Modal Title
Cloud Native Ecosystem Containers Edge Computing Microservices Networking Serverless Storage
Cloud Native Skill Gaps are Killing Your Gains 
May 22nd 2023 7:15am, by Victoria Wright
A Boring Kubernetes Release
May 19th 2023 12:23pm, by Alex Williams
Why Upgrade to Observability from Application Monitoring?
May 19th 2023 11:49am, by George Hamilton
How Otomi Helped the City of Utrecht Move to Kubernetes
May 15th 2023 10:00am, by Sander Rodenhuis
RabbitMQ Is Boring, and I Love It
May 15th 2023 6:30am, by Josh Long
Red Hat Podman Container Engine Gets a Desktop Interface
May 23rd 2023 7:30am, by Joab Jackson
Scan Container Images for Vulnerabilities with Docker Scout
May 20th 2023 6:00am, by Jack Wallen
Container or VM? How to Choose the Right Option in 2023
May 17th 2023 8:42am, by Andrew Sullivan and Alex Handy
How Otomi Helped the City of Utrecht Move to Kubernetes
May 15th 2023 10:00am, by Sander Rodenhuis
Deploy an On-Premises Bitwarden Server with Docker
May 6th 2023 6:00am, by Jack Wallen
Gothenburg, Sweden Used Open Source IoT to Drastically Cut Water Waste
May 23rd 2023 6:58am, by Alex Handy
Building a Plant Monitoring Tool with IoT
May 8th 2023 9:27am, by Zoe Steinkamp
How to Choose and Model Time Series Databases
Apr 28th 2023 3:00am, by Robert Kimani
How to Optimize Queries for Time Series Data
Apr 27th 2023 12:00pm, by Robert Kimani
Calyptia Core 2.0 Tackles Fleet Management for Observability
Apr 26th 2023 6:49am, by Jelani Harper
RabbitMQ Is Boring, and I Love It
May 15th 2023 6:30am, by Josh Long
How OpenSearch Visualizes Jaeger's Distributed Tracing
May 11th 2023 10:00am, by Derek Ho and Jonah Kowall
Spring Cloud Gateway: The Swiss Army Knife of Cloud Development
May 8th 2023 6:47am, by Juergen Sussner
Return of the Monolith: Amazon Dumps Microservices for Video Monitoring
May 4th 2023 7:23am, by Joab Jackson
Cloud Native Basics: 4 Concepts to Know 
Apr 27th 2023 9:42am, by Khallai Taylor
How to Decide Between a Layer 2 or Layer 3 Network
Apr 25th 2023 10:00am, by Gino Dion
Linkerd Service Mesh Update Addresses More Demanding User Base
Apr 11th 2023 6:17am, by Joab Jackson and Alex Williams
Wireshark Celebrates 25th Anniversary with a New Foundation
Mar 28th 2023 5:00am, by Joab Jackson
This Week in Computing: Malware Gone Wild
Mar 25th 2023 7:10am, by Joab Jackson
JWTs: Connecting the Dots: Why, When and How
Mar 20th 2023 7:10am, by Michal Trojanowski
Microsoft Fabric Defragments Analytics, Enters Public Preview
May 23rd 2023 8:00am, by Andrew Brust
Forrester on WebAssembly for Developers: Frontend to Backend
May 17th 2023 6:00am, by Loraine Lawson
Return of the Monolith: Amazon Dumps Microservices for Video Monitoring
May 4th 2023 7:23am, by Joab Jackson
IBM's Quiet Approach to AI, Wasm and Serverless
May 4th 2023 6:00am, by Loraine Lawson
Cloud Control Planes for All: Implement Internal Platforms with Crossplane
Apr 13th 2023 10:00am, by Bassam Tabbara
Boost DevOps Maturity with a Data Lakehouse
May 17th 2023 10:20am, by Guido Deinhammer
Vercel Offers Postgres, Redis Options for Frontend Developers
May 1st 2023 9:00am, by Loraine Lawson
Why We Need an Inter-Cloud Data Standard
Apr 27th 2023 8:19am, by Aaron Schneider
We Designed Our Chips with First Pass Success — and So Can You
Apr 26th 2023 10:00am, by Parag Madhani
ACID Transactions Change the Game for Cassandra Developers
Apr 26th 2023 8:33am, by Aaron Ploetz
Frontend Development Software Development Typescript WebAssembly Cloud Services Data Machine Learning Security
Microsoft One-ups Google with Copilot Stack for Developers
