Become a Creator today!Start creating today - Share your story with the world!
Start for free
00:00:00
00:00:01
Accelerating Kubernetes Adoption: Unleashing the Power of GitOps using Kubefirst
1.7k Plays1 year ago
In this episode of Kubernetes Bytes, Ryan and Bhavin sit down with John Dietz and Jared Edwards - the co-founders of Kubefirst and talk about how users can accelerate their Kubernetes adoption by using Kubefirst. They talk about how Kubefirst allows users to leverage open-source tools and the GitOps principle to start writing code, without having to worrying about deploying CI, CD, Authentication tools manually. They talk about how tools like Kubefirst can reduce the complexity and speed up SDLC for organizations that are just getting started with Kubernetes.
Try Nom Nom today, go to https://trynom.com/kubernetesbytes and get 50% off your first order plus free shipping.
- 00:30 Introduction
- 04:55 Cloud Native News
- 12:00 Interview with John and Jared
- 56:25 Takeaways
News:
- https://blocksandfiles.com/2023/06/21/smartx-fast-and-available-iomesh-kubernetes-native-storage-software/
- https://thenewstack.io/kelsey-hightower-predicts-how-the-kubernetes-community-will-evolve/
- https://cloudnativenow.com/features/aws-extends-kubecost-alliance-to-rein-in-k8s-costs/
- https://www.infoq.com/news/2023/06/aws-eks-kubernetes-chill-vibes/
- https://www.newswire.com/news/fairwinds-launches-open-source-tool-for-base-image-detection-22060270
- https://www.prnewswire.com/news-releases/virtana-acquires-cloud-and-kubernetes-observability-solution-powered-by-advanced-ai-and-open-source-telemetry-collection-opscruise-301852142.html
- https://www.cloudskillsboost.google/journeys/118
- https://thenewstack.io/kubernetes-operators-the-real-reason-your-boss-is-smiling/
Show links:
- https://kubefirst.io/
- https://ngrok.com/
- https://docs.kubefirst.io/aws/faq
- https://kubefirst.io/slack
Recommended
Transcript
Introduction and Mission
00:00:03
Speaker
You are listening to Kubernetes Bites, a podcast bringing you the latest from the world of cloud native data management. My name is Ryan Walner and I'm joined by Bob and Shaw coming to you from Boston, Massachusetts. We'll be sharing our thoughts on recent cloud native news and talking to industry experts about their experiences and challenges managing the wealth of data in today's cloud native ecosystem.
00:00:29
Speaker
Good morning, good afternoon, and good evening wherever you
Celebration and Podcast History
00:00:32
Speaker
are. We're coming to you from Boston, Massachusetts. Today is June 22nd, 2023. I hope everyone is doing well and staying safe. Let's dive into it. It's summer, Bobbin, officially. It is summer. Yeah, we got the summer solstice yesterday, right? So yeah, this is it. That's right. And we're deep into it. I feel like it's been kind of a cool start, which I guess there's pros and cons to that. But anyway, what are you even up to at the last start of summer?
00:00:58
Speaker
No, I'm super pumped today. Like this is our 50th episode of Growing Kubernetes Bites. If you don't count the trailer, which was like a two second or 30 second clip, but I'm like 15 and a half in that case.
00:01:11
Speaker
Yeah, let's do that. We crossed the 50th episode milestone. It takes a long time to get there. I mean, it's been every couple weeks for a few years now. That's pretty wild. I know. We started in August of 2021. Yeah. Yeah, this is awesome, man. I try to think about anything else I've done every two weeks for a couple of years or more.
00:01:33
Speaker
Hopefully work out. Yeah, I hope work out, right? I mean, maybe if you like, you know, spread it all out over the two years it worked out, but yeah, that's funny. And we had some awesome guests, right? I just want to thank everybody for agreeing to come on the pod. I know we started talking about mainly Kubernetes storage and data management and those kinds of topics, but then obviously we have evolved into all kinds of different topics around Kubernetes.
Summer Plans and Local Wildlife
00:01:56
Speaker
So thank you, Ryan, for like tolerating me for the past year.
00:02:01
Speaker
50 are in you. That's the easiest part, Bob, and you're such a pleasant person to be around. Okay, no, but with that, I think, no, I'm enjoying my summer. I do have a couple of trips planned later, maybe in August. But yeah, not doing anything for July.
00:02:19
Speaker
Fourth of July, yeah, that's right. Yeah, me either. I was just away in Vermont for a few days, did another, did the first of my moto trips, which last, it rained sort of all of the third day and part of the second, which just made for a lot of mud and enjoyment in my heart. I honestly thought the last day that which was just born all day long was my favorite day.
