?Kubernetes takes a big step forward with version 1.8

If you want to manage containers in the cloud, Kubernetes is the program for you. Its latest release, Kubernetes 1.8, is better than ever.

Why is this important? Containers are moving quickly into becoming the way to run server-level applications both in data-centers and the cloud. According to a recent report from research house Redmonk, 54 percent of Fortune 100 companies are already running Kubernetes. Some of these are truly massive jobs.

For example, Ancestry.com has 20 billion historical records and 90 million family trees. This makes it the largest consumer genomics DNA network in the world. With Kubernetes, its deployment time for its Shaky Leaf icon service was cut down from 50 minutes to two or five minutes. Paul MacKay, an Ancestry software engineer and architect, wrote, “We’re very close to having everything that should be or could be in a Linux-friendly world in Kubernetes by the end of the year.”

Perhaps the most significant feature in this new release is role based access control (RBAC). This enables cluster administrators to dynamically define roles to enforce access policies through the Kubernetes application programing interface (API).

RBAC also includes beta support for filtering outbound traffic through Kubernetes network policies augments existing support for filtering inbound traffic to a pod. Pods are Kubernetes’ smallest deployable units. They are made up of one or more containers with shared storage, network, and a specification on how to run the containers. Together, RBAC and network policies are two powerful tools for enforcing Kubernetes organizational and regulatory security requirements.

This edition also brings the core Workload APIs to beta. This contains the most recent versions of Deployment, DaemonSet, ReplicaSet, and StatefulSet. The Workloads APIs is now stable. It can be used to migrate existing workloads to Kubernetes and for developing cloud native applications. The Workloads API also helps big data users by enabling native Kubernetes support for Apache Spark.

Another beta feature, Custom Resource Definitions (CRDs), provides a mechanism to extend Kubernetes with user-defined API objects. Why would you use this? One way is to use CRDs to automate complex stateful applications such as key-value stores, databases, and storage engines through the Operator Pattern. CRDs don’t currently have validation, but that’s expected in the next release.

With a nod to old-style computing, CronJobs is now in beta. This will enable administrators to run batch container workloads, such as nightly extract, transform, and (ETL) data warehousing jobs.

Diving deeper, Mike Barrett, Red Hat OpenShift project manager and Joe Brockmeier, Red Hat Linux container evangelist, wrote that their customers are looking forward to batch jobs, we believe that Resource Management Working Group “alpha code will enable the next wave in cloud computing.”

This gives developers access to hardware via Device Manager for access to hardware devices such as NICs, GPUs, FPGA, Infiniband and so on; CPU Manager: so users can request static CPU assignment via the guaranteed Quality of Service (QOS) tier, and HugePages so users can consume huge memory pages of any size supported by the underlying hardware.

A feature CoreOS, a container and Kubernetes power, is particularly excited about is Kubernetes advanced auditing going beta. This, said Eric Chiang, a CoreOS engineer “introduces formatted audit logs, policies to control what’s audited, and a webhook to send events to external services. Audit events can now be configured to include entire request payloads, aggregated in a central location. … The audit event format will only make backward compatible changes. This creates an opportunity for the community to start experimenting with ways of consuming, displaying, and acting on events from the audit log webhook. An early example of this is the audit2rbac tool, which consumes audit events and to automatically create RBAC profiles.”

Put it all together and you have a major step forward in making Kubernetes the do-it-all cloud container orchestration program.


Mirantis enters the Kubernetes game and ups its OpenStack play

Besides managing OpenStack clouds, Mirantis is adding cloud container management to its skillset with Kubernetes.

How to get the Kubernetes help you need

As Kubernetes cloud container orchestration grows ever more important, so does the need for qualified Kubernetes administrators.

Enterprise container DevOps steps up its game with Kubernetes 1.6

The popular enterprise container DevOps program, Kubernetes, is now ready to handle up to 5,000 nodes in a single cluster.


If AWS is serious about Kubernetes, here’s what it must do

Amazon Web Services has joined the “Anyone-but-AWS” club, pledging its support to the Cloud Native Computing Foundation to better align with the Kubernetes crowd. It’s not as if the cloud giant had much of a choice: As much as AWS wanted to ignore Kubernetes into obsolescence, the gravitational pull around Kubernetes is simply too strong. Although most people view the CNCF announcement as a big endorsement for Kubernetes, AWS has been far cagier, offering precious little information on what it plans to do.

The big question is just how far Amazon will go to support the open source project voted most likely to “take down AWS,” as WS02 CEO Sanjiva Weerawarana? said. Here is what AWS must do: Build a Kubernetes service.

