Most of the tech universe agrees that Kubernetes, the open-source platform for running and managing containerized applications, is the future of IT deployment. After Linux, Kubernetes is the fastest-growing project in the history of open-source software. Gartner estimates that more than 90% of all enterprises could run Kubernetes in production by 2026.
The reason is clear: Kubernetes has turned infrastructure management from a necessary evil required to run applications, to a genuine enabler and accelerator for digital innovation. Its operational capabilities, its extensibility, and its vibrant ecosystem all combine to create new use cases up and down the software stack.
More businesses are standardizing on it because they view it as a way to not only run and manage containerized applications but act as middleware for general computing as well as for auxiliary ETL jobs, pipelines, high-performance computing (HPC) workloads, databases, edge devices, and even good old-fashioned virtual machines (VMs.)
With great power, comes complexity…
The downside until now is that large and diverse Kubernetes environments can be difficult to manage, with Day-2 operations, i.e., those occurring after initial deployment, being a key challenge. Many management cycles are required not only to run core infrastructure but manage the above-mentioned auxiliary applications as well as third-party solutions for cluster operations and monitoring services like Prometheus and EFK.
The continuous expansion of supported technologies under the Kubernetes umbrella, or used for Kubernetes operations, along with the increased reliance on Kubernetes and growing size of the environments—add more complexity to an already complicated system at a time when customers expect higher levels of abstraction and simpler operations.
Customers want both to increase their use of Kubernetes while being shielded from increased operational complexities. This expectation isn’t due to a desire for convenience or a lack of skilled experts, it’s a necessity. As systems grow, become more complex, more interconnected, and more mission-critical—only opinionated, automated management can ensure that operations will run efficiently and securely at this scale.
Just as not-necessarily tech-savvy consumers expect their mobile phones, smart homes to just work, enterprise managers now expect their complicated IT, even AI and other cutting-edge innovations to run smoothly with less maintenance from humans. This is very different from the early days of Linux or VMs, when IT pros knew that set up and maintenance would likely be tricky. Fortunately, service providers have learned over the years to mask much of this complexity from users.
… and great responsibility
The evolution of cloud technologies, Infrastructure-as-code, managed services, followed by serverless and autonomous solutions (from Functions through databases), and more – have given us more abstraction and a more consistent, simplified management experience. These attributes allow organizations to focus more on developing truly useful apps, instead of managing the plumbing required to run them.
We see this evolution in the Kubernetes architecture itself and the capabilities of the platform: its scaling mechanisms, CRDs—where everything can be a resource managed by Kubernetes, declarative configuration, Operator Framework, and more.
We also see it in the operational experience provided by different cloud providers—with the evolution from DIY, to managed solutions, to continuously offloading additional management responsibilities to the cloud service, to a fully serverless experience.
Gradually, this managed-to-serverless experience is expanding to support more applications, extensions and apps in the broader Kubernetes ecosystem. We expect to see more of these auxiliary solutions delivered by cloud services along with an optimal configuration and managed operations that “just work” right out of the box.
OCI’s managed Kubernetes service – OCI Container Engine for Kubernetes (OKE)—,for example, helps enterprises simplify operations of Kubernetes at scale. OKE provides a serverless experience option with Virtual Nodes, so customers need not worry about on-going infrastructure management. Add-on Lifecycle Management capabilities extend management to additional software so customers can install and configure their favorite operational software (such as CoreDNS, kube-proxy, etc.) or related applications (Kubernetes Dashboard, Oracle Database Operator, etc).
The service comes with optimal, hardened opinionated configuration defaults for each application (that can be customized as needed), and can manage the full lifecycle of these auxiliary apps from initial deployment, through ongoing operations– including upgrades, patches, scaling, rolling configuration changes, and more.
Why hobble all that goodness?
Virtually every cloud provider has embraced Kubernetes as a key service, yet some may actually disadvantage its use by charging more for Kubernetes-based compute instances versus “regular” instances. To guard against this, customers need to inquire upfront about premium pricing for Kubernetes instances before committing to a cloud provider.
Oracle Cloud Infrastructure (OCI) customers are charged based on the underlying compute consumption with a nominal added fee for the use of the Virtual Nodes option. Customers should also look into which cloud providers offer consistent pricing across all regions and deployment options. OCI does so. It also delivers significant savings: OCI can be 50% less expensive compared to other hyperscale clouds.
This is a key differentiator for the many customers who—especially in this economic climate—want to rein in costs.
Customers should also scrutinize whether a given cloud provider restricts the types of resources (such as virtual CPUs) that can be allocated to Kubernetes pods when using serverless compute options. Such limitations can keep customers from benefiting from seamless management experience if running more demanding applications.
Kubernetes doesn’t run in a silo
It’s easy to get stuck comparing specific features of each Kubernetes service from different cloud providers. However, it’s probably more important thing to keep in mind that Kubernetes never runs alone. Enterprises should evaluate the capabilities and fit of Kubernetes services as part of their holistic cloud strategy and broader system requirements.
When we talk about expanding capabilities that “just work” to new parts of the stack – it’s important to ensure that the cloud provider delivers this experience not only for its own specific Kubernetes stack but for the entire IT constellation required for it to run (alongside other workloads) in a performant, secure and cost-effective way.
For example: is cloud security provided by default, turned on from the get-go or is there a price premium for enabling additional protections, along with advanced expertise to choose and configure them? OCI security is built-in, on by default at no additional charge.
Similarly, we know that microservices and Kubernetes itself are very “chatty” and require considerable networking resources to deliver the best application experience (particularly as modern apps become even more data and I/O intensive).
These workloads make networking even more critical for application performance and customer experience. Does the chosen provider commit to a dedicated virtual network per customer to eliminate “noisy” neighbors and ensure consistent performance? Do customers get granular resource allocation for compute (for example, allocating maximum CPUs but only minimum memory to support demanding workloads such as video processing) to eliminate over-provisioning when needing to scale linearly to the next “box”? OCI’s Flex Shapes enable that and takes the guessing game out of trying to calculate the next instance size a customer will need to jump to.
There are other examples of how OCI’s innovative cloud architecture translates at the end of the day to apps running with high performance at lower cost. This overall system benefit has been one of the key reasons for large-scale customers migrating to OCI from other clouds – particularly for Kubernetes which is easily portable. Remember that Kubernetes doesn’t run in a silo. It needs networking, compute, storage, it interacts with data, with other services, and more. Often, what comes back to bite customers or requires re-platforming isn’t a specific feature gap in a certain service, but the fact that the entire system isn’t operating in a way that makes business sense.
Summing Up
Clearly, Kubernetes is highly strategic for today’s businesses. Before making a deployment choice, customers must make sure their would-be cloud provider does not penalize them based on the compute options selected and that management is both simple and extensible across all relevant workloads.
In order to accelerate a successful tech deployment, customers should also evaluate the cloud providers security stance and make sure to ferret out additional fees up front. A truly secure and highly performant environment requires great technology and great architecture, not just at the service level but across the holistic system.
At a time where everything is being connected, a business is only as strong as its weakest link. This could be a network bottleneck, a security risk, or that pesky never-ending need to calculate the optimal server size from the million available options/bewildering array of options.
Leo Leung, Vice President, Oracle Cloud Infrastructure and Oracle Technology
