Last month, I had the opportunity to travel to London to attend KubeCon Europe 2016. Though it was only the second KubeCon, there were almost 500 attendees. The conference took place at CodeNode, a 23,000 sq. ft. venue in central London geared toward tech meetups and conferences.
Overall, it was a great opportunity to meet people in the community and see what other people are doing with Kubernetes. Although Kubernetes is a relatively new project, it has really taken off in the last year or so, and is starting to become a much more mature framework for deploying and orchestrating container-based applications. Many organizations, including the New York Times and Pearson, are using Kubernetes in production to run everything from customer-facing applications to deployment pipelines geared towards developers. At Appsembler, we’re using Kubernetes as the foundation for our upcoming SaaS offering of Open edX, and you can find out more by watching my talk.
As well as demonstrating what people are doing with Kubernetes today, many of the talks focused on the future of Kubernetes and upcoming features in 1.2 and 1.3. Since the first production-ready release last summer, Kubernetes has provided a core set of primitives to build a robust and flexible orchestration layer for managing containers, but there have still been many pain points. Looking forward, the community is beginning to address some of these issues. For example, there’s been the realization that it’s not always possible to treat all of your infrastructure like cattle, so PetSets are planned to be introduced in 1.3. These are essentially parameterized pod specifications that can be used for mostly homogeneous yet distinct components, like nodes in a Mongo replica set. Other recent developments for managing stateful applications include Persistent Volumes and Persistent Volume Claims, which allow for storage that is independent of the lifecycle of a pod.
In addition to all the talks, conferences are also great for chatting with interesting people working on really cool things. I talked to an engineer from Project Calico, whose aim is to provide secure and scalable networking for containers. Networking containers is an interesting problem in itself, but what I thought was really cool about Project Calico was the ability to set up firewalls between different services. This makes it possible to segment the network and limit what a service can talk to, helping to enforce the principle of least privilege. I also chatted with an engineer from CoreOS about security and the differences between rkt and Docker. CoreOS as a company is serious about building their products with security in mind from the start, which is refreshing given the ever-increasing threats at hand. Rkt could also provide a compelling alternative to Docker as a container runtime, so it will be an interesting project to watch over the next several months.
It would take too long to go into detail about each talk (and you can watch them yourself), so I’ve made up three arbitrary categories and picked a winner for each one. In addition to these three, I also want to mention that the first keynote by Kelsey Hightower provides an excellent introduction for anyone new to Kubernetes.
Most interesting talk
There were a lot of interesting talks, but I have to pick “The State of State” by Matthew Bates from Jetstack. Managing state across a cluster is a difficult problem in general and has always been a particular pain point in Kubernetes. For example, if I want to run a highly available database cluster on Kubernetes, where do I actually store my state in the cluster? How do I schedule pods to guarantee that they can access the necessary storage, which may already contain data created by a failed pod? In this talk, Matthew gave a rundown of some of the Kubernetes features that could be used to effectively manage state. The good news is that new and upcoming features like Persistent Volume Claims and PetSets should make it much easier to manage state across a cluster in the near future.
Most inspiring talk
The most inspiring talk goes to Brandon Philips from CoreOS, who gave the second day keynote titled “Pushing Kubernetes Forward”. He spoke about some of the work that CoreOS has been contributing to the Kubernetes project and some visions for the future. There was some really exciting stuff, such as upcoming support for using rkt as the Kubernetes container runtime (known as “rktnetes”), the ability to scale etcd (and consequently Kubernetes) to thousands of nodes, and security features to enable trusted computing in a cloud environment.
Ian Lewis gave a talk called “Kubernetes Hardware Hacks: Exploring the Kubernetes API Through Knobs, Faders, and Sliders”. Going in, I really had no idea what this talk was going to be about since hacking hardware doesn’t seem to have anything to do with Kubernetes. It turned out that Ian had built a really cool system to control his Kubernetes using some MIDI sound board hardware and the Kubernetes REST API. Check it out if you’d like a novel way of managing your cluster in production.