Conformant Kubernetes at Enterprise Scale with WKP

By bltd2a1894de5aec444
August 27, 2020

How do you maintain and build complete platforms without having to resort to manual configuration or bespoke scripting? Read how WKP's open and Kubernetes certified architecture helps build consistent platforms anywhere.

Related posts

Enterprise Kubernetes Solutions - Rancher, Red Hat OpenShift and Weave Kubernetes Platform

Modeling Kubernetes at Enterprise Scale

Bottlerocket with Fork, Clone, Run! - A Container Optimized OS with a GitOps model

certified_kubernetes_color-222x300.png

What began with containers has most enterprises now looking to deploy them at scale with Kubernetes. Many make the cloud native transition to increase deployment velocity, and to take advantage of the extra resources and abundant cloud services, but the benefits of Kubernetes and cloud go much further; they include increased scalability and flexibility, as well as self healing abilities and High Availability.  

Getting there though, involves more than simply spinning up a cluster. On top of a base Kubernetes install, there are the core add-ons you need to run it within its infrastructure as well as a way to monitor its health. In addition to this, there are the tools and applications your development teams require for CD pipelines, code tracing and logging. In some cases, you may also need to consider any tools for specialized requirements like machine learning or edge computing whose applications also need to be configured to work with Kubernetes.  

How do you maintain and build complete platforms without having to resort to manual configuration or bespoke scripting? Or even worse getting them to work with incompatible Kubernetes distributions.  

Conformance and Kubernetes certification  

Kubernetes distributions that meet compliance can solve part of that problem. Managed by the CNCF, conformance tests ensure that every vendor’s version of Kubernetes supports the required APIs. For anyone using Kubernetes, conformance enables interoperability from one Kubernetes installation to the next. The Weave Kubernetes Platform (WKP) recently met all of the conformance requirements and is now a fully certified Kubernetes distribution. In the rest of this post, we'll discuss what it means for WKP to be an open, and Kubernetes compliant platform.  

Deploy Kubernetes anywhere  

WKP is built from the ground up on open and standard technologies like Cluster API (CAPI). The Weave Kubernetes Platform uses GitOps as the underlying architecture and developer experience. GitOps simplifies platform configuration and its management across your organization by bringing together all the tools, services, and components that your team needs to create platforms anywhere including on-premise, across multiple public clouds or as a hybrid setup. 

Configuration models for consistent platforms  

With open standards like CAPI, entire Kubernetes platforms can be described with declarative configuration; including the cluster, and the components within the cluster, as well as all of the applications that are running on it. Because of this, a platform’s configuration can be stored together in Git as a cluster definition. In our product WKP, we call these cluster configuration definitions ‘models’.  

models-diagram.png

Operations teams build Kubernetes platforms by choosing from a set of curated add-ons and other tools from the Cloud Native landscape that solve common use cases such as monitoring, CI/CD deployment pipelines or specific cases such as machine learning.  

Once these are configured to work together, WKP allows you to check the configuration into Git as a model configuration definition.  By keeping configuration models in Git, developers and cluster operators have a self-service method to spin up correctly configured platforms based on their use case requirements anywhere.  

GitOps helps manage Kubernetes complexity  

When you add GitOps operations workflows to Git-based configuration models, you also have a reliable and secure way of delivering complete and consistent platforms.  In GitOps the use of software agents will alert on any divergence from the desired state. In the case of WKP, any platform configuration model kept in Git is always reconciled whenever an authorized change is pushed to Git or a configuration drift occurs, which keeps all of your clusters in a verifiably correct state.  

To help you meet business and other regulatory requirements, any attempted changes to configuration model definitions are checked against the GitOps Policy Manager, which is a standard component of the Weave Kubernetes Platform. Policies are rules that can be set up by either Platform or DevOps teams to determine the roles and permissions on who can commit changes to the base Kubernetes configuration.  

The GitOps Policy Manager then implements a set of Git-based rules built on top of the Open Policy Agent (OPA) standard that are managed by pull request. This ensures that cluster changes are only initiated by the roles that are permitted to do so.  

GitOps advantages  

Having your entire system described and managed and secured from Git brings a number of advantages:     

Self-service Kubernetes platforms  

GitOps is a common workflow for both application deployments and for cluster management operations. Simply checkout a configuration model from Git to easily spin up a complete and fully configured platform.    

Reliable, repeatable platform configuration  

Because software agents ensure that each environment is configured as originally defined and versioned in Git, environments can be scaled accurately anywhere. GitOps best practices provide consistency across all infrastructure and application stacks -- in public and private clouds, on-premise, and in data centers. 

Secure, compliant cluster operations 

GitOps provides you with a built-in audit trail of who did what to the cluster configuration. Likewise, Git’s strong encryption and security guarantees improve overall Governance. Since your entire system described in Git, your platform can be easily reproduced making it an effective Disaster Recovery plan to meet compliance. 

Complete cluster lifecycle management 

Manage the entire lifecycle of the cluster from a single pane of glass. Apply Kubernetes upgrades and security patches, as well as any version upgrades and fixes for components and add-ons from within Git. WKP and GitOps automate cluster configuration management. Control who can apply upgrades, and security patches and which components can be upgraded. 

Explore how Mettle by Natwest and Global Freight Solution (GFS) implement GitOps to speed up deployments and increase productivity.

Final Thoughts 

If you want to gain the flexibility and scalability that Kubernetes offers, then you need a platform that is built on open standards like the Cluster API. The Weave Kubernetes Platform is a production ready platform with GitOps as the underlying architecture and developer experience. Simplify cluster configuration and management across your organization by bringing together all the tools, services, and components that your team needs to run into a single platform and managing it all through pull request. WKP also provides policy and Git-based rules to specify, audit, and control who can change what in the cluster configuration. 

And now WKP is fully Kubernetes certified and compliant. If you would like a demo of the Weave Kubernetes Platform contact us.


Related posts

Enterprise Kubernetes Solutions - Rancher, Red Hat OpenShift and Weave Kubernetes Platform

Modeling Kubernetes at Enterprise Scale

Bottlerocket with Fork, Clone, Run! - A Container Optimized OS with a GitOps model

GitOps on AWS for High Performing Team Operations - Realize the full value of Kubernetes by leveraging GitOps to manage operational complexity.