Kubernetes

Drew Sears edited this page Mar 4, 2017 · 4 revisions

Related

First thoughts

Watched Brendan Burns' talk, A Technical Overview of Kubernetes (CoreOS Fest 2015) .

Quick recap: it provides production-grade container orchestration as a collection of small, decoupled components, with the goal of having teams manage and understand only the parts that they care about, rather than treating your container platform as a single monolithic stack.

Next steps:

Questions:

  • CoreOS vs. other Linux flavors? Run on bare metal vs. ESX?
  • Security. If K8s exposes a single giant pool of compute, how do I maintain segmentation of network access and system access between many distinct platforms? How do I isolate PCI/SOX/HIPPA networks to minimize audit scope?
  • Data persistence. How does my big, high traffic, single master Postgres database fit into the K8s stack, if at all?
  • Deployments. How do I allow developers to deploy freely to dev/test but limit their ability to deploy directly to production?