00:02:40
Speaker
Nice. How many miles did you end up covering? About 350. Yeah. Wow. On a bike. 100 miles a day or something. Mostly off-road in this case. Yeah. That's a lot of fun. Okay. How's your back? My back's great. My chiropractor keeps me in shape, I guess.
00:02:58
Speaker
I could have done 10 more, which is good because the next trip is seven days or something like that. And yeah, I saw a moose because we were way up there towards the Canadian border. It was far away, luckily. He was a big moose. And I'm glad, you know, when they're further away in this case, you know, you're not scared. Just majestic at that point. Dude, I don't want to bring like local things, but since you brought up moose.
00:03:19
Speaker
There was a bear sighting in Arlington, Massachusetts. A lot more, I feel like, in rural areas lately. I think it's just the seasons. This winter was super warm. I don't know. I didn't know bears existed in the suburbs of Boston. What are they doing? They were outside a grocery store. Searching for food, man. Searching for food. They are now turning onto DoorDash drivers, I guess.
00:03:45
Speaker
They know where the good food is. That's hilarious.
Guest Introduction: CubeFirst
00:03:51
Speaker
Yeah, well, I mean, luckily black bears are pretty skittish a human. So, you know, we have it pretty easy compared to the grizzlies, the Browns. But yeah, no, I did see that too. I grew up in New York. There's been a lot more in there as well.
00:04:06
Speaker
Anyway, you know, mooses, bears, and summer, you know, this is good stuff. Speaking of good stuff, we have quite a cool topic today. We're going to be talking to John Deets and Jared Edwards. They are from CubeFirst. John is the CEO and co-founder, and Jared is also the co-founder of good before we get them on to talk all about kind of CubeFirst and bootstrapping your Kubernetes environment with everything that you could possibly need.
Cloud Native News Highlights
00:04:30
Speaker
We're going to dive into a little bit of the cloud native news. So why don't you kick us off?
00:04:34
Speaker
Yeah, this was a slow week for me, at least. I was trying to find interesting articles. Maybe got a couple. So I'll run through my list. Don't force it. Don't force it, no. They're still interesting. But usually it's easy. OK, I have a few filters, few RSS feeds. I just go to them and then find good stuff. This week it actually had me do some work. So starting off, Fairwinds is actually launching an open source tool for scanning your base images that you use in your containers.
00:05:04
Speaker
So if you have CVEs, there are whole pitches. If there are publicly known CVEs or if a new CVE comes out, it takes the developers a while to figure out which image in their container has the CVE. This tool is an open source tool that you can run against your container image. They can tell you which version of or which layer of that image is the problematic one and tell you if there's a fix available. So open source tool is something that's worth checking out. But yeah, that's fast.
00:05:31
Speaker
Next, Vertana, I think, and this is what they call themselves, the leading IT operations management company. They acquired a Kubernetes cloud-native observability startup called OpsGurus. They claim to be the only purpose-built cloud-native Kubernetes observability platform. I'm sure other vendors in the ecosystem will have to tell us something to say against that claim.
00:05:56
Speaker
an acquisition in the Kubernetes ecosystem that I just wanted to highlight. And then finally, we do have a lot of fun with chat GPD in our episodes. But for people who want to learn more about generative AI or LLMs, Google Cloud actually has a whole series or a learning path around generative AI. So we link that in the show notes if you want to just get started. I think it's 11 courses. They do have to split it across days, but again, each video is not like eight hours. So you can actually get up to speed on what generative AI is. Have you taken it?
00:06:25
Speaker
Not yet, but I added it to my list. I was like, why not share it with our listeners? Yeah, maybe a sneak preview to some future episodes that we're hopefully going to do some more. We'll see. I know it's a hot topic and we're always interested. I feel like every time I read into it, I'm like, I feel like such a novice in the new technology, which is also part of the excitement about it. You get to learn something brand new and there's a lot to consume in the whole AI world.
00:06:54
Speaker
Cool. For me, there was just a few. The first one is IOMesh 1.0. I believe we covered IOMesh when it was, or maybe, I don't know if we covered it on this show or talked about it, but I remember talking about it with you in 2021. They were actually kind of like came out as a company.
00:07:14
Speaker
sort of stealth, I guess you could call it. Exactly. So they're, they're based out of China, I believe. And they compare themselves to a lot of the, you know, popular about the native storage out there.
00:07:28
Speaker
And, you know, have some pretty interesting claims. I haven't tried it myself, but pretty cool to see sort of another vendor kind of tackling this space. A lot of them have been scooped up, bought up, I guess you could say. And so we'll see what happens with them. We're going to follow them and see what's going on. Go check it out if you're interested in that storage space.
