Kubernetes(k8’s) case study

Main components of Kubernetes:

Cluster: A control plane and one or more compute machines, or nodes.

How does container orchestration work?

When you use a container orchestration tool, such as Kubernetes, you will describe the configuration of an application using either a YAML or JSON file. The configuration file tells the configuration management tool where to find the container images, how to establish a network, and where to store logs.

Kubernetes Integrations

Docker, Microsoft Azure, Ansible, Vagrant, and Google Compute Engine are some of the popular tools that integrate with Kubernetes.

1. Governance

Netflix is a bottom-up organization. The governance drove many of their container orchestration design decisions. Operations didn’t dictate what applications must go in containers — it remained up to the individual application teams to determine which of their services go into containers and which applications remained in virtual machines.

2. Kubernetes vs. Titus

Netflix chronicled their container journey in a white paper. Running containers at scale requires orchestration, and Netflix started their journey near the beginning of the Kubernetes open source project. Netflix had to decide if it would build its own orchestration platform or adopt an existing platform.

3. Container networking

Organizations have to give considerable thought to container networking. Networking is especially important as organizations design application interactions between legacy applications. Netflix’s Titus enabled container-to-container networking to conserve IP address space. The solution also allows placing containers directly on the routable network address space of existing applications.

4. Public cloud

As noted in an earlier TechRepublic post, Netflix is an extremely large consumer of Amazon Web Services (AWS). Although, integration with AWS Identity and Access Management (IAM) proves an operational challenge. In Titus, Netflix created a proxy service that enables legacy applications to remain unchanged. Titus leverages IAM roles to enable a single Titus node to adopt an IAM role for the containers running on the node. As part of workload placement, Titus must take IAM security into consideration.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store