Skip to content
Cloud Platform applications and security
Glen AdamsApr 12, 2023 10:00:00 AM11 min read

Introduction to Kubernetes (K8s #1)

What is Kubernetes?

We’ve all heard about "The Cloud"  before, and many of us have some idea about what that means and how we can benefit from it. "The Cloud" can be great if it fits your needs and your use-case, but many people will quickly tell you that it is always the best answer. I have seen plenty of decision makers as well as developers swayed by this notion and develop a mindset of "move it all into the cloud asap!" whether or not that really is the right answer for their needs. To make matters worse, the way "The Cloud"  tends to be utilized in practice skews toward things you could already do with traditional setups, but with different steps and:

  • Less up-front cost, but more cost the longer your project goes
  • Additional complexity
  • Portability trouble/vendor lock-in
  • Less performance(!)

If you guessed that I am about to suggest a better way, you're correct! The better way might be to use Kubernetes (also known as K8s). So what is Kubernetes? Kubernetes is a powerful and popular open-source platform that is used for automating the deployment, scaling, and management of containerized applications. It has become a critical component of modern cloud infrastructure, enabling organizations to manage their applications efficiently and effectively at scale while also improving their overall reliability and security.

Common Kubernetes Misconceptions

Now, that doesn't mean you can't also use "The Cloud" . With Kubernetes you can use your own hardware, both your hardware and "The Cloud", and even multiple cloud providers at once. Kubernetes fixes some of the issues I mentioned about using the cloud, but also adds a lot of additional benefits. But, before we get into the details of all that, let’s take a moment to consider some of the common misconceptions around Kubernetes and how Kubernetes relates to “The Cloud”.

Kubernetes Graphic

Kubernetes is the cloud?

If you have heard of Kubernetes before, you may think it is synonymous with the cloud. While the two are closely related, there is a very important distinction between them. This difference is like the fact “a square is a rectangle, but a rectangle is not a square.” The cloud is like a rectangle in this metaphor, and it encompasses more than just Kubernetes. The cloud describes the delivery of computing resources over the internet including single server instances, physical machines in a datacenter, databases and storage, other software and applications, and even the support of the engineers who maintain it all. On the other hand, Kubernetes is an open-source platform/software that can be run in the cloud and utilize the resources provided by the cloud. Effectively, Kubernetes enables you to design your own private cloud built on top of the resources offered by any cloud provider [Amazon AWS, Google Cloud, Microsoft Azure, etc.]. Hey, maybe we should change the name of “The Cloud”  to “The Sky”? No? OK, fine.

Kubernetes is only for large enterprises!

Kubernetes is for everyone, for every possible use-case, and you should use it everywhere all the time forever. Ok, not really. There are pros and… admittedly, cons to Kubernetes, but there is no company size requirement to leverage the power of Kubernetes. The cool thing about Kubernetes is that being a FREE open-source software, it is built as a collaborative effort for everyone without any [many?] restrictions. As Kubernetes rapidly gains traction in the industry, it is becoming easier and easier for organizations of all sizes to utilize it and even contribute to its future development. I would argue that smaller organizations [who cannot hire all the staff necessary to maintain their own data center!] stand to gain the most benefit from Kubernetes and the cloud.

Isn’t Kubernetes too complex and hard to setup?

What a great question! If I can just direct you to the end of the blog where I offer to do it for you… 😊 Ok, maybe this concept of complexity isn’t necessarily a misconception. Kubernetes is complex, but that is because we want complicated things from it. We’ll get into this more as we discuss the details of using Kubernetes in later posts, but it is important to note that many cloud providers offer managed Kubernetes services that make it easier to get started. Additionally, there are many tools and resources available that help simplify the process, and we’ll talk about those too.

Kubernetes is not secure

Security, what a loaded topic that one is. While fighting the urge to disconnect from the Internet, throw away my devices, and barricade myself in a cave in the middle of nowhere to hide from the cyber terrorists, let me just say that Kubernetes offers many security features, including role-based access control, network segmentation, and encryption. There are also services and safeguards you can employ that focus on containerized computing and best practices to follow in your application development to harden your software and infrastructure against cyber threats.

