So, you have decided that you want to adopt Kubernetes, GREAT..
But now you are reading blogs, and watching youtube videos that keep highlighting the complexity of Kubernetes, and its freaking you out! Not so great.. what do you do??
Like it or not, Kubernetes can be complicated, but for good reason.
You see Kubernetes is considered to be the "operating system of the cloud" and as such, it needs to be modular, and near infinitely customizable.
In order to be so universally accepted, it cannot impart any default settings that may impact its broad use. This translates to a default "pure upstream" installation that is extremely vanilla, and open, in its base configuration. Awesome, except it expects you to know how to take it from vanilla and adjust for your specific needs, and if you don’t, you will hit the complexity wall.
One way around this complexity is to leverage Kubernetes distributions that are released by companies that offer an "opinionated" version, which, through their install process, actually defines some sane defaults, bit still, they only go so far.
One really important thing to keep in mind; Kubernetes alone is not sufficient for you to actually go into Production with.
Kubernetes is no more a complete platform than a VMware ESXi Host is a Virtual Infrastructure Platform. We all know that you need far more than just a hypervisor to successfully run a Virtual Infrastructure Platform. Same is true with Kubernetes.
To use Kubernetes in production, you need tools to facilitate monitoring, alerting, security, access, authentication, compliance, and provisioning/life cycling (UI, CI/CD, or GitOps). There are a number of tools from (the approx 1200) CNCF members that address these needs, but again, its up to you to decide which are right for you, and its up to you to make sure each are interoperable with each other (and the underlying Kubernetes version(s) you are using). Another complexity wall. Of course, you could just follow everyone else, and use the tools they use, but is this right for your needs? Maybe they are far more advanced in their use than you are.
So what can you do?
You have a couple of choices.
Option 1:
You can elect to purchase your Kubernetes platform from a managed service provider, in what is best defined as a "Kubernetes as a Service" offering. Popular offerings are Amazon EKS, Google GKE, Azure AKS, along with Civo, DigitalOcean DoKS, and Linode Kubernetes.
For anyone deploying on-premises, we strongly recommend MicroK8s from Canonical, as its so easy to deploy, upgrade, and triage. Its also really easy, with its plugins, to adjust for your specific needs post deployment.
With this option, to get the desired simplicity, you need to be "all in" with just a single provider, and leverage their additional Kubernetes management tooling to help you setup a full Kubernetes Platform. Why? Because each provider is subtly different from the other. Sure their Kubernetes offerings are relatively standardized, but their ancillary tooling is extremely bespoke and locked to their offerings. How AWS does user authentication is very different to how Azure or Google do it.
Option 2:
You can deploy a Kubernetes Management Platform (like Portainer, but there are others too), that provides the central, and vendor neutral, tooling required to correctly manage and secure Kubernetes environments. The benefit of this option is that the agnostic nature of centralised tooling means you get to use any combination of backend Kubernetes as a Service providers.
These tools often include built-in capabilities that expand basic Kubernetes into a full Platform, with built-in Monitoring, CD/GitOps, Governance, and Security controls. Generally a Kubernetes Management Platform is all you need to get started with Kubernetes in Production. If you are looking for the easiest way to get started, then this is likely your best choice.
Clearly though, there is a degree of "lock-in" from the Kubernetes Management Platform, so you need to ensure that these platforms allow you to use any Kubernetes back end (not only their own distribution, if they offer one), and allow the use of any front end tooling (so they must provide a Kubernetes API proxy), and they should not preclude you from adopting any of the CNCF tools should your needs demand so. This is one reason why you need to look closely at the provider of the tool to ensure openness.
So, in Summary..
Managing Kubernetes CAN be hard, if you allow it to be... but it doesn’t have to be.
Take the easy road, and look closely at Kubernetes Management Platforms, as these will generally provide the lowest friction to getting live in production in a safe and secure way.
Neil