How to Navigate Kubernetes Platform Implementation

Tech Community • 4 min read

In the area of Kubernetes (K8s) platform implementation, the hub and spoke model, in which a central team develops the platform and other teams consume it, has emerged as a versatile approach, offering flexibility and scalability to cater to diverse organisational needs. 

This model presents two alternative methods, each with its own nuances and advantages, for deploying and managing K8s platforms within enterprises.

Models for Platform Creation and Vending

Option 1: Decentralised Implementation

In this model, the hub generates the platform code while the spokes independently implement the platform in their respective accounts. Spokes assume the responsibility of adding configurations and managing their platforms autonomously. This can work well for mature teams who can operate independently. 

On the other hand, for teams with little knowledge of platform management there may be complications. This model can also lead to drift away from the platform concept due to teams customising the platform once they are managing it.

Option 2: Centralised Implementation

Alternatively, the hub not only generates the code but also handles its implementation and configuration. Spokes, in this scenario, submit configurations to the hub, which utilises pipelines to integrate these configurations and provision resources for the spokes. 

This centralised approach fosters shared management between the hub and spoke entities and works well when an enterprise wants to maintain consistency and control over implementation or when consumer teams lack maturity to successfully manage a platform.

Choose the option based on careful consideration of the existing organisation environment and requirements.

6 Platform Development and Implementation Considerations

1. Tooling and Pipelines

In K8s platforms Terraform can manage the infrastructure and Helm can deploy services. Both working well in a CI/CD environment, where pipelines streamline platform modifications.

While a pipeline tool such as Harness can be used for platform deployment, it is often seen as essential to employ modern GitOps methodologies alongside tools such as ArgoCD or Flux to implement continuous delivery (CD). GitOps streamlines cluster deployment, using Git for declaratively infrastructure configurations. ArgoCD and Flux automate cluster state synchronisation with Git repositories, enabling automatic change application to Kubernetes resources. 

This approach enhances traceability, repeatability, and collaboration in K8s platform management, aligning with modern DevOps practices.

2. Platform Layers

A K8s platform architecture typically involves a number of layers, the creation of the cluster itself and configuration of services on the cluster. The creation of the cluster is best carried out leveraging services like Amazon EKS on AWS or AKS on Azure, or through the use of a management service wrapper such as Red Hat's Openshift or SUSE Rancher. 

Configuration of services on the cluster can be managed using Helm resources, although for an enterprise this can become complicated due to the number of potential foundation services to be added. CD pipelines should facilitate the deployment of platform layers through environments

3. Extensibility

To accommodate the addition of custom extensions and elements to the platform, post-cluster creation code execution capabilities are essential. This enables consumers of the platform to tailor the platform implementation to their specific requirements. This may involve adding additional services to support consumer workloads. 

It should not however include the consumer workloads themselves which should be managed with their own workflows.

4. Configuration

Configuration factors of the cluster and services play a crucial role in platform deployment. Providing choices and toggles for various services allows for customisation based on organisational needs. However, maintaining consistency and visibility, especially with vended code, poses challenges that require careful consideration. 

5. Upgrades

Efficient management of upgrades is paramount in maintaining a robust K8s platform. Considerations must be made for seamless upgrade processes, especially in enterprise-level deployments where downtime can have significant repercussions. With the option 1 model it becomes the consumer's responsibility to deploy upgrades, this can make consistent versions across an organisation difficult to manage. 

As more consumer workloads are deployed to the platform upgrades can become increasingly complex. Basic solutions may include blue/green style side by side clusters with DNS or target based switchover, this can be a blunt method but effective. Alternatively components of a platform can be upgraded in place, although this can carry some risks and must be managed carefully.

6. Enterprise Considerations and Service Mesh

Enterprise-grade K8s platforms often require extra control over cluster networking. Implementing a service mesh, such as the popular Istio Service Mesh, on the K8s platform addresses this need but introduces complexities in configuration management. The adoption of a service mesh offers enhanced control and observability in microservices architectures. 

However, managing the configuration of a service mesh can be daunting, particularly for teams lacking in-depth knowledge. To simplify mesh configurations and management, tools like Gloo Enterprise provide a solution. Acting as a mesh management layer, Gloo Enterprise centralises configuration and simplifies constructs for consuming teams, thereby enhancing oversight and usability. 

Additionally, Cilium, a popular networking and security solution, offers powerful features that streamline service mesh configuration.

Conclusion

In conclusion, the hub and spoke model, coupled with appropriate tooling, configuration management, and strategic consideration of upgrades and enterprise requirements, forms the backbone of a robust and scalable Kubernetes platform strategy. 

By embracing extensibility and leveraging advancements in service mesh technology, organisations can navigate the complexities of modern application deployment with confidence and efficiency.

Peter OatesLinkedInSenior Cloud Architect

Get in Touch.

Let’s discuss how we can help with your cloud journey. Our experts are standing by to talk about your migration, modernisation, development and skills challenges.

Ilja Summala
Ilja’s passion and tech knowledge help customers transform how they manage infrastructure and develop apps in cloud.
Ilja Summala LinkedIn
Group CTO