00:07:46
Speaker
The next one is Kelsey Tightower, we all know him. He had this article about predicting the future of the Kubernetes community and it's on the new stack. It's a really interesting article. I guess the TLDR is basically Kubernetes has to go away, which is a loaded thing to say, but there's a lot to unpack in the article. There's a lot more to what he's saying. If we're not innovating, there's a lot of
00:08:11
Speaker
talk about, you know, what we're doing next? What's next? What do we build on top? What's the next best thing? And I totally agree, right? You know, 20 years from now, you know, I'd hope that we're moving forward. And we we often talk about things on the show, like, you know, it's awesome going to take us down a different road, who knows? But yeah, some pretty interesting thoughts from the Googler over there and go to check out what he has to say. And you can probably chat with him on Twitter, maybe if you
00:08:37
Speaker
No. And talking about the new stack, right? I saw, I didn't include it in the show notes, but I should have, like you published an article talking about Kubernetes operators. So I did. Yes. The real reason your boss is smiling. That's right. That's what it was called. You know, we'll, we'll include it here in the show notes if anybody wants to read that. I can't toot my own horn. So, you know, I didn't bring it to the news. Yeah. It was a fun article to write about sort of Kubernetes operators, where we've come.
00:09:05
Speaker
as a community and what they're up to. So really cool stuff. The last two were from AWS. One is about sort of AWS tightening their alliance with KubeCost. We've talked about KubeCost and a lot of that technology, really cool stuff. So check that out. And then EKS support for Kubernetes 1.27, which has a whole bunch of things that you might be interested in if you're-
00:09:26
Speaker
looking at the bleeding edge of Kubernetes and are there. I find that there's still some people running some pretty old versions of Kubernetes out there. I don't know about you and your day job, but they move pretty fast, so go check it out.
00:09:40
Speaker
I know. In addition to like talking about like the latest versions that they support, I think we should also talk about the end of support date for the older ones because that has messed with me as part of my job in the past. It just sneaks up on you like, why are they not supporting 1.23 anymore? Like, okay, let's find out and let's remember that specific problem actually.
00:10:05
Speaker
Yeah, you know, always keep up to date with those things. A lot of the clouds have sort of like feeds you can kind of tap into to get that kind of. But yeah, maybe we should have, you know, sort of thing.
00:10:18
Speaker
Yeah. So, I mean, that was the news. I think it was a short news week. I think, you know, summer is going to be pretty light. So maybe that's a benefit to you, you users or listeners or watchers, wherever you may be doing less news for you and more guests. Speaking of guests, let's get them on the show. What do you say? Let's do it. All right. We'll be right back after the short break.
CubeFirst Deep Dive
00:10:39
Speaker
If you've ever had a puppy and raised it to become a big dog, you know that changing food and finding the right food is hard to get right. Ultimately, you want them to feel good and act happy and be okay with what they're eating. They're part of your family, after all. I have an eight-year-old Golden Retriever named Roscoe, and he's always had a sensitive stomach, so finding the right food is kind of a pain. That's where Nom Nom comes in.
00:11:03
Speaker
Nom Nom's food is full of fresh protein that your dog loves, and the vitamins and nutrients they need to thrive. You can actually see proteins and vegetables like beef, chicken, pork, peas, carrots, kale, and more in the ingredients.
00:11:18
Speaker
So here's how it works. You tell them about your puppy, the age, breed, weight, allergies, protein preferences, chicken, pork, beef, and they'll tailor a specific amount of individually packaged Nom Nom meals and send them straight to you. If you're ready to make the switch to fresh, order Nom Nom today and go to https forward slash forward slash trinom.com slash Kubernetes Bites.
00:11:42
Speaker
and get your 50% off of your first order plus free shipping. Plus Nom Nom comes with a money back guarantee. If your dog's tail isn't wagging within 30 days, Nom Nom will refund your first order. No fillers, no nonsense, just Nom Nom. And we're back. All right, so welcome to Kubernetes Bites, John and Jared. I won't take the thunder from you. Go ahead and introduce yourselves and what you do.
00:12:11
Speaker
Hey, everybody. I'm John Deets, and I'm one of the co-founders of Coop First. Jared, introduce yourself. Yeah, Jared Edwards, the other co-founder of Coop First. Yeah. This is a rare treat to see the two of us in the same room together. Jared's from the Denver area. I'm from the DC area. We're in DC with our team together, and I'm really great to be with you guys today to talk about some Kubernetes. Awesome. Yeah, we're glad to have you on the show as well.
