Hot Topics
Cloud-Native Development Cloud-Native Platforms Cloud-Native Security Editorial Calendar Kubernetes in the Enterprise Topics 

Enterprise Container Platforms Optimize Operations

, , , ,
by Marc Hornbeek

As I indicated in my prior blog, A New Approach to K8s and Containers, a new kind of enterprise Kubernetes-based container platform is needed to accelerate time-to-value and realize efficient, safe operation of containers and Kubernetes for enterprises.

As more enterprise IT leaders come to understand the significant startup and maintenance issues with vanilla Kubernetes, they are often tempted to build their own K8s-based container platform. However, “IT leaders face strategic risks six to 12 months after deciding to build their own Kubernetes-based container platform solution,” according to a whitepaper from Red Kubes.

Instead of building your own platform from scratch, it is wise to have a system blueprint to follow. In this blog, I provide a blueprint of the capabilities needed to satisfy the requirements for a new kind of enterprise Kubernetes-based container platform.

To start with, a definition is helpful. An enterprise Kubernetes-based container platform is a complete suite of applications for running, operating and managing containerized, cloud-native applications at scale. The suite includes capabilities for managing storage, networking, security, metrics, logging, tracing, security and CI/CD. You could say every Kubernetes cluster is like a data center on its own, and, thus, requires a lot of additional tools and configuration.

Kubernetes is the Heart of the Platform

At the heart of the platform, Kubernetes schedules and runs containers, keeps applications running and performs life cycle management and operational tasks. Kubernetes APIs provide the core interface for integrating and interoperating with the ecosystem of other parts of the platform.

One of the main responsibilities of the platform is to deal with resilience. Container images are stateless, and state data is stored outside of the container. This makes it possible to spin up many containers using the same base images, which makes load balancing and scaling up much easier. In other words, with containers, redundancy and resilience has moved from the infrastructure layer to the container layer. Availability is assured by running multiple identical containers to cope with failure, not by maximizing uptime for any individual container. Container resilience is done via quantity, not quality. The collective group of containers makes up a healthy, functioning application which enables it to handle the failure of individual containers.

Kubernetes schedules container upgrades while keeping the application running and allows container-based applications to self-heal, increasing uptime without adding work to the operator’s day.

Additional Capabilities of the Platform

A Kubernetes-based container platform needs many other capabilities.

Observability tools: Monitoring (metrics), logging and (distributed) tracing as well as dashboarding and alerting systems are needed to inspect and observe running applications in production. These tools contribute to increased performance, reliability and security and reduce cost, outages and errors.

Stateful (block) storage: Application and configuration data, container images and backup software must be stored for package and artifact management, Kubernetes configuration and GitOps-based workflows.

Security and compliance: Capabilities are needed to support governance, policy enforcement, provide audit logs, set and enforce compliance and security policies, including Single Sign-On and identity providers.

CI/CD pipelines: Capabilities to move code from repository into production safely, quickly and frequently are required.

Networking and service configuration: Capabilities are needed to automate service topology, secure inter-service communication with mTLS and ingress traffic, including load balancing and SSL termination.

The above are a blueprint for the minimum requirements for a Kubernetes-based container platform. Other capabilities may include additional automation, team onboarding, self-service capabilities, additional metrics, continuous delivery features, cloud infrastructure integration capabilities and life cycle management capabilities.

What This Means

Vanilla Kubernetes is powerful, but it is not sufficient to be a complete platform to manage containers for enterprises. While Kubernetes is customizable, doing so requires an extremely high learning curve to get a complete platform, and then a lot of additional effort to maintain it. In this blog, I identified a blueprint of capabilities needed for a new kind of enterprise Kubernetes-based container platform to accelerate time-to-value and realize efficient, safe operation of containers and Kubernetes for enterprises.

Marc Hornbeek

Marc Hornbeek, a.k.a., DevOps-the-Gray esq. is a globally recognized expert for DevOps, DevSecOps, Continuous Testing and SRE. He is CEO and Principal Consultant at Engineering DevOps Consulting , author of the book "Engineering DevOps", and Ambassador and Author for The DevOps Institute . Marc applies his unique, comprehensive Engineering Blueprints, Seven-Step DevOps Transformation Blueprint and 9 DevOps Pillars discovery and assessment tools, together with targeted workshops skills to create actionable and comprehensive DevOps transformation roadmaps and strategic plans. Marc is an IEEE Outstanding Engineer, and 45-year IEEE Life member. He is a DevOps leadership advisor/mentor. He is the original author of the Continuous Delivery Ecosystem (CDEF) and Continuous Testing Foundations (CTF) certification courses that are offered by the DevOps Institute. He is a Blogger on DevOps.com and cloudnativenow.com. He is a freelance writer of DevOps content including webinars, and white papers. He is a freelance trainer for DevOps, DevSecOps and SRE courses offered by partners of the DevOps Institute.

Marc Hornbeek has 21 posts and counting. See all posts by Marc Hornbeek