Kubernetes Decision by Kobi Biton | Session at DevOpsCon Munich 2022

Automation

Explore the key considerations for deploying Kubernetes, from app-level isolation to network policies, and learn how to balance complexity and security in your decision-making process.

Key takeaways
  • Start by thinking about the application and whether it’s capable of isolation.
  • Consider app-level isolation, tenant ID logging, and multi-tenancy.
  • Think about application-specific questions, such as whether you need a service mesh for TLS.
  • Ask the hard questions, including why you need clusters and how many tenants you need to support.
  • Use a service mesh and cloud provider-specific solutions, but don’t overcomplicate it.
  • Choose a container OS that is designed for containers, like CoreOS.
  • Use Fargate and Kubelet to simplify cluster management.
  • Consider isolating applications and data using Kubernetes’ network policies and namespace isolation.
  • Don’t overcomplicate it with additional security mechanisms, and consider using WireGuard for encryption.
  • Start with a solid foundation and gradually add complexity, not the other way around.
  • Ask yourself who will own the clusters and who will manage them.
  • Use Terraform and other automation tools to simplify management.
  • Consider the operational overhead of managing updates and maintenance.
  • Don’t forget about defense in depth and use multiple layers of security.

More talks

Software archaeology - Learning from the landing on the moon! by Tobias Voss

EH21 - Wir bauen unsere eigene Cloud mit OpenStack

Bootstrapping Microservices • Ashley Davis & Damian Maclennan • GOTO 2024

C4 models as code - Simon Brown - NDC Porto 2023

Data Streaming? I don't even know her by Julien Contarin

Bridging the Gap: From Analytical Models to Operational Success [PyCon DE & PyData Berlin 2024]

Continuous Delivery for Data • Dave Farley • YOW! 2020

DjangoCon Europe 2023 | The evolution of a Website into a radio automation back-end.