00:12:40
Speaker
Awesome. So let's get started, right? Let's, I know with cube first, we'll do a primer for cube first and how it helps developers write code faster and push things to production faster. But we, before we talk about all the goodness, I think I wanted to start by like even before Kubernetes was a thing,
00:12:56
Speaker
before, like GitOps was a thing. How did developers actually get code into production? Coming from an ops background or a sys admin background. I've always heard stories about our developers had to wait for VMs to be provisioned and that took a lot of time. So let's talk about some history and then we can see how things have changed. Yeah, absolutely. So you're exactly right. The pre-cuber
00:13:17
Speaker
CI, CD, infrastructure is kind of an application delivery story, is a long story. I mean, you know, back in, I don't know, maybe six, seven years ago, I was working at USA Today as an example, and they had just enormous amounts of infrastructure. They were trying to manage the infrastructure with tools like Chef, and then that evolved into Terraform,
00:13:45
Speaker
It was still true though that managing applications on virtual machine oriented infrastructure was just tough. There were challenges. New ones details like your load balancer that you're going to use to put in front of your auto scaling virtual machines that have applications that are installed to it.
00:14:14
Speaker
combination of Ansible or whatever else. It always created these very bespoke operational organizations. Everybody kind of agreed on the discipline before Kubernetes, but nobody agreed on the practice.
00:14:33
Speaker
With Kubernetes, everything changed a lot. I recall when we were first working on our first Kubernetes project ever, this was back in 2017. Even back then on Kubernetes, application delivery wasn't what it is today with evolutions like GitOps.
00:14:59
Speaker
Um, and back then, you know, it was, uh, this was even back before Helm was widely popularized. So, you know, you've got an application, if you could figure out how to containerize and build a container for that app, you could write a YAML spec of a deployment.
00:15:20
Speaker
Google apply, or if you were fancy enough, maybe you put in a Helm chart and you help install your application to your development and then staging a production environment. And that was already an enormous positive evolution for application delivery.
00:15:41
Speaker
kubectl apply or Helm install these complex micro service oriented applications with micro components and being able to develop all of them in a simple way and say, hey Kubernetes, make this go into development and I trust you to do all the hard work. And just that alone was amazing. And you really have to start nitpicking it to figure out why GitOps is so popular.
00:16:11
Speaker
And the nitpick is in terms of like your posture of being able to instantly have all of that anywhere. Like when you're doing a kuco apply and that's your mechanism for installing versions of applications to devstage prod.
00:16:31
Speaker
If your production cluster is suddenly missing, now you have a really big problem on your hands because the tools that you were using to deliver your application to your production environment have to go through a sequence of build
00:16:51
Speaker
in promotion to dev stage product, which means that your main branch has to be the main branch of what was in production or you need complex fees in that workload. And you could keep going with board and details about why it's not the best practice, but what GitOps offers in exchange for that is a desired state, which is what Kubernetes was built to handle, and it's what we as humans want to define.
00:17:21
Speaker
The marriage of Kubernetes with Git in a way where we just get to manage the design state of what we want and we get to just trust that the GitOps engine is going to deliver that has just provided enormous gains in terms of asset management of what's in your Kubernetes cluster from a disaster recovery standpoint.
00:17:44
Speaker
cover when you have a problem. So we're really excited about the GitOps wave. Obviously, Kubernetes itself is fantastic, but that is my take on app delivery and GitOps and Kubernetes before and after. Yeah, absolutely. I think you touched on one big thing there, which was the complexity component of it, right?
00:18:04
Speaker
I mean, it's not like these modern tools haven't been around even when we were doing things before. I mean, you know, even thinking about Jenkins being released in 2011 and Docker coming around 2013 and really Kubernetes being popularized in 2017 ish. I mean, I know Mesosphere was also pretty huge there as well, like doing things. I think people were still kind of embedding those types of tools. It wasn't so much later that you were kind of thinking like, oh, wow, you know, we're doing a lot here. And so, you know,
00:18:33
Speaker
When you raise complexity and the whole movement around dev ops releasing faster you start to see the complexity slows you down again right and so i think it natively.
00:18:43
Speaker
something else had to come out that was a little better. And I feel like GitOps does a lot of this. And I know we've had conversations about, you know, it even improves, you know, security posture and a lot of ways for auditability and things like that. So I'm curious, you know, when, you know, you, you, these technologies have been out for a while, but I was curious, you know, what's kind of spurred the problem that you saw in the community that inspired you all to work on, you know, what you're working on today.
