[suralind]

So I’m personally a huge fan of k8s and while I agree it may be „complicated”, it’s because deploying applications is complicated. (I want to point out that there is no requirement no set up cert manager, ArgoCD, external secrets, etc. - and many people who’d consider a VPS would happily slap a .env with an unencrypted secret then ssh to update, but when they choose Kubernetes they take the long route of doing proper GitOps and complain that there are so many things to configure :)

But I found funny that the OP summarized to use Kubernetes when CTO is no longer the only dev.

[vbezhenar]

100% agree with you.

You can actually treat kubernetes as a glorified docker compose engine. Deploy pods, deploy nginx instead of ingress controller, deploy certbot cronjob instead of cert-manager, and believe it or not, it'll work! On a single server!

People often compare Kubernetes with thousands of additional services to a simple VPS, but that's not apples to apples comparison.

[solatic]

> many people who’d consider a VPS would happily slap a .env with an unencrypted secret then ssh to update

I just want to point out that you can totally still do this with Kubernetes. Of course it's not correct, but you can save that unencrypted secret in a .env file right into your container while you're building it - no need to use Kubernetes's support for supplying environment variables from the manifest. And of course, you don't even need a Dockerfile to build that container - you can just exec into a running container, paste it in, and then docker save.

Kubernetes doesn't save you from making stupid decisions, it just makes it easier to make better ones.

[suralind]

Perhaps I wasn't clear enough - that was my point as well. You can do that, but when people switch to Kubernetes a lot of them do a proper (or better) job of avoiding that, but compare to previous experience where they'd just ssh to update the env, etc.