I don't agree. I spun up a Kubernetes cluster in Azure, which was indeed easy. But then I had to figure out how to write the correct deployment scripts to deploy my docker containers to it, and how to configure all the security stuff. After more than a week of trying to figure it out, I decided to ditch the whole solution and go for Azure Container Instances instead. It was too much for me to learn about all the concepts of Kubernetes, how you configure them, how to make it work for solutions that are not as simple as the example on the website, and how to navigate through the various different methods of deploying stuff.
Maybe I'm just too dumb. But I wasn't going to invest a month of my time into doing something that should be simple enough for an average developer to accomplish.
For what it's worth, deploying in Kubernetes is pretty easy once you figure it out (and often finding the information is the hardest part). All you need to do is update the Deployment resource's "image" parameter. You can do that with `kubectl patch` like so:
kubectl patch deployment foo -p '{"spec":{"containers":[{"name":"main","image":"new-image"}]}}'
I managed my stateful sets/services for a while with terraform, but my experience was absolutely terrible and I have stopped that eventually. I now use "kubectl patch" and "kubectl apply" with handwritten yaml, but the workflow feels very clunky.
Intuitively it seems obvious to me that there must be a tool helping with that, but for some reason I was absolutely not able to find anything that would be even a little bit helpful. I am considering writing a couple python scripts that will automate it.
* shell interactions with quotes * double quotes * interpolating into image namespace with no autocomplete * easy to forget an argument * do you get autocomplete against the deployment name?
Comparison: C# declaration of a complex type - it's less complex than the `kubectl` command above, but IDEs offer way more support to get it right.
* var x = new List<Dictionary<CustomType,int?>>()
This will light up warnings if you get anything wrong;
You get: * go to definition of `CustomType` * autocomplete on classnames * highlighting on type mismatches * warnings about unused vars. * if you initialize the var, the IDE will try hard to not let you do it wrong
So structurally,
1) in the code realm, for doing minor work we have really strong guarantees,
2) in deployment realm, even though it's likely going to hit customers harder, the guarantees are weaker.
I think this is behind the feeling that the k8s system is not ready yet.
> I think this is behind the feeling that the k8s system is not ready yet.
Whether you patch the deployment image from bash or from C# doesn't indict the k8s ecosystem.
What I'm trying to say is that as an operating system, Kubernetes is now a young adult, and historically speaking, operating systems at this level of maturity have been adopted and ridden for decades, with much success. But, ya know, if you chose OS/360 in 1996 you would have a point.
2. kubernetes will abort the change if it doesn’t syntax check or the types don’t match.
kubectl set image deployment/foo main=main:new-image
kubectl set image deployment/foo "*=the/new/image"
kubectl rollout status deployment/foohttps://www.oreilly.com/library/view/kubernetes-in-action/97...
This a stretch, but to me Kubernetes is like the C programming language for infra. If you look at the entire software stack today, drill down (all the turtles), and you will eventually find C (everything goes back to libc or a C/C++ kernel). I assume any commercial (or non-!) "higher-level abstraction" for infra is already (or will be soon) built on top of Kubernetes. I am OK with it.
I write this post as someone who is uber-techincal, but I know nothing about actually using Kubernetes. I can do vanilla "hand-coded/snowflake" infra just fine in my constrained, private cloud environments, but nothing that scales like Kubernetes.
I might be nitpicking, but I'm not sure that's necessarily true. You could in theory write a compiler for a new language in C (or even assembly!), and once you have a working language, re-write the compiler in that new language. Now that there is no C code involved in the stack anymore, would that still count as a C-turtle?
Haskell for example, has some "bits" written in C, but a lot is written in Haskell or assembly[1]. So if you look at the WHOLE stack you'll find C _somewhere_ (probably most places), but I don't think _everything_ boils down to C.
Granted, a LOT of stuff is written on top of C.
[1] https://stackoverflow.com/questions/23912375/what-language-i...
YAML: significant whitespace is always unwelcome but YAML also introduces unexpected problems, like how it deals with booleans. For example, say you have this array:
foo:
- x
- y
- z
It's also difficult to read through a YAML config and understand the parent of each key, especially in code reviews or just on GH.
I believe k8s life would have been easier with JSON configs, where it's impossible to confuse e.g. booleans for strings and where it's easier to understand the object's hierarchy.
Helm's use of gotpl: this choice exacerbates the problems with YAML. Now you're treating a structured language with a text template library. You have to spend energy thinking about indentation levels and how the values will be interpreted by both the templater and k8s.
I think helm would be less frustrating if they chose some templating library that made objects first class citizens. Where you can inject values at specific locations with one-liners or simple blocks of code (e.g. `ingress.spec.rules[0].append(yadda yadda)`)
I'm sure there was debate about these choices early on and I don't have any unique ideas here, so I don't want to be too critical. These are just a couple of pain points I've personally experienced.
If you're going to use JSON for config, it's better to use an actual JSON parser.
https://john-millikin.com/json-is-not-a-yaml-subset https://news.ycombinator.com/item?id=31406473
That's false. http://p3rl.org/JSON::XS#JSON-and-YAML
["x","y","z"]
["x", True, "z"]
What we need is a Next.js for Kubernetes. Something that delivers a full stack solution on top of base Kubernetes.
The core system is great, but we need to replace these DevOps with a framework or platform.
Doesn't Rancher fit this description? It's pretty resource-heavy though.
- Deploys kubernetes clusters - includes Fleet for CI/CD - install apps with helm - ISTIO (awesome)
It feels like it is positioned for orgs with large needs. I'm looking for k8s for small nimble orgs.
I will look at Rancher more, thanks for reminding me of it!
Google's Anthos is also hard to describe now as they cover similar "everything" product features.
GCP now has Autopilot which lets you pay just for the cpu you use (no cluster management at all).
Anthos includes ISTIO which may at some point work on Autopilot. This would mean not having to fiddle with GKE Ingress (which I found unpleasant) and instead use the new standard Gateway.
I believe that eventually GKE Autopilot will offer running individual pods on GPU/TPU, pay as you go.
But when is this all as easy as using Next.js ?
Once we deployed, we ran into all sorts of SRE-issues. Turns out AWS sets all those “sane limits” that our own folks never did. Still hunting ghosts from the rollout 6 months ago.
Makes for good resume fodder, and makes me laugh at the prestigious titles and positions the folks who built this system went on to receive at big name firms.
Guess it is someone else’s management problem now. :shrug:
If you try digital ocean k8s offering it's fairly straightforward.
Google cloud was the first to offer a decent k8s as a service, if I recall correctly. We didn't have DevOps back in 2015 and we were on GCloud.
Personally I don't pick k8s just because it's heavy to run and I don't want to waste machines (plain docker is good enough for a large part of what people actually need). Sometimes in a project when I can't figure something out with just docker, I just bite the bullet and install k0s.
My cofounders and I are working on a solution to this at https://www.jetpack.io/. If you're interested in early access, we'd love your feedback!