Insights
DevOpsKubecon 2021 Recap & Takeaways
Ready for DevOps Implementation
by experts?
Being one of the most exciting events of the exploding technology nowadays Kubernetes, we couldn’t miss the innovations, methodologies, and best practices that KubeCon Europe Virtual 2021 introduced. As we know, this event brings to us many trending topics in many different areas of Kubernetes and Cloud-Native and a single article wouldn’t be enough! So we are going through only some topics that I found the most interesting and were getting the most attention at the conference.
Cilium and eBPF super-powers
Saying Cilium is a service mesh would be all true, but maybe not enough. That’s because of the technology worth mentioning, that makes Cilium known for its efficient and specific solutions. Cilium operates on top of eBPF, which is the successor of BPF, or Classic BPF which makes Linux Kernel programmable.
We have been told by Thomas Graf CTO and Co-Founder of Isovalent Company which stays behind Cilium, to think of eBPF in Linux Kernel like the JavaScript JIT that runs on browsers. A “eBPF JIT compiler” exists in Kernel Space and executes only safe code making changes as we need in different operations and “syscalls”, making Linux more compact when running container applications. The reason for that is the fast-evolving of containers and microservices technology, which comes with many different needs and at the time when most parts of Linux Kernel were developed, these needs didn’t exist. Why not contribute to the Linux project? Well everyone has different needs, and It would take years to get approved. So when relating for example to security we need patches pretty often, so it wouldn’t be the best choice.
In my opinion, Cilium really can help us bring our cluster networking, observability, and security to another level!
GitOps and Flux
GitOps methodology is continuously proving its benefits with the help of different tools out there, including Flux. In KubeCon Europe Virtual 2021 Flux introduced to us the Flux V2 which will support multi-tenancy. Combined with Helm or Kustomize, Flux V2 will give you a very powerful automated state management solution, in other words, a software agent will be ensuring that the desired state of your Kubernetes Cluster which should be available on a VCS is up to date, checking for source code changes in custom intervals, along with different alerts and features for its end-users.
With all the automation it comes, unfortunately for the users that are aiming to migrate from Flux V1 it comes with a little bit of pain of manual configurations, because of the Flux V2 incompatibility with .flux.yaml files as they will not be supported anymore.
WebAssembly
WebAssembly was another hot topic during the event. As we know WebAssembly was build with the browsers to be their main runtime, but lately it is taking place outside the browsers to, because of its security and flexibility. WebAssembly applications are isolated. Can run anywhere, with different operating systems and CPU system architectures. Sounds familiar? Yeah, containers... As Solomon Hykes, founder of Docker said on a tweet: “If WASI (WebAssembly System Interface) existed in 2008 we wouldn’t have needed to create Docker.”
No container technology is perfect, but they are very good at what they are designed to do and we should choose based on our needs. Comparing WebAssembly to Docker wouldn’t be fair, as they weren’t developed for the same purpose. But WebAssembly seems to have a future in the server-side combined with Kubernetes because of its high security, efficiency, and lightweight features.
Gateway API
Kubernetes network resources like Ingress and Services, that were part of it from the early days, solved us a lot of problems, but it was quite difficult and some times impossible, to use these resources for more advanced use cases. That resulted in using a lot of annotations and custom resources, which wasn’t a good experience. Gateway API will try to simplify this part of maintenance, saving us time and effort while scaling our applications.
The Gateway API project defines Kubernetes APIs to configure advanced concepts like traffic splitting, header matching, and load balancing configuration. It comes with new resource types: GatewayClasses, Gateways, and Routes like HTTP Route, TCP Route, UDP Route, and TLS Route. This model of dividing ingress traffic into more specific resources will allow the Gateway API to also expand its protocol support in the future. Do you want more? You can refer to the Gateway API official documentation!
So pretty cool yeah, all of these sweet tools at our fingertips. We are thankful to all presenters and organizers for this valuable event, for providing us with many different ideas and better thinking of future implementations. Indirectly providing value also at our partners and customers, giving them the best experience when we integrate these tools and methods in real-world solutions.
By the end, for those who couldn’t attend the event, it is available now on YouTube with all its sessions and keynotes.
Fabian Berisha
Lead Cloud/DevOps Engineer
Over the past 3 years as a DevOps Engineer, Fabian has earned multiple certifications such as AWS Certified DevOps Engineer – Professional, HashiCorp Certified: Terraform Associate, and CKA: Certified Kubernetes Administrator. Apart from leading and mentoring the Appstellar DevOps team and working with clients, he’s also involved in efforts to grow the local DevOps community by writing educational content and contributing as a DevOps trainer at ICK and internal Appstellar workshops.