Using Kubernetes and containers makes it easier to compare your software and deployments against established best practices and CVE’s [Common Vulnerabilities and Exposures] using software that automatically scans your entire infrastructure, individual containers, and applications to generate actionable reports, helps guides you to improve your security, and even tracks your progress. Evaluating the security of your IT infrastructure against CVE lists provided by leading security experts at NIST, CIA, NSA, Mitre and others has never been easier or more convenient. Did I mention the software for that is also FREE open-source software?!

Cloud Security

That’s nice, but my software doesn’t run on Linux.

No problem. Kubernetes isn’t just for Linux. You can run Kubernetes on Windows, Linux, or Mac. Another lesser-known fact is that in recent years Kubernetes has begun offering and improving support for Windows-based containers too. Now, I will say there is a reason that Linux dominates the server market [at the time of writing 96.3% of the top 1 million servers are running Linux]. At the risk of angering a lot of folks… I am just going to say it: you really should consider porting your software to Linux. But if that notion makes you want to stop reading, please keep in mind that I will discuss Windows containers and how to start using them later!

Can we get back to what IS Kubernetes?

OK, back to our description of Kubernetes: "Kubernetes is a powerful and popular open-source platform that is used for automating the deployment, scaling, and management of containerized applications." 

Let’s break that down a bit. To start, why do I keep mentioning "free open-source software"? Free open-source software means that the code for that software or project is available to the public for use, review, and [potentially] contribution, redistribution, and extension. Not only that, but even if you disagree with the maintainers of the software on the direction of the project or design decisions – depending on use, and the software’s licensing – you can branch off (called “forking” or “fork”) from that project and continue to use, redistribute, and develop it in the direction that you see fit [or pay someone else to do it!]. And for us developers who just want to know why the darned thing isn’t working the way we expect, we can go in and see exactly what is happening behind the scenes.

Open-source is awesome, and if you're not convinced, I would challenge you to find a single software or technology related service that doesn’t in some way use any open-source software at any level. Spoiler: you can’t. Even if you have never heard of open-source software, you have undoubtedly benefitted from its existence. For example, we’ve probably all heard of Netflix. Check out the software that the engineers at Netflix release as open-source software (Netflix's GitHub Account), and other projects they used in creating and maintaining Netflix (Netflix Open Source Software Center).

The other piece of the description of Kubernetes which is elusive to most people is containerized computing, containerized applications, and just containers. Containerized computing is a method of packaging and deploying applications in containers. Is that definition circular enough? A container is a lightweight, stand-alone, executable package of software that includes everything needed to run it, including the code, a runtime, libraries, environment variables, and config files. Containers provide a consistent and isolated environment for applications, which makes it easier to deploy and run them on different environments and platforms. So, a containerized application is just a software application that has been packaged into a container and using that container would be called containerized computing.

For those of you familiar with Virtual Machines (VMs), containers are different from VMs in that they collaborate with the host operating system and do not require a separate operating system for each application. This makes containers much lighter and faster to start than VMs and enables multiple containers to run on the same host [machine], improving resource utilization.

Containerization has become a popular approach for building, deploying, and scaling modern applications due to its benefits, including increased efficiency, isolation, portability, reproducibility, scalability, and ease of management. With containerization, applications can be quickly and easily moved from development to testing and then to production, making it easier and quicker to release and manage updates. Additionally, containers provide a consistent environment that can be easily reproduced, making it easier to troubleshoot, debug and fix issues. Containers solve the classic problem that often comes up in traditional infrastructure of parity between local, development, and production environments in software development. Overall, containerized computing provides a flexible, scalable, and efficient way to run modern applications, making it an essential part of modern cloud infrastructure and Kubernetes.