00:19:12
Speaker
Yes, I guess I'll start there. As John mentioned, it was like 2017, and we were trying to build... We were at this company, this big data company, and the orders were basically everything that's running Kubernetes. Sure, okay. So we figured out how to make everything run there. It honestly took a lot of time. After about probably 12 months of tinkering and toying around, we finally had a platform that the whole engineering organization was happy with, the security team was happy with,
00:19:42
Speaker
as cloud engineers, we were happy with it. Everything just started to work really well. We were lucky enough to hop on a train from DC, actually, because I lived out here in time. We were going up to Datadog Dash in New York, and John and I had the first three hours of just calm, sitting on the train, not working to talk about what we had been doing for the last year. To do that discovery, we were just like,
00:20:10
Speaker
Why did it take so long? So you're like, well, maybe we should figure out how to make this faster. And everybody has this problem. Every company has these nuanced things that they need for their application pipelines, for their infrastructure management, whatever. So how do we streamline that 12 months down to something that somebody can have in a day? So I'm going to train back, I think it was, John bought the domain for Kuberst, and we just started kind of playing. That's awesome. Well, we learned over the last
00:20:43
Speaker
And what that led to was like two plus years of our nights and weekends trying to figure out how to make it better. And it was really, really tough. And we finally, after a long, like that two year period, we were about to the point where we were like, I think we can take this to a company and try and sell it to them. And then we discovered Argos. Sure. Sure. Sure. When we started playing with Argos TV, the whole thing went off the rails.
00:21:09
Speaker
whole platform, and we decided that after we saw the power of what that desired state could give you, we had to go back to the drawing board, and so we started over. But through that, we obviously got a lot of great reps and get-offs on how RACD works, and we started re-architecting in a way that lets us stand a lot more on that desired state that John was talking about.
00:21:38
Speaker
All it is is a desired state. And we can tell if we're going to need to look at it so that it can start to give you all of those things. And the native capabilities of Argos be like single waves help with some of the orchestration pieces, and it removes all the scripting that we were doing for the last two years. So there's just a lot of positive movement by just trusting in GitOps and Argos feature. So what do you want to add to that?
00:22:04
Speaker
We built a product out of our own necessity as Kubernetes engineers. As many products start my way, yes. We're all fighting the same fight. It's clearly one of the best technologies that's ever landed in the cloud space. But it comes with complexity. But if you do the hard work and you buy into the
00:22:29
Speaker
what we consider to be, and you don't have to pick our tools either. Our platform comes with a bunch of tools that are open source and on the CNCF landscape and very popular with good documentation that we think would be a good fit whether you're brand new to Kubernetes or literally like a Fortune 500 company that's full enterprise and adopting Kubernetes. These are scalable tools.
00:22:54
Speaker
that scale far and do really well and have that open source community behind each one of these tools to foster your own engineering experience with these communities that are centralized around ROCD and Terraform and Kubernetes and infrastructure as code are going to work less and blah, blah, blah. They all have all these really great communities of people that have a ton of knowledge.
00:23:22
Speaker
And to do all that work yourself of finding the communities, picking the tools that are all gonna work really well together, and you just add infrastructure as code and you add GitOps on top of it. Before you know it, you're just down the road a lot. And if you convinced a director of your organization that Kubernetes is the right idea, you're not wrong. But six months down the road, if you're not shipping a production on Kubernetes,
00:23:51
Speaker
That director is starting to get impatient and it's not long before you're starting to take some shortcuts here and there and just trying to, trying to get things down. And that's, that's kind of a bad story and we just needed a different story to exist. So, um, so we built Kubernetes first to kind of be that fast tracked enablement of an open source Kubernetes ecosystem.
00:24:15
Speaker
just as a better starting point for Kubernetes. I try to solve every problem for every company under the sun. We do try to honor that there is a line of how far we should go and then you should take it from there. But we do want to stand on a better set of foundational rules. We want to stand on there being a secrets manager available minute one. We want to stand on the fact that you're going to have infrastructure as code
00:24:43
Speaker
that's automated that you can leverage for that initial infrastructure all the way to whatever you need to scale to. We really want to buy in and get off to make sure that there's a well orchestrated set of sequencing so that all the chickens and eggs that happen when you're setting up your platform from scratch
00:25:03
Speaker
are all just taken care of. And then we want to stop like basically right there and say, this is your fully repeatable, fully replaceable ephemeral or otherwise, you know, production ready. It could be whatever reason you need a Kubernetes cluster. We want to make sure that you can always have a Kubernetes cluster that's a little bit further along so that you can take advantage of having
00:25:30
Speaker
and all these things that make the Kubernetes experience so nice. When you're starting from scratch, it's so tough because you almost need infrastructure in order to create infrastructure. So like the chicken's necks are pretty fierce and we've managed to orchestrate it all in a way that after Kubernetes installed 100% of everything that's on the platform, the cloud resources, the get ops resources, whatever they might be,
00:25:58
Speaker
they're all immediately hooked into the GitOps repository. So every change that's ever happened, whether it's application changes or infrastructure changes, whatever it might be, like we want to get that audit log started on day one. And then if you can start there instead,
00:26:23
Speaker
You have an audit log for the entire history of your company. We trust that that will be favorable. There are a lot of organizations. It takes quite a bit to get to a point where you've automated your infrastructure's code. Having that on your first network is hopefully going to be really valuable. Yeah, absolutely. There's a lot of obviously components that you want to get off the ground running and it sounds like
00:26:49
Speaker
There's more of a guideline of best fit tools for certain scenarios. It sounds like when it moves from code repository, secrets management, ingress controller, whatever it may be. Now, I'm curious, I think it might be worth going into what are those community tools that you first uses? Maybe if there's certain ones that, why did you choose that one over another or what does it do best in your environment?
