|
We had to move one end-user facing service from a proprietary (distributed) on-premise data centers solution running rented/hosted.
We set up a number of criteria for evaluating cloud vendors as well as on-premise and semi-hybrid solutions. We had been following Kubernetes since some time back, and the platform had matured considerably, so we decided to continue our further cloud vendor evaluations by using Kubernetes. At the end, the Kubernetes solution neutralized the choice of cloud vendor, at least from a software release and management point of view. From a security, availability, latency and a few other aspects the choice of cloud provider became less of an issue/equal challenge. We have faced a few minor challenges when using Kubernetes. The knowledge barrier; The problem, as well as the beauty of Kubernetes, is that it takes on quite a comprehensive view of network management, service discovery, DNS management, deployments, container orchestrations, secrets management, system administration and much more. We use this as an opportunity for learning more than we see problems. But several roles (in the enterprise) need to come together on a pull request for a change, rather than having tickets and side projects.
Switching to new features, like RBAC, TLS policy for AWS ELBs and generally keeping up with new features is another. The mostly excellent documentation has helped a lot. Using Kubernetes, we noticed that latency of using the service was slashed to 50-80%, depending on the location of the end-user. This, however, we attributed more to the ability to roll out in more regions and auto-scaling. Of course k8s is not alone in supporting this, but it really comes out of the box. A second effect we noticed was that by integrating the releases via Kubernetes, we reduced the time from the point of being ready in system test, to be passing our Release Readiness Check (yes we are an enterprise), and have user acceptance test environments and production environments being provisioned using about 15% of the manpower of our previous processes, and having releases being available in minutes and not in days (weeks), with enhanced visibility and maintainability. As an example, having the possibility to easy tear down or upgrade projects, with the right security and scale at all times (and no lingering volumes, load balancer pools or firewall rules) For us, Kubernetes has brought a higher predictability of releases, and monitorability of the total solution. We did also switch a solution from one cloud provider to another, and might switch back. For the move we needed some labeling of services and management (referencing) of certificates. |