The InfoQ Architects' Newsletter is just over one year old! In our fourteenth issue we are exploring container orchestration and scheduling. With the increasing uptake of public cloud across the IT landscape, combined with the emergence of additional "cloud native" architecture patterns and technologies like containers, it is fast becoming essential for architects to gain a better understanding of this space.

News

eBay Replatforming to Kubernetes, Envoy and Kafka: Intending to Open Source Hardware and Software

eBay has discussed how they are conducting a replatforming initiative across their entire technology stack, which includes building and releasing as open source both the new hardware and software created. Open source is "fueling the transformation" of eBay's infrastructure, and they intend to use cloud native technologies like Kubernetes, Envoy, MongoDB, Docker and Apache Kafka.

Better Developer Experience at Netflix: Polyglot and Containers

Mike McGarr, manager of developer productivity at Netflix, recently presented "Better DexEx at Netflix: Polyglot and Containers" at QCon New York 2018. He described how Netflix has evolved from operating primarily as a Java shop to an organisation that supports developer tools built with multiple programming languages.

Netflix have created an internal tool, named Newt, which is a command-line developer workflow tool that utilises Docker containers to encapsulate language-specific build environments. This allows non-JVM engineers at Netflix to take advantage of Java-based utilities without the need to install a Java build toolchain on their local machine.

Microsoft Announces Public Preview of Windows Container Support in Azure App Service

Microsoft has released the public preview of Windows container support in Azure App Service, their fully-managed application deployment platform, which provides more control over what gets installed into the App Service environment. This announcement extends the capabilities of the web app for containers service to not only run Linux based environments, but also now Windows-based containerised environments as well.

Microservices in a Post-Kubernetes Era

The microservice architecture is still the most popular architectural style for distributed systems, argued Bilgrin Ibryam in this recent InfoQ article, but Kubernetes and the cloud native movement have redefined certain aspects of application design and development at scale. On a cloud native platform, observability of services is not enough; a more fundamental prerequisite is to make microservices automatable, by implementing health checks, reacting to signals, declaring resource consumption, etc.

In what Ibryam refers to as the "post-Kubernetes era", using libraries to implement operational networking concerns (such as Hystrix circuit breaking) has been completely overtaken by service mesh technology. Ibryam argues that microservices must now be designed for "recovery", by implementing idempotency from multiple dimensions; and that modern developers must be fluent in a programming language to implement the business functionality, and equally fluent in cloud native technologies to address the non-functional infrastructure level requirements.

Cloud Native Computing Foundation Accepts Harbor into CNCF Sandbox

The Cloud Native Computing Foundation (CNCF) has announced that they have accepted Harbor, a cloud-native registry that stores, signs, and scans container images, into their sandbox. Harbor extends Docker Distribution, the Docker toolset used to work with Docker content, by adding functionality such as security, identity, and management.

Run your Kubernetes Workloads on Amazon EC2 Spot Instances with Amazon EKS

In an AWS Compute Blog post, Madhuri Peri, Sr. EC2 Spot Specialist SA, and Shawn O'Connor, AWS Enterprise Solutions Architect, have discussed how many organisations today are using containers to package source code and dependencies into lightweight, immutable artifacts that can be deployed reliably to any environment; and they are also keen to reduce costs.

This post demonstrates how to use AWS EC2 Spot Instances as Kubernetes worker nodes on AWS's hosted Kubernetes offering, Amazon EKS, and shows the areas of provisioning, automatic scaling, and handling interruptions (termination) of K8s worker nodes across your cluster.

Jenkins to Focus Efforts on Stability, Ease of Use and Cloud Native Compatibility

The Jenkins project team has decided to split its efforts between focusing on stability issues and on better support for running on platforms like Kubernetes. The former, which will potentially have backward-incompatible changes, will impact the release model and provide a more preconfigured installation, whereas the latter will work on similar lines as the existing Jenkins X project.

