Tagkubernetes

How my OpenShift vs Rancher comparison blogpost gone viral?

Facebooktwittergoogle_pluslinkedinmailby feather

I would like to share my story about how my Blogpost Openshift vs Rancher gone viral, which is:

  • On the top page when you search Openshift vs Rancher on Google (The first two,  rancher.com and kloia.com both pointing to my comparison)
  • Viewed more than 250.000 times
  • Several comments from the readers
  •  Republished by the vendor itself 
  • Translated by several consultancies in different countries

 

As kloia, our engineering team focus became dominantly Kubernetes for the platform projects, where OpenShift was a dominant player especially after the acquisition of IBM. We have been implementing OpenShift in one of our major Enterprise customer. Since we are an engineering company, our consultants became frustrated with OpenShift with the following feedbacks:

  • OpenShift has its own way of doing things, no CNCF 
  • No/less engineering, more operator mindset
  • Major problems during version upgrades
  • Vendor-lock

As an engineering-driven company, (Decisions are given by the engineering team, rather than Sales) we stopped working with RedHat, although we invested a lot with certifications and time…

Meanwhile, we began also experimenting with Rancher in several projects and I decided to make such an honest comparison by the end of 2019 based on

  • Our engineering team’s feedback
  • My own experience
  • Several customer feedback
  • Technical evidence

 

My intention was to reveal the realities, as an engineer who has been in the “Pledge to Professionalism” ceremony during my graduation:)

  • I gathered data from anyone who can contribute: internal, external
  • I interviewed several professionals: The ones using OpenShift, the ones using Rancher…

Based on all those data, I began to write an honest comparison.

There have been major debates around that post on social media and also in the comments of the post (I published all comments regardless of the positive or negative views, except the ones which have annoying language)

In a conclusion, I think the honesty of the comparison and maybe the reason I expressed how the engineering mindset professionals feel working with OpenShift made the success of that blogpost. It was not intentional, all happened organically!

 

k8s Seattle Meetup

Facebooktwittergoogle_pluslinkedinmailby feather

Meetup happened at Google Fremont.

Although there were other presentations, i could only participate the following:

1. Aqua: As there are ongoing security concerns regarding with Docker/MicroServices approaches, as a response, i see various solutions to that. After my initial bias that Aqua is YADSC(Yet-another Docker Security Scanning), i realized it has other capabilities as well. Beside the CVE scan, it has also

  • Container Inspection which actively checks suspicious behaviour
  • Fingerprint the image from dev to production, preventing spoofing
  • Multiregistry support like ECR, GCR, Quay, JFrog…
  • Anomality Detection on containers
  • Prevent malicious behaviours

Demo regarding to malicious behaviour was fork-bomb

Fork_bomb

which is also known-as 

:(){ :|:& };:

If you enter this command on your bash, you will see the effect, no responsibility is accepted:)

@chernymi demonstraited the effect of fork-bomb and container freezed, after we saw that Aqua can handle this anomality.

2. rktnetes: @wobscale beginned with explaining what is rkt and differentiation with docker, going deeper with Stage1-2-3 approach of rkt.

He continued pointing out the SPOF of dockerd for <1.11 and continerd for >=1.11

Finally, he started to explain rkynetes, which basically use rkt as the container runtime.

Some of the benefits can be summarized as

  • There is no daemon running the containers
  • Works with systemd
  • runc is supported:)
  • features/speed competes with kubernetes:

‚Äč

Official release seems to be coming with Kubernetes 1.3

As a summary, Kubernetes is creating its own ecosystem as well. Especially for the ones using GCP, as Google Container Engine is kubernetes, it makes sense to go with.

Kubernetes (a.k.a. k8s) London Meetup

Facebooktwittergoogle_pluslinkedinmailby feather

One of my favorite thing2do when i visit London is to participate the SkillsMatter meetups.

This time i was lucky to join to the Kubernetes meetup!

Thanks for the Google to sponsor the pizza and beers before the meetup!

There was two seperate presentations:

Martin Devlin – Consul&Vault Integration with Kubernetes

Justin Santa Barbara – Kubernetes: Prologue,Present&Predictions

The second one, which is presented by Justin Santa Barbara, was interesting, also by the help of the cool presentation skills and positive energy of Justin!

Justin is one of the top committers on k8s project. 

Although there are various topics mentinoned, now i will be focusing some of the upcoming functions of the new releases:

1. Ingress: This can be referred as ingress traffic controller, waiting for L4&L7, so seems totally no need for AWS ELB in the future? 

2. DaemonSets: We can define certain pods to run on all nodes or on some nodes. Use-case of this can be 

  • having NewRelic run on each node (Which is the case for me currently)
  • having a log collection daemon on each node like SumoLogic
  • having a storage daemon like glusterd on each node

3. PetSets: This can be referred as stateful-application support. Self-healing databases can be a use-case, still trying to digout! 

The new release 1.3 is expected to be live by the end of June, lets see:)

Here are some pictures from the meetup:

kubernetes skillsmatter kubernetes skillsmatter


visited 41 states (18.2%)

Follow me on Strava