 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
Kubernetes (K8s) has emerged as the prominent container orchestration platform for building cloud native applications. It represents a massive opportunity to accelerate digital transformation, leverage cloud-based technologies, and differentiate an enterprise’s products and services through innovation. However, the irony is not lost on me, that a technology created to help ease the management of modern, cloud applications is, itself, difficult to manage. As a result, and as companies grow from just a few clusters to fleets of clusters, the ability to efficiently and effectively manage K8s and containers has risen as a key project within many enterprises over the past 12 months.
But what are the most popular software requirements seen by vendors and why are they important to enterprises as they embark on a Kubernetes and container management (KCM) infrastructure implementation? This article will attempt to answer those questions by analyzing the most popular requirements anonymized from a random sample of a dozen real enterprise requests for proposals (RFPs) received over the past six months (RFPs are a set of requirements issued by an organization competitively outsource a particular service, project, or solution to an interested bidder). Note that I define an enterprise to be a medium- to large-sized business to business (B2B) or business-to-consumer (B2C) company with revenue over $100 million last year and more than 500 employees. For those interested in reviewing all the requirements or would like to leverage a sample RFP for their own purposes we’ve made a sample RFP freely available on GitHub in Microsoft Word form.
After analyzing the sample of enterprise RFPs it was clear that several patterns emerged, some of which are not often shared publicly given the private nature of enterprises. The goal of this article is that by shedding light on popular requirements their peers are looking to meet, DevOps professionals can learn about critical K8s management functionality and requirements — across implementation and operations — to consider as they embark on their own K8s journey.
Appearing in 100% of enterprise RFPs we’ve received is support for hybrid environments (i.e., both cloud and on-premises):
The KCM solution must have the ability to configure and manage clusters in the following infrastructures and in combination: on-premises (on virtualized environments such as VMWare and Openstack as well as bare metal configurations) and within our strategic public cloud vendor’s environment (e.g., Amazon Web Service (AWS), Microsoft Azure, etc.)
According to a report published by Rightscale, Hybrid cloud (defined as leveraging a mix of on-premise infrastructure/private cloud and public clouds) adoption among enterprises is 58%. Why so high? Because modern application requirements — and the cutting-edge technologies that support it — are rapidly changing and thus not every application belongs in either a private or public cloud. This allows enterprises to be agile to the needs of their business and customers. Multicloud is also a growing trend, in fact, according to Gartner, 81% of enterprises now use “two or more cloud providers” because certain public clouds have specific features or advantages that some applications utilize. Another reason is that enterprises want to keep their infrastructure options open and avoid being locked-in to any one particular cloud and/or K8s distribution. To support the ever-evolving nature of business and for IT to remain open and agile, it is crucial for a KCM solution to support any combination of infrastructures — private or public — without the potential of future limitations of a proprietary approach.
Appearing in 100% of enterprise RFPs we’ve received is the requirement to integrate with popular DevOps toolsets for workflow automation and Kubernetes technologies:
The KCM solution must provide certified integrations with the following technologies in the Kubernetes ecosystem to support our current DevOps workflows (some of which are automated) including our CI/CD pipelines and registry vendors of choice as well as integration with Kubernetes storage, secrets management, networking, monitoring, logging and security technologies.
By itself, Kubernetes doesn’t provide a full, production-ready container management solution. It requires a number of supporting technologies both to streamline application deployment and to operate effectively within a variety of development and production environments. Thus, it is essential that a KCM solution provide turnkey, certified integrations with Kubernetes ecosystem technologies as well as seamlessly integrate with existing pipelines for deploying applications. If these integrations require a large amount of manual labor, specialized expertise and custom coding, it can take a lot of time (and specialized resources) to deploy applications, develop integrations and keep said integrations up-to-date with each upgrade that is released.
Appearing in 83% of enterprise RFPs we’ve received is the requirement to provide a level of security controls and auditing to kubectl:
The KCM solution must enable seamless and secure access to k8s clusters via Kubectl and maintain a centralized audit trail of all activities, governed by RBAC. The solution should help security teams prevent operations performed by “rogue kubectl admins” and provide a way to review/audit all kubectl operations performed for internal policy, compliance and regulatory reasons.
Kubctl is, of course, the command-line interface (CLI) used to access and manage K8s clusters and it’s incredibly powerful. However, with great power comes great responsibility. With sometimes direct access to production systems, kubectl has unfettered power to make wide-sweeping (and sometimes disastrous) changes to clusters and applications, drawing ire from the support/SRE organization. Actions conducted by shadow or “rogue” admins via the kubectl CLI is a critical security concern, especially for reliability reasons. And controlling access over time, especially given either a large number of clusters or admins can be difficult. Thus, access to kubectl — and the right to perform certain actions — should be governed by RBAC. Further, by default, logged kubectl events are not tagged by user account which makes it extremely difficult to audit who did what and when. This is a big problem for most enterprises but particularly those in regulated industries. So, in order to comply with both internal policies and external regulations all actions performed across all clusters under management via kubectl should be logged by user account.
Appearing in 75% of enterprise RFPs we’ve received a set of requirements with the goal of making the management of K8s fleets easier:
What features, if any, does the KCM solution provide that make the ongoing deployment and lifecycle management of a fleet of clusters (defined as 5+ clusters) efficient? Please describe each feature, its use case(s) and how it benefits users.
In the past, fleet management has been an afterthought. But that’s not the case today. The average number of clusters under management per enterprise is growing and thus yesterday’s “few clusters” are quickly becoming today’s fleets. The New Stack reports that almost 40% of companies surveyed are now running more than five clusters.
Managing a handful of clusters is relatively straightforward, but managing more than that is quite another story. Thus, any KCM solution should provide numerous features and functionality to help standardize workflows and automate the management of fleets. Some considerations include:
Appearing in 100% of enterprise RFPs we’ve received is the need for both professional services experts and a support organization that is available 24×7 to handle urgent issues:
The KCM solution vendor must be able to supply professional services personnel with certified Kubernetes administrators (CKAs) accreditation as well as operational support available 24×7 with guaranteed service level agreement (SLAs).
Kubernetes is a complex technology, with many dependencies, that can be difficult to implement and operate. The question isn’t if issues will occur, but when, especially when also running the various Kubernetes ecosystem technologies (e.g., secrets management or logging). For enterprises managing mission-critical applications it’s imperative to have access to experts to count on — both to start projects on the right foot and for speedy issue resolution. As a result, any KCM solution vendor needs to provide personnel with expert knowledge of core Kubernetes technology as well as the complex k8s ecosystem. The KCM solution vendor needs to be ultra-responsive to support an enterprise’s applications or Kubernetes infrastructure when an incident occurs.
What can we take away from these requirements? There are a number of key trends worth noting from this small sample of RFPs:
As a resource for the DevOps community, we’ve consolidated the most popular requirements in a sample RFP (in Microsoft Word form) that can be freely downloaded from GitHub and used in the creation of new RFIs and RFPs for Kubernetes and Container Management solutions.
Featured image via Pixabay.
