All Hands on Deck: Running Kubernetes within an Enterprise

All Hands on Deck: Running Kubernetes within an Enterprise

In this post, we’re going to look at a few best practices involved with deploying Kubernetes on-premises, as well as the arrival of public cloud offerings like the Google Kubernetes Engine on-prem (GKE On-Prem).

In the first part of this series, we looked at a few common reasons why organizations deploy Kubernetes on-premises, along with some popular platforms that facilitate such deployments. In this post, we’re going to look at a few best practices involved with deploying Kubernetes on-premises, as well as the arrival of public cloud offerings like the Google Kubernetes Engine on-prem (GKE On-Prem).

In addition to the previously mentioned major factors that drive organizations to consider deploying K8s on-prem — i.e compliance, cloud abilities, and future compatibility — there are probably a couple more we should mention. These include organizations that want to use Kubernetes but don’t want to spend a large amount of money required to host it on a public cloud, and organizations deploying hybrid solutions.

Picking the Right Platform

Regardless of your reasons, make no mistake, deploying K8s on-prem is “all hands on deck,” in terms of management, and the first step to getting there is selecting the right “deck” for your deployment. The ability to deploy across multiple environments with a single control plane is a key capability to look for in a Kubernetes platform. This is because while it might seem easy at first, to manage a few clusters in a few different control planes, this becomes quite unsustainable when you start scaling up.

Number two on your checklist needs to be the ability to not only manage and provision infrastructure, but also the ability to integrate well with other on-premises components like networking, storage, monitoring, load balancers, and the like. Remember there’s no public cloud here, so your apps are completely dependent on your infrastructure and how well you manage it. Automating this layer is highly recommended as it makes for quicker, better deployments, as well as self-services. The good news is that most on-prem infrastructure solutions provide the same level of automation as their public cloud counterparts.

Other important factors to consider include operational simplicity and quality of vendor support, involvement and support for Open Source, degree of support for stateful applications, scalability, stability, and licensing costs if any.

DevSecOps from the Start

Now as opposed to going through with setting up storage, networking, and monitoring and then coming back to security, best practice dictates building it in right from the get-go. This is why as soon as you’ve picked your platform of choice, step two is to start thinking about security and governance. Integrating an image scanning process that scans applications, especially open-source components, libraries, and frameworks, during both the build and run phase is highly recommended.

Using older, more vulnerable versions of software is one of the leading causes of concerns with regards to container security. Implementing version control is a great way around this obstacle and though a lot of the solutions out there are cloud native, there are a few on-premises solutions as well, including a couple that are open source. Using the Center for Internet Security (CIS) benchmarks for Kubernetes runtimes is another best practice that helps establish secure configuration baselines. Additionally, SSL keys or database credentials need to be encrypted and stored centrally with Kubernetes secrets or a third-party Secrets Management service like Vault.

kublr in the news kubernetes

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

50+ Useful Kubernetes Tools for 2020 - Part 2

Our original Kubernetes tool list was so popular that we've curated another great list of tools to help you improve your functionality with the platform.

Microsoft Announces General Availability Of Bridge To Kubernetes

Microsoft announced the general availability of Bridge to Kubernetes, formerly known as Local Process with Kubernetes.

Kubernetes in the Cloud: Strategies for Effective Multi Cloud Implementations

This article explains how you can leverage Kubernetes to reduce multi cloud complexities and improve stability, scalability, and velocity.

Kubernetes vs Docker

Get Hands-on experience on Kubernetes and the best comparison of Kubernetes over the DevOps at your place at Kubernetes training

Typical flow for deploying applications to Kubernetes

Get Hands-on experience on Kubernetes and the best comparison of Kubernetes over the DevOps at your place at Kubernetes training