The Kubernetes Effect

I&#x27;ll stand by my assertion that for 99% of users (maybe even 99.99%), Kubernetes offers entirely the wrong abstraction. They don&#x27;t want to run a container, they want to run an application (Node, Go, Ruby, Python, Java, whatever). The prevailing mythology is you should &quot;containerize&quot; everything and give it to a container orchestrator to run, but why? They had one problem, &quot;Run an app&quot;. Now they have two, &quot;Run a container that runs an app&quot; <i>and</i> &quot;maintain a container&quot;. Just give the app to a PAAS, and go home early.<p>Most startups - most large companies - would be far better served with a real PAAS, rather than container orchestration. My encounters with container orchestrators is that ops teams spent inordinate amounts of time trying to bend them <i>into</i> a PAAS, rather than just starting with one. This is why I don&#x27;t understand why this article lumps, e.g. Cloud Foundry in with K8S - they solve entirely different problems. My advice to almost every startup I speak to is &quot;Just use Heroku; solve your business problems first&quot;.<p>The article also mentions it enables &quot;new set of distributed primitives and runtime for creating distributed systems that spread across multiple processes and nodes&quot;. I&#x27;ll throw out my other assertion, which I always though was axiomatic - you want your system to be the <i>least</i> distributed you can make it at all times. Distributed systems are harder to reason about, harder to write, and harder to maintain. They fail in strange ways, and are so hard to get right, I&#x27;d bet I can find a hidden problem in yours within an hour of starting code review. Most teams running a non-trivial distributed system are coasting on luck rather than skill. This is not a reflection on them - just an inherent problem with building distributed logic.<p>Computers are fast, and you are not Google. I&#x27;ve helped run multiple thousand TPS using Cloudfoundry, driving one of Europe&#x27;s biggest retailers using just a few services. I&#x27;m now helping a startup unpick it&#x27;s 18 &quot;service&quot; containerised system back to something that can actually be maintained.<p>TLDR; containers as production app deployment artefacts have, in the medium and long term, caused more problems than they&#x27;ve solved for almost every case I&#x27;ve seen.

&lt;rant&gt;<p>And yet finding people who can reliably install K8s from scratch, who understand what&#x27;s going on under the hood, remains remarkably close to 0.<p>How many people can, within a few hours, tell you how Kubernetes runs DNS, and how it routes packets between containers by default? How do you run an integrated DNS which uses, say, my_service.service.my_namespace instead of my_service.my_namespace?<p>I&#x27;ve found that most installs of k8s have been made using defaults, using tooling that Google has provided. We hired one such administrator, but when asked anything outside of how to run kubectl, they just shrugged and said &quot;it never came up&quot;.<p>The codebase is vast, complicated, and there are few experts who live outside of Google. And it&#x27;s getting more vast, more complicated on a quarterly basis.<p>It bothers me how far operations has gone from &quot;providing reliable systems on which we run software&quot; to &quot;offload work onto the developer at any cost&quot;.<p>&lt;&#x2F;rant&gt;<p>I realize that a lot of this is because of scarcity. The good devops folks (i.e. those who are both competent generalist sysadmins and competent generalist programmers) are few and expensive. That makes pre-packaged &quot;full stack&quot; solutions like GAE, Kubernetes, and Fargate very appealing to leadership.<p>&quot;You don&#x27;t need an operations department to act as a huge drain on your revenue, just re-use your developers&quot; holds a lot of appeal for those high up in the food chain. It&#x27;s even initially appealing to developers! But in the end, it makes as much sense as re-using your developers to do customer service.

A consequence of the &quot;Kubernetes Effect&quot; is that while distributed systems are easy to build and use, a lot of developers lose sight of the fundamental problems which make distributed systems difficult.<p>For example, the sidecar in a sidecar pattern might fail while the application is running and the system can get stuck in weird states. The developer still needs to understand fundamentally how the system works.<p>Eschewing deeper knowledge just because it is easy to use is trap in this case. While the article compares Kubernetes to JVM, Kubernetes can fail in a lot more hard to debug ways than the JVM right now. I don&#x27;t know if this semantic gap between distributed systems like Kubernetes and monolithic systems like JVM can ever be bridged.

Kubernetes by itself may be daunting for most teams.<p>But I&#x27;m not sure I understand the backlash. Once you&#x27;ve built your application and it&#x27;s been packaged (containerized) and deployed why would anyone care how its run. Also running a container in production and orchestration seem to be conflated somewhat in this thread and the use cases are very different.<p>You can think of Kubernetes as an Automated SysAdmin . This is a bit reductive I know but it is useful to think of this way. You ask the sysadmin to run something for you and they tell you how to package it (tgz, war, zip etc) and they run it for you on hardware.<p>The level of engagement that a dev has with getting his app running on hardware is no different to that of dealing with a sysadmin and with the admin requesting that your app is packagedin a container.<p>Kubernetes out of the box will give you most of this functionality as long as you keep state outside of the cluster. There are also options on how to make the experience smoother. There also these tools to help too:<p>* Openshift * Kubernetes + Rancher * Mesos<p>If you need orchestration and scheduling. I am a little perplexed.

Any one have opinions on the Kubernetes admin cert linked? Wonder if it would significantly help in getting work and skipping the interview BS?<p><a href="https:&#x2F;&#x2F;www.cncf.io&#x2F;certification&#x2F;expert&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.cncf.io&#x2F;certification&#x2F;expert&#x2F;</a>