00:27:19
Speaker
Yeah. So, let's see. I'll try and do it on second. For Secrets Management.
00:27:55
Speaker
as we've mentioned a few times, is the one that we choose. If we go to CI, with part of the platform, we haven't really mentioned too much. Once the platform is done provisioning and everything's in that single GitOps repo, we actually deliver an application, a Next.js application, and it basically just so that we can demonstrate how a container versus a home chart publishes, how it delivers through GitOps to your development staging and production environments. And through that, we also give the added benefit of like,
00:28:30
Speaker
Argo workflows as the main driving engine for all of our CI operations, which was an interesting pick. That one, I feel like a lot of people are like, oh, why didn't you just say we'd like to have actions? Why didn't you say with the LabCI? And we did a little bit. So what we ended up doing was we just wrote basically a shim layer from your native Git provider to submit to Argo workflows so that you can look at all that rich feedback into your application code repository.
00:29:06
Speaker
So really like target workflows for the fact that it was so Kubernetes native, you know, we get a lot of added benefits for secrets management in your CI ecosystems. You know, you can have that fine grain control of containers having access to individual secrets instead of the entire CI process having access to those secrets. Then you get smaller blast radius of what needs access and when, what rules am I missing.
00:29:37
Speaker
it's cert manager, external DNS version. DNS management, we have, that covers the majority of it. It sounds small, but these are so many different components that again, if I having been working around Kubernetes technologies had to do it, it will take me a week at least to make sure everything is plugged together in the right way. And people are just getting started. This is like a lot of work. So talking about user experience, right?
00:30:05
Speaker
I've seen the video that you guys shared with me as research for this part, so I know how cool it is. But if I'm a new user, how do I get started? How do I install Q1st?
Tool Selection and Customization
00:30:14
Speaker
And what does it give me? And how can I add more users from my organization into the Q1st ecosystem? How does the day zero look like? Yeah, so let's see, we'll probably split this one. Basically, to get started, we're going to install Kubernetes
00:30:34
Speaker
instructions on our docs. But getting the CLI in hand is probably step one. Step two would be deciding what you want to experiment with. And by that it's like, do you have a cloud account that you already have wired up with DNS? That's basically the two prerequisites, a cloud with billing and DNS that we can hook the cluster into for all those records that we need to add to our graphic services. But if you want the lowest barrier of entry, then
00:30:59
Speaker
CUBE versus K3E Create. So we basically took this whole cloud platform that we're describing in the cloud and built it to run on your laptop as well so that you can try it without any prerequisites of a cloud account or of a DNS name or anything like that. You do need to get providers, so you need to get a GitLab or GitHub token that you can give access to so that it can create that GitOps repository as well as the metaphor application code that we give you. And so yeah, you just run
00:31:30
Speaker
But basically what we did with this story was we tried to emulate everything that you get in the cloud works the same on your local host. So you can see and feel all the patterns the same way. Like even Atlantis is our Terraform automation tool. That one has like a really neat end-rock implementation. Like we had to figure out how to get your laptop to receive webhooks from GitHub. So we opened up an end-rock tunnel that renews there for two hours. Nice. And we've worked from your, so you're actually iterating
00:32:02
Speaker
webhooks are still coming into your laptop so that you can have all of that terraform automation that you would have in the cloud too. Nice. Yeah. I like that ngrok integration, right? We have always covered ngrok in terms of when they do funding grounds, but this is an actual use case. This is so cool. Yeah, yeah. No, ngrok's really super neat.
00:32:22
Speaker
The way that we implemented the autorotator, like by default, NGROP is only going to give you a two-hour window where you can use it for ingress. But when you install NGROP to Kubernetes in a cron job that's a two-hour cron job, then you can have an autorotator of NGROP. If you take the result of that NGROP tunnel treatment,
00:32:47
Speaker
And register with ball ball is going to propagate that to all the tools that needed and it all just kind of flows. So yeah, that was a really neat story for the local experience. Nice, nice. Now I'm curious a little bit about, you know,
00:33:05
Speaker
Um, you know, what, what went into decisions around things like operating system and, and things that maybe people are maybe more picky about, right? You know, what, what kind of feedback did you get about? Like, you know, I'm sure people are like, well, you're giving me kind of a prescribed thing. So I heard you say earlier that like, you can use it as a starting place and maybe modify components and, you know, maybe not use Argo and use something else, but.
