Kubernetes Implementation Planning Overview
Rolling out Kubernetes in your organization requires a good amount of planning up-front to make sure that your Kubernetes initiative is well-oriented for success. Kubernetes is a highly complex system consisting of a number of interdependent systems and services; just setting up a basic test cluster requires knowledge of a number of different disciplines, including container operations, distributed computing, certificate management, network security and performance, role-based authorization…and that doesn’t even touch on what it takes to get your applications Kubernetes-ready! Without careful deliberation and a well-structured plan, it’s practically impossible to design, implement, or manage a Kubernetes-based environment successfully. A typical Kubernetes implementation requires consideration of a number of topics, including:
- Overall architectural objectives & approach
- Review of intended tenant applications
- Kubernetes provisioning planning
- Software delivery pipeline review & planning
- Supporting tooling review
- Security requirements review
- Implementation process review & planning
- What is your target rollout date? Is it tied to any business-specific deadlines or objectives?
- How complex are the applications that you’re migrating? Are they stateless? Are they in-house custom applications, or software purchased from a vendor?
- How many logical environments are you intending to set up? Are there different security or sizing requirements for each environment?
- How much build automation do you have in your current process? What orchestration or automation platforms are you currently leveraging?
- What are the performance requirements for the tenant applications you’re moving to Kubernetes? Do they have any explicit, measured service level objectives?
- What does typical load look like for your tenant applications?
- How are you planning on organizing your applications into containers?
- How many Kubernetes clusters will be required for each logical environment?
- What components in your architecture require persisted state? How will those resources be managed?
- What level of high availability is required? Will you need geographically-dispersed installations? What are your disaster recovery requirements and goals?
- What are the performance and availability requirements for this application?
- What ingress and egress points need to exist for your tenant applications?
- What cloud or virtualization platform will be hosting your Kubernetes environment? Will you be going with a cloud services vendor (AWS, Microsoft Azure, etc), an on-premises solution (VMWare, Xen), or a hybrid approach?
- What tools will you use to monitor the health of your compute and storage nodes?
- What log aggregation tool will you use for monitoring worker and control plane logs?
- Where will application container images be stored?
- What is your persistent storage solution and backup strategy?
- How will you manage updates to Kubernetes itself? What sort of cadence do you want to set on managing security & bugfix updates versus feature updates?
- What is the initial target capacity for compute/storage/networking resources? What will the process be for adding additional capacity as load scales up?
- What requirements do you have around distributed tracing and monitoring transactions?
- Are your developers currently using containers actively for development?
- What is the target application development platform for your tenant applications? (i.e. Java, .NET, Node.JS, etc)
- What is the composition the application development stack? What application server or framework(s) are being used?
- What is the expected software delivery flow? Do you currently leverage container or artifact metadata in your delivery pipeline?
- Is your application microservices-based or more of a monolith? How large is a typical deployable “artifact”?
- What integration points are needed for a typical developer? Are the applications mostly atomic, or do they have extensive external integration points? What application components does a developer need to run locally or access remotely in order to be productive?
- Do you want to integrate any of your APIs into Kubernetes natively? Are there application-level items that would make sense for Kubernetes to manage from an autoscaling, provisioning, reporting, or dashboarding level?
- Will you want to leverage canary instances or blue/green deployments?
- What identity management requirements do you have in your organization? How many people will be able to interact with each Kubernetes environment?
- Will you need fine-grained role-based access control controlling access to the Kubernetes API server?
- How strict are your networking security requirements? Will you need policy-based routing and security at the networking level within the Kubernetes environment?
- How will you handle authentication and trust between services, both internal and external?
- How will secrets be managed and distributed to tenant applications in your Kubernetes environment?
- What applications in your environment have strict security requirements due to regulation (HIPAA, PCI, Sarbanes-Oxley)? How will you maintain compliance for those applications in a containerized environment?
- What auditing information do you need to maintain regarding cluster activities? Who should be able to access that information?
- What requirements do you have regarding vulnerability management, image scanning, and overall container security?
Kubernetes Planning Summary
Bringing an enterprise-class orchestration tool like Kubernetes into your organization can be a complex and difficult endeavor; without adequate planning, any exploratory effort to stand up a working Kubernetes environment is likely to fail. While we’ve covered a number of topics for consideration while planning a Kubernetes implementation in this article, it is by no means a comprehensive list; it’s actually a coarse-grained subset of the items that we at XTIVIA cover as a part of our Kubernetes Planning Assessment process. Focusing on the items in this article will give you a good head start on planning your Kubernetes roadmap.
If you have questions regarding how best to plan for any size Kubernetes implementation, please let us know in the comment section below, or reach out to us using our contact form.
Looking for additional information on Kubernetes in the enterprise? Check out our articles on Kubernetes, OpenShift, and the Cloud Native Enterprise and on Demystifying Docker and Kubernetes, or visit us on our website.