May 24th 2023 11:45am, by
How to Start a Software Project: A Guide for Junior Devs
May 20th 2023 7:00am, by
Dev News: Trouble in npm, Vue 3.3 and Cloudflare Updates
May 20th 2023 5:00am, by
Generative AI Thread Runs Through Google’s New Products
May 19th 2023 12:37pm, by
AI Improves Developer Workflow, Says Gradle Dev Evangelist
May 19th 2023 10:00am, by
Microsoft One-ups Google with Copilot Stack for Developers
May 24th 2023 11:45am, by
Detect and Mitigate Common Attack Techniques for Containers
May 24th 2023 10:55am, by
Lineaje Unveils SBOM360 Hub for Software Bills of Materials
May 24th 2023 8:46am, by
AppSec 'Worst Practices' with Tanya Janca 
May 24th 2023 8:08am, by
FAQ: What Is Automated Incident Response?
May 24th 2023 6:04am, by
Dev News: Angular v16, plus Node.js and TypeScript Updates
Apr 22nd 2023 4:00am, by
This Week in Computing: Malware Gone Wild
Mar 25th 2023 7:10am, by
TypeScript 5.0: New Decorators Standard, Smaller npm
Mar 24th 2023 11:25am, by
JavaScript or WebAssembly: Which Is More Energy Efficient and Faster?
Jan 30th 2023 9:51am, by
What TypeScript Brings to Node.js
Dec 26th 2022 3:00am, by
Could WebAssembly Be the Key to Decreasing Kubernetes Use?
May 22nd 2023 6:00am, by
Forrester on WebAssembly for Developers: Frontend to Backend
May 17th 2023 6:00am, by
Dev News: Dart 3 Meets Wasm, Flutter 3.10, and Qwik ‘Streamable JavaScript’
May 13th 2023 9:00am, by
Our WebAssembly Experiment: Extending NGINX Agent
May 11th 2023 8:21am, by
A Workaround to WebAssembly’s Endpoint Compatibility Issues?
May 8th 2023 8:00am, by
Microsoft Fabric Defragments Analytics, Enters Public Preview
May 23rd 2023 8:00am, by
A Boring Kubernetes Release
May 19th 2023 12:23pm, by
Optimizing Mastodon Performance with Sidekiq and Redis Enterprise
May 18th 2023 10:30am, by and
Datadog’s $65M Bill and Why Developers Should Care
May 17th 2023 10:56am, by
Google Goes Gaga for AI Developer Tools
May 12th 2023 8:12am, by
Better Data Logistics Is the Key to Effective Machine Learning
May 24th 2023 10:00am, by
Microsoft Fabric Defragments Analytics, Enters Public Preview
May 23rd 2023 8:00am, by
Gothenburg, Sweden Used Open Source IoT to Drastically Cut Water Waste
May 23rd 2023 6:58am, by
What Is Unstructured Data?
May 22nd 2023 9:35am, by
Observability: Working with Metrics, Logs and Traces
May 22nd 2023 8:23am, by
AI Talk at KubeCon
May 24th 2023 1:36pm, by
Better Data Logistics Is the Key to Effective Machine Learning
May 24th 2023 10:00am, by
FAQ: What Is Automated Incident Response?
May 24th 2023 6:04am, by
The Benefits and Limitations of AI for Service Optimization
May 23rd 2023 10:00am, by
Economists Show AI Bringing Positive Impact to Workplaces
May 21st 2023 6:00am, by
Detect and Mitigate Common Attack Techniques for Containers
May 24th 2023 10:55am, by
Lineaje Unveils SBOM360 Hub for Software Bills of Materials
May 24th 2023 8:46am, by
AppSec 'Worst Practices' with Tanya Janca 
May 24th 2023 8:08am, by
Tracy Ragan: My Favorite Open Source Security Projects
May 22nd 2023 12:52pm, by
Scan Container Images for Vulnerabilities with Docker Scout
May 20th 2023 6:00am, by
Platform Engineering Operations CI/CD Tech Life DevOps Kubernetes Observability Service Mesh
Developer Platforms: Key Findings from a Forrester Snapshot
May 19th 2023 10:52am, by Aeris Stewart
How Otomi Helped the City of Utrecht Move to Kubernetes
May 15th 2023 10:00am, by Sander Rodenhuis
IBM Cloud CTO: Pros Outweigh the Cons with Platform Engineering
May 5th 2023 6:00am, by Loraine Lawson
Infrastructure as Code or Cloud Platforms — You Decide!
