By 2022, Gartner estimates that 75% of organizations will be running containerized applications in production. Kubernetes has undoubtedly become a popular method to organize containers. By following certain Kubernetes best practices, you can ensure its adoption truly expedites container deployment.
Below we distill findings from Gartner’s “Best Practices for Running Containers and Kubernetes in Production” report. Published in mid–2019, the report finds common issues related to security, automation, team collaboration and tooling selection when running Kubernetes in production.
On remedies, Gartner’s best practices cover governance strategies, defining use cases, leveraging containers-as-a-service (CaaS) or platform-as-a-service (PaaS) platforms and tips on acquiring CI/CD tools. Let’s review these areas to see how infrastructure and operations teams can get the most out of containers and Kubernetes.
Starting Out: Realize the Effort
“Organizations often underestimate the effort required to operate containers in production,” according to Gartner.
First off, is your organization prepared to move containerized workloads into production? Containers and Kubernetes have a steep learning curve. Pair that with the relative technical immaturity of the space and the lack of talent in the field, and reality starts to set in.
Gartner reminds teams to seriously consider whether they have the roles and skillsets necessary before adopting new technologies. This involves having the right DevOps team in place and considering how Kubernetes integrates with the rest of the company’s infrastructure. In terms of technologies, this means deciding on runtime and orchestration engines and choosing containerization workloads carefully. Not to mention, an ROI should be tabulated upfront.
At this early stage, common mistakes include adopting complex stateful workloads with huge dependencies, becoming quickly grappled into vendor lock-in and deploying containerization tooling without established DevOps practices. According to Gartner, adopting containers and Kubernetes requires consistency throughout the organization, training and keeping developer needs in mind. Not understanding these upfront realities can lead to some pretty harsh consequences down the line.
6 Solid Tips for a Container Platform Strategy
Adopt and Apply DevSecOps
“Security can’t be an afterthought,” according to the report. “It needs to be embedded into the DevOps process.” As we’ve covered before, adopting DevSecOps means instilling a companywide security culture that embraces security automation.
To Gartner, DevSecOps can be accomplished in part by applying image scanning within a CI/CD pipeline. Many open source tools, such as Anchore, can be leveraged to audit Docker containers to automate the threat discovery process.
Security leaders should also follow CIS benchmarks, ensure proper access controls and protect sensitive information and credentials with third-party encryption services.
Go Granular With Monitoring
According to Gartner, traditional host-centric monitoring (for things such as CPU utilization, latency, network bandwidth, etc.) simply isn’t enough. DevOps must go more granular, into the functional monitoring of containers themselves.
On selecting monitoring tools, the report recommends real-time solutions that reflect service level applications, offer deeper integration into container orchestrators à la Kubernetes, and provide granular logging with actionable outputs.
Re-evaluate Data Persistence
Lately, the trend is toward stateful workloads on containers. If applications are significantly redesigned, this could also affect the data storage process. For example, in the case of microservices-oriented stateful applications, “Infrastructure and Operations leaders need a storage platform that can maximize the availability, agility, and performance of that workload,” according to the Gartner report.
Optimize Networking for K8s
Developers require portability from developer environments to production-style testing. Newer development paradigms must span on-premises and public cloud, and container networking often must span several layers.
In this world, networking processes must adapt. “Networking solutions need to be tightly integrated with Kubernetes’ primitives and policy engine,” according to the report.
Gartner recommends companies audit their CaaS or software-defined networking (SDN) tool—check if it supports Kubernetes networking and load balancing across hosts in a cluster. Networking is an area in which service mesh technologies shine, so that is an option as well.
Manage the Container Life Cycle
To accelerate the application delivery pipeline, automation tools are king. Gartner recommends companies consider infrastructure-as-code (IaC) products for application release automation as well as tooling for container lifecycle management. These will help set standards for container base images and help automate application workflows.
Finally, container orchestration comes with its own set of best practices. Though Kubernetes has emerged as a de facto container orchestration tool, there are still nuances in distribution methods. When comparing orchestration methods, Gartner recommends companies consider factors including scalability, OS support, runtime stability, open source and support for hybrid and multi-cloud.
The full Gartner report is available here.