Case Study

Weaveworks Explain Their "GitOps" Model for Using Developer Tooling to Implement Container CI/CD

Over the past year, the Weaveworks team has increasingly refined the ideas around the practice of "GitOps", their name for how they use developer tooling to drive operations and to implement continuous delivery.

GitOps is implemented by using the Git distributed version control system (DVCS) as a single source of truth for declarative infrastructure and applications. Every developer within a team can issue pull requests against a Git repository, and when merged, a "diff and sync" tool detects a difference between the intended and actual state of the system. Tooling can then be triggered to update and synchronise the infrastructure to the intended state.

Alexis Richardson, founder and CEO of Weaveworks, and Ilya Dmitrichenko, community engineer at Weaveworks, have written a series of articles explaining the concept of GitOps on their company blog. The Weaveworks team claims that GitOps allows development teams to increase their velocity and improve system reliability. They have discussed how they have implemented GitOps internally for the delivery of their products, and also how they offer the building blocks for this approach via their Weave Cloud SaaS product.

The guidelines for Weaveworks' current implementation of GitOps, which uses containers and Kubernetes for deployment, includes:

1. Everything within the software system that can be described as code must be stored in Git: By using Git as the source of truth, it is possible to observe a cluster and compare it with the desired state. The goal is to describe and version control all aspects: policies, code, configuration, and even monitored events and dashboard definitions.

2. The 'kubectl' Kubernetes CLI tool should not be used directly: As a general rule, it is not a good practice to deploy directly to the cluster using kubectl. The Weaveworks team claims that many people let their CI tool drive deployment, but by doing this, they are not practicing good separation of concerns, and are "potentially giving a notoriously hackable thing access to production".

3. Use a Kubernetes controller that follows an "operator pattern": By extending the functionality offered by Kubernetes, using a custom controller that follows the operator pattern, the cluster can be configured to always stay in sync with the Git-based 'source of truth'. The Weaveworks team uses "diff" and "sync" tools such as the open source kubediff, as well as internal tools like "terradiff" and "ansiblediff" (for Terraform and Ansible, respectively), that compare the intended state with actual state.

The ability to compare and manage the current state of both infrastructure and applications so that a team can test, deploy, and rollback with a complete audit trail encapsulated within the associated Git logs is what "encompasses the GitOps philosophy and its best practices". Modern platform components make this approach much more viable in comparison with older technologies because, for example, Kubernetes is managed almost entirely through declarative config, and containers can be (relatively) easily built to be immutable.

Additional information on GitOps can be found in the full version of this news items on InfoQ: "GitOps": Weaveworks Explain Their Model for Using Developer Tooling to Implement CI/CD

To get notifications when InfoQ publishes content on this topic follow Containers on InfoQ.

Missed a newsletter? You can find all of the previous issues on InfoQ.

This edition of The Software Architects' Newsletter is brought to you by:

QCon San Francisco (Nov 5-7) is a direct invite annual software conference for team leads, architects, senior developers, and technical engineering managers driving innovation on their teams. QCon features 18 individually curated tracks (or software topics) to choose from, one being entirely dedicated to container orchestration. Co-Creator of Kubernetes & GCE Joe Beda leads this container track. Speakers include Manager of Container Cloud @Netflix Andrew Spyker, Member of Technical Staff @CockroachDB (previously SWE @GCPcloud) Alex Robinson, Staff Engineer @heptio Bryan Liles.

Register using the code INFOQSF18 and get an extra $100 off!

*the code can be used for 3/4/5 days tickets only - the discount does not apply to workshops or training only ticket

InfoQ strives to facilitate the spread of knowledge and innovation within this space, and in this newsletter we aim to curate and summarise key learnings from news items, articles and presentations created by industry peers, both on InfoQ and across the web. We aim to keep readers informed and educated about emerging trends, peer-validated early adoption of technologies, and architectural best practices, and are always keen to receive feedback from our readers. We hope you find it useful, but if not you can unsubscribe using the link below.

Forwarded email? Subscribe and get your own copy.