Kubernetes Containers

 

Key features & benefits over traditional infrastructure

This is another topic that I could write a whole blog series on, so for the sake of brevity I am not going to get into the details of traditional architecture (think VMs, or bare-metal deployments on multiple servers) and specifics of how that differs from Kubernetes. Let’s just focus on the ways Kubernetes is an improvement over traditional architecture:

Scalability: Kubernetes makes it easy to scale applications up or down as needed, without requiring manual intervention. This means that applications can be preconfigured to resize easily and automatically to meet changing demand, improve resource utilization, and reduce costs.

Automation: Kubernetes automates many of the manual tasks that are required to manage applications, such as deployment, scaling, and updates. This reduces the effort required to manage applications and increases reliability, as fewer manual steps are involved.

Portability: Kubernetes makes it easy to deploy applications on any cloud or on-premises infrastructure, improving the ability to move applications from one environment to another. This increases flexibility and reduces vendor lock-in(!).

Resilience: Kubernetes provides features to ensure that applications are highly available, even in the event of failures or outages. This includes automatic failover and self-healing capabilities, which help to minimize downtime and improve the overall reliability and availability of applications. Even large cloud providers have outages -- I’ve seen it, it does happen, and it’s not a fun time. Kubernetes gives you the tools to protect your applications from outages and maximize availability of mission-critical infrastructure and applications.

Security: Kubernetes provides a range of security features and there are many related projects, which help to ensure that applications are secure and protected from threats.

Resource Management: Kubernetes provides a way to manage and allocate resources, such as CPU, memory, and storage, to applications. This helps to optimize resource utilization and prevent one application from consuming too many resources, leading to performance degradation for other applications.

Observability: Kubernetes provides comprehensive logging, monitoring, and tracing capabilities, making it easier to identify and resolve issues. This improves the overall visibility and management of applications.

Isolation: A single machine (or node, as it is called in the Kubernetes world) can run many different applications without much concern for side-effects or special considerations for how each application must configure the operating system and other dependencies it has on that machine. Because each application is bundled with everything it needs to run, they can all easily co-exist.

To summarize, Kubernetes provides a flexible and scalable platform for managing modern applications, which is an improvement over traditional architecture. It enables organizations to automate many manual tasks, increase efficiency, and improve the overall reliability and security of their applications.

Secure Cloud Platform

 

Why and when should I use Kubernetes?

Kubernetes is not the right choice for everyone or every situation, but it is a great choice when you need or desire some of the benefits listed above. Projects where Kubernetes is clearly the best choice are when you have some combination of the following:

  • Your application or infrastructure needs to scale on-demand.
  • Security is a top priority.
  • Availability and resilience are a requirement.
  • Rapid deployment and updates are a necessity.
  • Your application or infrastructure has many components (or micro-services).
  • You want to avoid being tethered to a specific cloud provider (vendor lock-in), or you need portability.
  • You value reproducibility or modularity in your infrastructure.

 

 

Afterword

Can we build it? YES, we can. Contact me at glen.adams@nltgis.com or check out New Light Technologies for more information. With clients ranging from federal, state, and local government to non-profits, academia and private businesses, we have the experience and expertise to build your custom solution tailored to your needs.

Looking for more articles? See what we’re up to on Medium and our blog.

 


About New Light Technologies, Inc.

New Light Technologies Inc. (NLT) is a leading provider of integrated science, technology, and mission services based in Washington DC. Offering renowned expertise in cloud, agile software development, cybersecurity, data science, geospatial and remote sensing, NLT provides comprehensive consulting, research, digital transformation services, and fit-for-purpose analytics solutions for a range of industries from emergency management to economics to health. The firm has pioneered real-time geospatial AI/ML predictive analytics platforms for government and industry and led the development of novel methods for leveraging satellite imagery to support disaster response, climate resiliency, impact evaluation, and sustainable development missions worldwide. To learn more visit us at www.newlighttechnologies.com

avatar

Glen Adams

Glen Adams is a Software Consultant and Engineer at New Light Technologies.

    Subscribe to Our Blog