The Cloud Native Computing Foundation sponsored this post.
Like so many milestones that were achieved in the history of computing, creators and inventors rarely had eureka moments, but instead, found a very practical way to solve a problem. The creation of the open source Kubernetes container orchestration software is but another example of something very big that was created with little initial fanfare, before becoming one of the most important developments in modern computing that will likely serve as the cornerstone of how software is deployed and developed for at least years to come.
“I don’t think we could have ever imagined that this would be where we’d be sitting five years from then — it’s really unbelievable,” Kubernetes co-founder Brendan Burns, distinguished engineer at Microsoft told Alex Williams, founder and editor-in-chief of The New Stack, hosted during a podcast recorded at KubeCon + CloudNativeCon 2018 in Shanghai.
Burns traces the genesis of Kubernetes while he was at Google, when he and then fellow Google colleagues Joe Beda, and Craig McLuckie were struggling with some of the inherent problems with working with virtual machines (VMs). “Running scripts to configure a VM is error-prone and so we were talking a lot about where we needed to go,” Burns said. “And then when we both sort of saw Docker come out… Joe was kind of doing VMs and I was ready to do something new and that was when it really crystallized.”
As Kubernetes begins to mature, one of the potential growing pains associated with when organizations adopt the platform is choosing from the 69 certified solutions providers and adopting the right policies. “Enterprises are honestly a little nervous about handing over the keys to a cluster, to developers,” Burns said. “And so, ensuring that they’re the right kind of guard rails to give people the flexibility to deploy whatever they want but within the constraints of a compliance regime or a security regime that is centralized inside the company. And so, what we’re seeing is the evolution of these kinds of policy controls.”
One of the impediments to improving cluster configurations to help improve the developer’s experience is “figuring out a rule language that allows people to specify like, ‘how do you write a rule that says, this field and this object needs to have this value?’” Burns said.
“There needs to be something that people can express and express it declaratively, express it in another JSON object so that you can reason about it. But then also it gives people recipes by which they can easily do that, right?” Burns said. “Because if I’m an operator and all I really want to do is block you from pulling images from a particular registry, I don’t want to have to figure out your weird JSON rule language. I just want to say, ‘take this off the shelf rule, parameterize it with my container registry and apply it to my cluster.’”
While there are several certified Kubernetes service providers in China, the number of users remains relatively small — but that might change as Microsoft launches the Azure Kubernetes service in Azure’s China cloud. “China is a really important market for Azure and a great place so that you can achieve,” Burns said (The service debuted in private preview during the conference). “A lot of companies we talked to have a global footprint and the Chinese market is a very important market in gaming, and in all kinds of other industries. Being able to use Azure both around the world and in China and to use Kubernetes to be able to deploy into all these environments become really, incredibly important… So that’s an exciting announcement that we have for later.”
In this Edition:
3:10: Discussing the issue of policy in the enterprise.
8:56: What are the technical implementations you have been through to develop this policy?
11:14: What are the abstractions that you needed to think through to be able to clean up these clusters and make the developer experience better?
13:15: What makes Helm different from other package management tools?
17:18: Tell us about the group that’s building the policy engine right now that we’re discussing.
19:22: If you’re going to look forward to 2019, with 2018 in retrospective, will this be a major focus for you?
The New Stack is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Docker.