00:33:30
Speaker
What kind of feedback did you get there and how did you deal with all that? When building this platform, that was our number one concern. If we're going to build a starting point platform, you have to be able to leave. We have to be able to cease to exist and everything in production has to keep working.
00:33:54
Speaker
you shouldn't be freaking hate any tool that we pick with any tool that you want. So the architecture that we settled on so far, when you do a first installation, we have this upstream GitOps template repository as our opinionated platform built into the main branch. So when you do an install, you're pulling that GitOps template repository down
00:34:21
Speaker
And the AWS version and the SIBO version and the K3D version are all slightly different, but it's the same effective platform. So you pull that platform down and then there's all these details within the desired state of a cluster that requires a token in our template that can be replaced by your actual value. So we don't know what your AWS account ID is. We don't know what domain you're hooking it into.
00:34:51
Speaker
So all those types of details are tokenized in our GitOps template repo. But when you pull it down into an install, we hydrate the template with all the details that you provide us. We looked from additional information up and hydrated along the way. And then the end result is a GitOps repository that we give right back to you and you get to host permanently forever. So because of that architecture,
00:35:16
Speaker
The infrastructure is kind of the power of all the cloud components that we created for you are in your GitOps repo in the Terraform. All of the applications that are in our web CD with all the configurations and all of the synchronization and whatever else, that's also all in the GitOps repo and the registry. So these two pieces in this GitOps repo are powering 100% of everything that we've built and given to you.
00:35:46
Speaker
So because of that, we've had clients that, uh, wanted to work in AWS and GCP. Our platform doesn't support GCP. Technically it's in beta. But we didn't support GCP, but they were still able to do a Kubernetes AWS installation, expand the installation in a cloud that we don't even support with ease, because it's just a matter of taking the Terraform entry point directories and
00:36:16
Speaker
adding more of them if you want more infra. Or if you don't like a tool that we're using, like you don't like our good workflows, you just want to use GitLab CI natively in Kubernetes, we understand that's A-OK and you can run with it. And you can just pull requests, the removal of our good workflows, and continue with GitLab. We install self-hosted into your cluster. Or if you like Jenkins, something that we haven't even touched, you can add that all.
00:36:43
Speaker
we're soon to be releasing a GitOps catalog where you'll be able to take a whole marketplace of tools and bind them to your GitOps so that the GitOps deliver to your clusters instead of what most marketplaces do where they just like Helm install or Google Cloud. So we'll have a nice
00:37:11
Speaker
I like the flexibility in that. Obviously, I've dealt with customers too throughout my career and they're always going to want to use something differently. That's an awesome thing that you provide that flexibility. At the end of the day, you're bootstrapping this whole environment a lot more than just Kubernetes environment.
00:37:30
Speaker
You're giving back to get ups repo you know how does one you know how does a client or customer get their application on to it is just a matter of like using our CD does it have to be so prerequisites for you know this thing to happen does it have to be in a get up buzzer that lets you know are go kind of do its thing or what.
00:37:48
Speaker
Yes, it's not super complicated, but there's obviously a few steps. Let's not what you're after, but if you were to take the metaphor application that we delivered to you as an example that you wanted to take, essentially you would go to your GitOps repository and visit your Terraform folder, and in there you'll see a GitHub folder, and GitHub's in there because we manage all of your Git repositories in Terraform as well, so that you can have
00:38:19
Speaker
You take this little snippet, it's like probably seven inch lines of Terraform HCL. You would say, I want a new repository called my new app. And then let Atlantis run its automation. It would create that GitHub repository for you. It would automatically add all of your users to that repo so they have access that they need. And then from there, you would drop your source code in that new GitHub repository. And then you need a few files.
00:38:46
Speaker
just talking through this. So there's new files that matter. Dockerfile, you've got to be able to build a container from your application source. A Helm chart, you need a charts repository. We have a customized pattern that will hopefully get out soon-ish for folks that it's customized. But today would be a Helm chart, so you need to copy your Helm chart into your application repo and make it specific to your application. And then you have your .github or .gitlab folder pending
00:39:15
Speaker
Those three things dropped in your application would be enough for your self hosted runners in the cluster to wake up and see that you have an action happening against your main branch. And when you push that the first time, if your container actually builds successfully, it would build
00:39:39
Speaker
production. And if you have those couple of things, it does pretty much, that's it. Those three things. Yeah, the metaphor example is hooked into HashiCorp both using external secrets operator to pull secrets out, and likewise with
00:40:06
Speaker
it's great configured for the opinions with external DNS, et cetera. So the metaphor starting point is just like a really easy way to just grab a view file, drop it into the repo, and then it's in production. It all goes perfectly. Yeah. Reality is that it's probably going to take you three or four tries before that Docker container builds.
