Kubernetes Just Got Easy

Kubernetes is the de-facto industry standard for deploying and managing container-based cloud native solutions, and microservice architectures. Kubernetes provides a consistent approach to orchestrate applications and services running as containers clusters, providing features such as configuration of deployments, horizontal scaling, services exposure, and many other. It has an enthusiastic open-source community, rich ecosystem of extensions, and backing from all major cloud providers. Non-withstanding all the merits of Kubernetes, many professionals, newcomers and seasoned, have voiced some frustration with the steep learning-curve imposed by Kubernetes. This is caused in part by the complexity of Kubernetes resource model, the sometimes non-obvious concepts, the need for intricate YAML manifest files for configuration, and to some extend lack or immaturity of high-level tooling.

This is where Cloud Manager comes to the rescue, by providing a powerful and yet simple to use web-interface to Kubernetes. Contrary to most web-interfaces for Kubernetes which are limited on the set of operations that can be performed without falling-back to command-line tools, Cloud Manager provides a seemly experience to most common workflows and actions. This include both setup of clusters and aspects of the infrastructure, and daily activities such as deployment, scaling and configuring of applications, running and schedule jobs and cronjobs, install and customize marketplace solutions, setup and trigger CICD pipelines, and overall configuration and management of resources. Furthermore, when in multi-user/enterprise mode Cloud Manager enables the cooperation between team members.

In this article, we provide a brief overview of the key features and user stories offered by Cloud Manager and why we think it makes adoption of Kubernetes much easier and pleasant for developers and devops work in general. In the last section, we show some of the simpler ways to get started and install Cloud Manager running as standalone docker container, or in an existing Kubernetes cluster. It free to get started, so a few minutes of your time might be enough to get you and your organization go from “zero to hero” with Kubernetes.

An animated short-video video, demonstrating common workflows and high-lighting key features of Cloud Manager, is also available as a companion to this article.

Multi-Cloud, Multi-Cluster Management

Cloud Manager is designed from the ground-up to support devops in multiple Kubernetes clusters and multiple clouds, including on-premises and public clouds from multiple providers. You configure access to one or more clusters, and benefit from an integrated environment to manage deployments and resources in all these clusters at the same time. For fast setup, you can import clusters from most common public cloud provider by simply entering an access token — obtained from the provider’s web console or the corresponding command-line tool. Currently, Cloud Manager supports cluster imports from AWS, GCP, IBM Cloud, Azure, DigitalOcean, Linode, and others.

We expect that many organizations and startups will want to exploit the benefits of using multiple clusters and multiple cloud-providers. Motivations for this are varied, including strict separation of development, testing, and production clusters, short-lived task-specific cluster provisioning, capacity overflow, legal and data placement requirements such as GDPR in Europe, and awareness/response to price variations among providers and over time. Having a high-level tool like Cloud Manager that allows seemly navigation between clusters and providers, with support for the migration of apps, configuration and data, can be highly valuable.

Flexible Setup

Cloud Manager can run as standalone app in single-user mode, or in multi-user/enterprise mode with a side-kick SSO Gateway as an authentication & identity provider. This allows for uniform access-control over all Kubernetes managed resources in multiple clusters. It also enables collaboration on Kubernetes operations, using a simplified role-based access-control model (loosely inspired in CloudFoundry) that maps into Kubernetes RBAC abstraction. New users can be added by simple invitation. The SSO Gateway is provided as part of an integrated platform, with includes other optional support services, such as: a user notifications service — to notify collaborating users of events triggered by other, an external file storage service — e.g. for data backup snapshots, and social chat/comments in (name)space dedicated channels.

We believe this dual mode of operation of Cloud Manager provides the best trade-off between simplicity and flexibility. The single-user installation is most convenience for individuals deploying to Kubernetes (e.g. think independent developers and startup founder), with no collaboration requirements, and preferring a minimal installation footprint. In this mode, it runs as a single deployment from a single docker image. On the other hand, enterprises and teams benefit for additional features for collaboration and access-control. In this context, having a slightly larger installation footprint for a few side-kick support services is a small price for the gained functionality.

Kubernetes support sharing of clusters (multi-tenancy) across projects, project life-cycle stages, and/or teams, with the concept of namespaces. Each namespace defines a logical scope for resource naming and reference. In Cloud Manager, namespaces are designed as Spaces, for short. Cloud Manager provides an integrated interface to manage Spaces across the different clusters, making the physical location of spaces and clusters a “no issue” in everyday work.

Simplified Deployments

Several related moving parts need to be setup in Kubernetes for an application to deployed and become accessible by end-users and/or other applications. This includes several variations of the concept of deployment, such as (stateless) Deployments, StatefulSets, and Pods (instances), selecting the ways to expose a service, and how to configure the app (e.g. with Configmaps and Secrets). This raw complexity while providing flexibility complicates matters, and hinders productivity. Fortunately, high-level tools can to large extend simplify or abstract all this away. In Cloud Manager, apps and services run with minimal configuration, with all the required resources being automatically created at deployment time.