May 2nd 2023 9:34am, by Venkat Thiruvengadam
KubeCon Panel: How Platform Engineering Benefits Developers
Apr 28th 2023 8:51am, by Loraine Lawson
AI Talk at KubeCon
May 24th 2023 1:36pm, by Alex Williams
Better Data Logistics Is the Key to Effective Machine Learning
May 24th 2023 10:00am, by Michael Tanenbaum
Red Hat Ansible Gets Event-Triggered Automation, AI Assist on Playbooks
May 24th 2023 6:22am, by Joab Jackson
FAQ: What Is Automated Incident Response?
May 24th 2023 6:04am, by Ariel Russo
The Benefits and Limitations of AI for Service Optimization
May 23rd 2023 10:00am, by Prabjoth Saimbhi
Is DevOps Tool Complexity Slowing Down Developer Velocity?
May 17th 2023 6:29am, by Heather Joslyn and Lawrence E Hecht
AI Has Become Integral to the Software Delivery Lifecycle
May 12th 2023 11:01am, by Richard MacManus
4 Core Principles of GitOps
May 11th 2023 2:17pm, by Alex Williams
5 Version-Control Tools Game Developers Should Know About
May 9th 2023 10:00am, by Sharone Zitzman
Mitigate Risk Beyond the Supply Chain with Runtime Monitoring
May 8th 2023 10:00am, by Mike Long
AppSec 'Worst Practices' with Tanya Janca 
May 24th 2023 8:08am, by Taylor Armerding
Overcoming the Kubernetes Skills Gap with ChatGPT Assistance
May 23rd 2023 11:00am, by Dev Nag
Cloud Native Skill Gaps are Killing Your Gains 
May 22nd 2023 7:15am, by Victoria Wright
Economists Show AI Bringing Positive Impact to Workplaces
May 21st 2023 6:00am, by David Cassel
Tech Works: Why Burnout and Layoffs Hit Some People Harder
May 19th 2023 9:00am, by Jennifer Riggins
How to Start a Software Project: A Guide for Junior Devs
May 20th 2023 7:00am, by David Eastman
AI Improves Developer Workflow, Says Gradle Dev Evangelist
May 19th 2023 10:00am, by Richard MacManus
Guardrails Can Be the Common Language to Bring Dev and Ops Together
May 18th 2023 7:04am, by Cortney Nickerson
Boost DevOps Maturity with a Data Lakehouse
May 17th 2023 10:20am, by Guido Deinhammer
Is DevOps Tool Complexity Slowing Down Developer Velocity?
May 17th 2023 6:29am, by Heather Joslyn and Lawrence E Hecht
Overcoming the Kubernetes Skills Gap with ChatGPT Assistance
May 23rd 2023 11:00am, by Dev Nag
Could WebAssembly Be the Key to Decreasing Kubernetes Use?
May 22nd 2023 6:00am, by Loraine Lawson
A Boring Kubernetes Release
May 19th 2023 12:23pm, by Alex Williams
Guardrails Can Be the Common Language to Bring Dev and Ops Together
May 18th 2023 7:04am, by Cortney Nickerson
HashiCorp Vault Operator Manages Kubernetes Secrets
May 18th 2023 6:00am, by Heather Joslyn
Red Hat Ansible Gets Event-Triggered Automation, AI Assist on Playbooks
May 24th 2023 6:22am, by Joab Jackson
Observability: Working with Metrics, Logs and Traces
May 22nd 2023 8:23am, by Jessica Wachtel
Why Upgrade to Observability from Application Monitoring?
May 19th 2023 11:49am, by George Hamilton
Datadog’s $65M Bill and Why Developers Should Care
May 17th 2023 10:56am, by Loraine Lawson
How OpenSearch Visualizes Jaeger's Distributed Tracing
May 11th 2023 10:00am, by Derek Ho and Jonah Kowall
Linkerd Service Mesh Update Addresses More Demanding User Base
Apr 11th 2023 6:17am, by Joab Jackson and Alex Williams
How to Create Zero Trust Architecture for Service Mesh
Mar 27th 2023 7:00am, by Joe Fay
Ambient Mesh: Sidestepping the Sidecar
Mar 1st 2023 8:44am, by Jeff Goldman
Service Mesh Demand for Kubernetes Shifts to Security
Oct 27th 2022 11:04am, by B. Cameron Gain
AmeriSave Moved Its Microservices to the Cloud with Traefik's Dynamic Reverse Proxy
Sep 8th 2022 2:02pm, by Ann R. Thryft