To read this article in full or to leave a comment, please click here

InfoWorld Cloud Computing

Azure Container Instances: No Kubernetes required

Microsoft has introduced a new container service, Azure Container Instances (ACI), that is intended to provide a more lightweight and granular way to run containerized applications than its Azure Container Service (ACS).

ACI runs individual containers that you can configure with specific amounts of virtual CPU and memory, and that are billed by the second. Containers can be pulled from various sources – Docker Hub, the Azure Container Registry, or a private repository – and deployed from the CLI or by way of an Azure template.

Microsoft is emphasizing how ACI is complementary to ACS, rather than a replacement for it. ACI is meant for smaller, more burst-able workloads, or as a way to temporarily satisfy a surge in demand, rather than as a way to deploy complex, long-running applications with many interdependencies between containers.

To read this article in full or to leave a comment, please click here

InfoWorld Cloud Computing

Microsoft acquires Deis to boost its Kubernetes chops

Microsoft is acquiring Deis, a company that makes tools to work with the Kubernetes open-source container orchestration system. The deal, announced Monday, marks Microsoft’s continued interest in container orchestration.

Deis creates tools that aim to simplify the development of modern, containerized applications. Containers allow developers to write an application for an isolated, portable runtime that is supposed to be easily transferrable from a workstation to a server environment.

Tools like Deis’s Workflow, Helm, and Steward are supposed to ease the complex process of managing multi-container applications. They build on top of Kubernetes, the popular open-source container orchestration system that Google released to the world in 2014. Deis plans to continue its contributions to those tools as part of Microsoft, company CTO Gabe Monroy said in a blog post.

To read this article in full or to leave a comment, please click here

InfoWorld Cloud Computing

IBM chases Google, Microsoft with Kubernetes in the cloud

It’s only a matter of time before every major cloud vendor offers a version of Kubernetes as a service. Now it’s IBM’s turn.

This morning IBM announced the next logical step in its work with Docker containers: Kubernetes support on its Bluemix Container Service. Currently available in a limited beta, its feature set should match Google’s and Microsoft’s offerings.

Kubernetes, the Bluemix way

Previously, the default for managing Docker containers on Bluemix Container Service was to spin them up individually by hand or to use Bluemix’s container groups metaphor, where Bluemix directly managed multiple containers running the same image.

To read this article in full or to leave a comment, please click here

InfoWorld Cloud Computing

Kubernetes – the platform for running containers – is getting more enterprisey

Application containers are all the buzz nowadays. They’re an easy way to package applications and their dependencies into Linux container boxes and run them anywhere – public cloud, a private data center or a developer’s laptop.

The problem comes when managing a whole lot of containers together.

+MORE AT NETWORK WORLD: Everything you need to know about Google I/O 2016 | Will containers kill the virtual machine? +

screen shot 2016 05 19 at 2.49.55 pm

There are a handful of platforms emerging for managing containers at scale. Docker – the company that is credited with generating much of the market buzz about containers – has its own tool called Swarm. Google – which has said that most of its internal apps run in containers – has open sourced its own container management platform named Kubernetes.

To read this article in full or to leave a comment, please click here

Network World Cloud Computing

IDG Contributor Network: Weaveworks moves beyond Docker with plug-in for Kubernetes

An announcement coming today from networking vendor Weaveworks is interesting in and of itself, but even more so when seen in the broader context.

Weaveworks is the vendor behind Weave, a networking and monitoring tool for the Docker containerization platform. The company is today announcing the availability of a plug-in for the Kubernetes cloud-native operating system. Weave Net 1.5 works with the Kubernetes Container Networking Interface and allows multicast networking integrated with Kubernetes-based applications.

Weaveworks is talking up the applicability of this offering to specific verticals, in particular, the financial services industry:

To read this article in full or to leave a comment, please click here

Network World Cloud Computing

Hypernetes unites Kubernetes, OpenStack for multitenant container management

Hyper, creator of a VM isolated container engine that’s compatible with Docker, has debuted a project for running multitenant containers at scale.

The Hypernetes project fuses the Hyper container engine with Kubernetes and uses several pieces from OpenStack to create what it describes as “a secure, multitenant Kubernetes distro.”

At the bottom of the Hypernetes stack is bare metal, outfitted with Hyper’s HyperD custom container engine to provision and run containers with VM-level isolation. Kubernetes manages the containers through HyperD’s API set. Other functions are controlled by components taken from OpenStack, including Keystone, for identity management and authentication; Neutron, for network management; and Cinder/Ceph, for storage volume management.

To read this article in full or to leave a comment, please click here

InfoWorld Cloud Computing