Troubleshooting deployments is also an essential aspect of everyday work for developers. This includes checking logs, double-check meta-data and configuration, browse containers’ file-system, and run ad-hoc shell commands inside containers. Having an integrated web UI where all this tasks can be accomplished without stress and fuzz, increases the productivity of developers and increases the ability to rapidly identify and address issues. Likewise, scaling application resources and instance count (horizontal scaling), is core functionality of Kubernetes. Being able to do this without weaving complex and error-prone manifest files, adds to project and developers’ health.

Cloud Manager also simplifies considerable the management of HTTP(s) routes to expose applications. For start, it allow DNS domains to defined with the corresponding certificates required for proper TLS/HTTPS authentication. This includes, the ability to automatically connect to providers to issue certificates using the ACME protocol. Internally, Cloud Manager automatically configures one (or more) Kubernetes ingress for the application service automatically, and create the appropriate secrets for the certificate.

A distinguish feature of Cloud Manager is that is uses a (relational) DB to store some configuration data, in complement to the etcd store used by Kubernetes clusters. This is used to store a variety of configuration information, such as cluster and space meta-data, but it also an enabler to allow deployment configuration to be done interactively. In particular, it makes it possible configure deployments, and “copy-paste” them across spaces and clusters, even if the underlying Kubernetes cluster is deleted or is unreachable.

Installing Marketplace Solutions from Catalogs

Deploying and installing third-party software, packaged as Docker images and running inside containers, is one of the best use-cases for Kubernetes. This includes end-usage applications, support services, and web tools. It allows developers and organizations to reuse existing software provided by the community, with having to keep reinventing the wheel and paying the cost of doing so. Cloud Manager makes it easy to setup one or more marketplace Catalogs, each defined with an external index files specifying a collection of solution that can be installed. The format of the catalog index is compatible with other tools and several packing formats for solutions are supported – including a native format, and Helm Charts — a popular command-line tool to install applications in Kubernetes clusters. At installation time, resources and other settings can be fine-tuned for customization.

In addition to catalogs, reusable marketplace solutions can also be defined standalone and interactively . This is useful for ad-hoc reuse inside a team or organization, without the trouble of creating a catalog index (e.g. to install services from a micro-service architecture developed in-house).

Cloud Manager also comes with built-in with management consoles for several kinds of services. Examples include file browsing and uploading to HTTP servers (e.g. Nginx) with a File Manager style UI, and database management console for ad-hoc querying, troubleshooting and data backups/snapshots. Currently supports MySQL/MariaDB, with support for other DBs in the road-map.

Continuous Delivery (CI/CD)

Being able to quick iterate and deploy new versions of applications, is considered a mandatory requirement to deliver quality software, and respond quickly to market pressures and user demands. Continuous Integration/Delivery pipelines (CI/CD) achieve this by automating all steps required for a build and deploy — from source code update and commit, to deployment to the cloud. Tekton is an extension to Kubernetes to allow such pipelines to be defined. Pipelines are defined using a set of tasks, and among other uses can be used to build new images of applications as the source code evolves.

Cloud Manager provides simplified support for CI/CD pipelines with Tekton, allowing builds to be done with minimal configuration. Developers start by defining the settings to access a GIT provider (such as GitHub), and configure one or more Docker image registries (such as DockerHub). An application is configured by simply selecting a GIT repository where to pull source code, selecting a builder pipeline, and specifying the name of the image to be build and pushed to the registry. All the details of configuring Tekton and Kubernetes for running the build inside of the cluster are taken care automatically by Cloud Manager.

Cloud Manager also simplifies the setup of cluster to work with Tekton. Including installing the runtime, and preferred pipeline and task definitions from catalogs.

Getting Started

Cloud Manager is packaged as a docker image, and can be deployed on-premises, in public clouds, or in the a developer’s laptop. The simplest way to get started, and with minimal install footprint, is to run it in single-user mode as a single docker image. To run as a docker container type:

docker run -p5005:2500 einnovator/einnovator-devops cm -d

This runs the latest version of Cloud Manager in a docker container named cm. Open the web browser in URL http://localhost:5005 to access the console and get started.

Alternatively, if you already have a Kubernetes cluster setup, you can install Cloud Manager using an Helm chart. Run the following commands:

helm repo add ei https://cdn.einnovator.org/charts
helm repo update
kubectl create ns devops
helm -ndevops install cm ei/einnovator-devops

This create a new Helm release with name cm (you can selected another name, if you want). The name of the chart being installed is einnovator-devops and the ei/ prefix is the name of the helm repository where the image is pulled. Installation is done in newly created namespace devops.

To expose the installed service, there are several possibilities. The simplest one to get started is to use kubectl port-forward, as shown below.

Linux/MacOS:

export POD_NAME=$(kubectl get pods -ndevops -l "app.kubernetes.io/name=einnovator-devops,app.kubernetes.io/instance=cm" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace test port-forward $POD_NAME 5000:80

WindowsOS:

kubectl get pods -ndevops -l "app.kubernetes.io/name=einnovator-devops,app.kubernetes.io/instance=cm" -o jsonpath="{.items[0].metadata.name}" > sso-pod.txt
set /p POD_NAME = < cm-pod.txt
kubectl -ndevops port-forward $POD_NAME 5000:80

This should give you enough details to get started. To learn about other installation options and settings, including running in multi-user mode see the references below.

A final “Getting Started” option worthy of mention here, is to use a cloud installation setup as a public cloud by EInnovator at: https://cloud.einnovator.org.