K8s.af: When Kubernetes Goes Bad

Thursday marked the one-year anniversary of Kubernetes Failure Stories, a carefully-curated collection of links to very public postmortems.
May 11th, 2020 6:00am by
Featued image for: K8s.af: When Kubernetes Goes Bad

Thursday marked the one-year anniversary of Kubernetes Failure Stories, a carefully-curated collection of links to very public postmortems.

Prior to being hosted on its own domain name (k8s.af), the project had existed solely on a GitHub repository. There’s a nice succinct description of its mission at the bottom of the page:

Kubernetes is a fairly complex system with many moving parts. Its ecosystem is constantly evolving and adding even more layers (service mesh, …) to the mix.

Considering this environment, we don’t hear enough real-world horror stories to learn from each other! This compilation of failure stories should make it easier for people dealing with Kubernetes operations (SRE, Ops, platform/infrastructure teams) to learn from others and reduce the unknown unknowns of running Kubernetes in production.

The site also thanks Joe Beda, who’d been one of the co-founders of Kubernetes during his time at Google as a senior software engineer, “for contributing his domain k8s.af for this project!”

Along with the title, each listing includes the company name and where the post-mortem appeared, along with a list of the system components involved — and the impact. (For example, “Partial Production outage” or “delay of 1-3 seconds for outgoing TCP connections.”)

But behind it all is a real-world Kubernetes user with a commitment to quality information, open source software, and real-world workplace results. “This is totally driven by my own and/or our motivation to learn from other people’s experiences and failures,” explained Henning Jacobs, the site’s creator, during a 2019 appearance on Google’s Kubernetes podcast.

“I think one good way is giving back and actually showing people that this is not such a big deal to share these failures.”

Sharing Stories

Jacobs is the head of developer productivity at Zalando, an e-commerce platform that runs over 140 Kubernetes clusters. It is using Kubernetes to support over 1,100 developers, and in a March 2019 blog post, Jacobs explained why. “Kubernetes’ cohesive and extensible API matters…” he wrote, adding encouragingly to his blog’s readers that “learning it is worthwhile, even if you just want to run a bunch of containers.”

 

Jacobs was responding to a blog post titled “Maybe You Don’t Need Kubernetes,” written by a backend engineer for the hotel listings site Trivago. (“Especially for smaller teams, it can be time-consuming to maintain and has a steep learning curve.”) Jacobs agrees there are many choices for running containers, and “all of them ‘work’, but differ heavily in what interface they provide…”

But he also argued that “Having an extensible API matters as you will sooner or later hit a use case not reflected 100% by your infrastructure API, and/or you need to integrate with your existing organization’s landscape.” He applauded custom resource definitions (CRDs), which “allow building higher-level abstractions on top of core concepts.” Jacobs’ blog post also noted there’s already a vast ecosystem built on top of the Kubernetes API, arguing that the world converged on its feature set as it did with the Linux kernel (or its service and system management component).

“I think this network effect will prevail and we will see more and more high-level tools (apps, operators, ..) for Kubernetes…” he wrote. And he even sees k8s.af as one those resources. “I started collecting Kubernetes Failure Stories for no other reason than to leverage the enormous community and improve infrastructure operations (true for managed and self-hosted)…”

Beda even once joked that the domain “af” could stand for “architectural failures,” though technically it is the top-level domain name for Afghanistan.

But how does he really feel about Kubernetes? Jacobs doesn’t seem like he’s driven by antagonistic snark, but rather a sincere desire to make things better. In 2019 he was asked to be the guest on Google’s own Kubernetes podcast, where he shared his own experiences when Zalando migrated to the cloud in 2015 and said the site grew out of their commitment to open source software. Though Zalando shares their own open-source Kubernetes components on GitHub, “it’s not only about code, it’s also about how to deal with the code and components, how they work together, and how to actually set this up.”

“Maybe, when I look for failure stories, often how things are framed is this is kind of how we migrated. These are the success stories. And then on the way, the challenges… I wanted to turn it a little bit around to make it more open to learning about the failures. But I think a lot of these failures and challenges are always hidden in the success story….”

