are particularly useful for K8s workflows. It can validate your configs and help you keep your place by outlining documents. It also supports on-hover schema descriptions, formatting, and auto-completion.
There are plenty of other helpful tools for making Kubernetes more productive, these options are just the beginning. Aly wanted to share even more, but he only had so much time.
If you get a chance, watch the recording to see what these tools look like in action and get answers to your burning questions. Also, be sure to catch the follow-up, where Aly will explain how to enable developers faster!