Using PKS — Moving from the Minors to the Champions League

The adoption of containers in today’s enterprises has created a fundamental need for a reliable container orchestration solution that is easy to integrate and manage.

Where there is a need, there is a solution! Kubernetes (or K8S for short) has grown to become the top choice for DevOps teams, who are deploying, scaling and managing containerized applications. Any DevOps team that starts using Kubernetes, knows that deploying a Kubernetes cluster is not an easy or trivial task, especially when done from scratch or if you plan future scale.

In an actual production environment, we can use automation tools to enable the creation of a Kubernetes cluster more easily. Based on our experience, we can assure that PKS (Pivotal Container Service where “K” stands for “Kubernetes”) is one of the best choices to answer that need. PKS is a container service by VMware & Pivotal targeting enterprises and service providers, created to deploy and consume container services with Kubernetes, and built with:

• high availability
• security
• build in network
• overlay for east/west, north/south traffic
• operational efficiency

Most importantly, VMware supports all solution components, including Kuberentes.

What is the benefit of PKS?

In order to understand PKS Architecture, we need to know that PKS is a product of a collaboration between Google, VMware and Pivotal, and that it builds on Kubernetes, BOSH, VMware NSX-T and Project Harbor (as an Image repository) to form a production-grade, highly-available container runtime that operates on vSphere and public clouds.

Kubernetes is a portable, extensible open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. Kubernetes does an excellent job managing containers, for example, but is less successful at managing virtual machines (VMs). If a node fails with pods running on it, Kubernetes will be aware of the failure. It will find a new node and redeploy those pods on it to maintain the applications layer availability. However, Kubernetes will never take care of the fallen node to return the cluster back to full strength. That is what BOSH brings to the game. BOSH will monitor the infrastructure layer. If a node goes down, BOSH will bring up another instance, will add it to the cluster and will restore the cluster to its full capacity.

Other complex use cases in the Kubernetes environment that our customers were dealing with are the networking and security issues. To answer that, VMware brings NSX-T, a software-defined Networking, that was built to address the cloud needs. NSX-T brings many capabilities in terms of visibility, monitoring and diagnosis, as well as micro-segmentation, enabling it to control east/west traffic flows between pods. During the transition of the applications to Microservices, your organization will probably enter an hybrid mode, while containers, VMs and physical servers will serve the application during this transition period. It can take years to containerize your application in full. NSX-T will assist in the security and networking challenge of managing containers, VMs and physical servers under the same NSX domain and under the same security policy.

An additional advantage PKS brings to the customer is the Harbor. Harbor is a trusted cloud-native repository that stores, signs, and scans content, with the mission of providing cloud-native environments the ability to confidently manage and serve container images. In addition to providing RBAC (Role-Based Access Control), LDAP (Lightweight Directory Access Protocol)/AD (Active Directory) support, Harbor enables enterprises with container image vulnerability scanning, policy-based image replication, and notary and auditing services.

As we can see PKS answers major needs. PKS handed out a production-grade Kubernetes solution on one hand, and integrated with the existing VMware infrastructure that the organization is already using on the other.

PKS takes your DevOps from the minors to the major league and provides your infrastructure team the required tools to support and operate production Kubernetes clusters at scale.