So k8s.af shares another kind of story:

  • 10 Ways to Shoot Yourself in the Foot with Kubernetes, #9 Will Surprise You (Datadog’s presentation at KubeCon Barcelona 2019)
  • A Kubernetes failure story (by an anonymous Fullstaq client, sharing slides from a Dutch Kubernetes meetup in 2019)
  • How NOT to do Kubernetes (by a Senior Site Reliability Engineer at Google and a VP of Product Management at the cloud native storage solution Portworx, speaking at a Cloud Native Meetup in 2018
  • Running Kubernetes in Production: A Million Ways to Crash Your Cluster (Zalando, slides from a presentation at DevOpsCon Munich 2018)

“it’s not about driving people away from Kubernetes,” Jacobs explained in a comment on Hacker News, warning people not to mistake the easy availability of stories as a representative sample. He points out it may not be so easy to collect stories about on-premises failures or even the other more fragmented orchestration frameworks. “We will never hear about them as they are buried inside orgs.”

It’s a point he drove home in his talk at the GOTO 2019 conference in Berlin, explaining his philosophy in a talk titled “Why I love Kubernetes Failure Stories and You Should Too.”

“We now have this ecosystem — we now have this common language we can talk about, and we can have these failure stories, which didn’t really make sense for a lot of other things, either proprietary or not so broadly adopted.”

He’s also seen the value of experiences being shared as a member of the CNCF End User community — Jacobs is also the co-chair of the CNCF End User Developer Experience SIG.) And in his talk he pointed out that while lots of people are planning to roll out Kubernetes — calls for advice aren’t always helpful.

Henning Jacobs talk at GoTo -- Kubernetes advice from Hacker News (screenshot).

“Everybody loves failure stories, but maybe for the wrong reasons,” note the talk’s description, citing our love of schadenfreude rather than the hope for “continuous improvement through blameless postmortems, sharing incidents, and documenting learnings.”

But the talk’s description explains it’s ultimately designed to highlight “why Kubernetes makes sense despite its perceived complexity.”

A Curated Collection

The stories keep coming. Earlier in the year a DevOps engineer for the travel search engine Omio — which runs 100% of its workloads on Kubernetes — wrote about “CPU limits and aggressive throttling in Kubernetes” resulting in high latency and errors. (“There is a serious, known CFS bug in the kernel that causes unnecessary throttling and stalls…”)

The head of DevOps for the travel search site LoveHolidays remembered the time Google Kubernetes Engine (GKE) ran out of IP addresses, resulting in a stuck deployment and blocked autoscaling of both pods and nodes. (“By default, GKE allocates 256 IPs per node, meaning that even large subnets like /16 can run out pretty quickly when you’re running 256 nodes.”)

And in 2019 a DevOps engineer for Exponea’s email list validation site blogged about why they postponed integrating Istio and deploying it into production. (“Istio made some changes that made Istio undeployable in the multitenant setup…”)

It’s undeniably a popular site. When Jacobs blogged about the site back in 2019, the link attracted over 500 upvotes — and another 236 comments. (Like “A team at my work has spent a stupid amount of time trying to nail down networking issues with hand-rolled k8 in AWS… Total pain in the ass.”) Henning himself joined the conversation, sharing another German developer’s list of serverless failure stories.

And his even scored a mention in Sysdig’s game “Cards Against Containers,” where the answer on one of the cards is “Browsing k8s.af instead of doing actual work.” But his talk at GoTo concluded with a pointed invitation for others to contribute their own postmortems — and a reminder of why it’s necessary.

“I think as an industry we need to move there, that we are more open to sharing our failures and incidents and postmortems to learn from each other.”

WebReduce

Group Created with Sketch.
SHARE THIS STORY
RELATED STORIES
New Spacetop Laptop Puts Your Workspace in the Air Twitter APIs Are Going Very Wrong Google Cloud Services Hit by Outage in Paris Using a Vector Database to Search White House Speeches The Slow Road to Metaverse Standards — and How AI Fits In
TNS owner Insight Partners is an investor in: Hightower, Sysdig.
RELATED STORIES
GPT-4 AI-Powered Microsoft Security Copilot Arrives Lineaje Unveils SBOM360 Hub for Software Bills of Materials At QCon: Why Generative AI Is Harmful to Earth and Society Google Cloud Services Hit by Outage in Paris Generative AI Thread Runs Through Google’s New Products
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.