00:40:28
Speaker
correctly. And once you have that, you're off to the races for sure. Nice. Okay.
CubeFirst's Target Audience and Deployment
00:40:33
Speaker
Okay. So this sounds like it really helps me get from zero to one, right? Like if I'm starting with the Kubernetes or starting my journey or writing a new app, but what about brownfield apps? Like who is cube first, the most helpful for, or who should be the one that's trying it out right now? Yeah, it's a good question. I mean, we hope to be building the platform for
00:40:53
Speaker
Literally, everyone. It's almost problematic, hell, why you were trying to target. If you're an enterprise organization that has a whole bunch of pre-existing infrastructure, maybe you're running Terraform, that's A-OK. If you're going through a cloud-native adoption stream where you're trying to buy into Kubernetes,
00:41:16
Speaker
You can just do a Kubernetes install and that type of an environment will agree that you can see for you, the subnets, the cluster, the security groups, like everything that will bootstrap that cluster and get it to you. And it'll only be managing itself. So if you have free existing infrastructure and it's terraformed already, then you just have to take that terraformed content, move it into our GitOps repository. And as long as you haven't messed with the state at all, you can just hook into that same state and everything's fine.
00:41:45
Speaker
If you're a brand new startup, we like to think that we have a story for those folks too. In fact, that's probably our most target audience's startups just because they have so many immediate needs. Single sign-on for their users.
00:42:08
Speaker
organization roles so that you can separate admins from developers. Like these are things that take time and are annoying to get set up. Um, and are you setting it up using scripts or is it baked into your desired state? You know, repeatable, et cetera. So we built it so that everything's repeatable. Everything's like best practice according to, you know, a couple Kubernetes engineers that have been around for a handful of years. Um, and, uh,
00:42:37
Speaker
But we hope that no matter who you are, a Kuberless cluster install will be valuable to you, whether it's a Fortune 500 enterprise grade, you know, big boy operation, or just a tiny little ephemeral cluster that you need because you're doing demos every day. And we'll throw that cluster away and have it back tomorrow. Like we have a story for pretty much
00:43:04
Speaker
So yeah, to be determined in terms of who gets the best value out of it, but. Okay. So like, okay. I know Jared mentioned that we can do a K3D install as well. Can I do a K3D install, have everything running on my local machine or my Mac, and then eventually choose an EKS cluster as my production endpoint? Like is that combination possible and how easy or difficult it is? So not quite today. We don't have the translation engine to go from
00:43:36
Speaker
We've talked a lot about that as an opportunity to replace our database a lot and figure out how, because once everything's in an ROCD application kind in YAML, it's just overlays like Customize provides to AWS, so then it has an AWS annotation. It's not that it has a pseudo annotation.
00:44:02
Speaker
But you wouldn't be able to, but I think that there's another approach that's kind of like in parallel of that, which is we have a mechanism built into our CLI that you can actually override our GitHub template repository. So let's say you took it for a spin and you're like, gosh, this is great, but I need to change this one thing. It's like, okay, well then you can either fork our repository or create your own as long as it has the same structure.
00:44:26
Speaker
you're able to override our template and use your template so that you can have your outcome every time you run Kubernetes 3 instead of ours. That quite answers your question, but you'd be able to have your own template that satisfies your local and AWS stories, and you'd be able to switch between them a little bit better. And you could add that customization that we don't want to be able
00:44:49
Speaker
Yeah, that makes sense. I mean, it's pretty powerful tool when you think about it. And, you know, I think just the overall idea of, you know, getting this up running quickly, and I think about what quickly actually means. So how long does it actually take to get running? We've been a little irresponsible with clouds that we're trying to
00:45:10
Speaker
So I think today we officially supported AWS K3D and SIBO, but we have Digital Ocean Vulture and GCP and VEDA, so we're expanding that direction. But depending on which cloud you pick, AWS is about probably 40-45 minutes by the time you advance cluster permissions and you get all of your DNS records back. If you're in Digital Ocean, SIBO, those small
00:45:39
Speaker
probably anywhere from eight to 12 minutes maybe. Okay. Yeah. Well, that's quite a difference. I mean, I know last time you spoke with, with Bob and you know, you, you mentioned this a couple of times, which everybody has the same problem, right? And the footprint can take anywhere, you know, from months to many months. And I'm, and I'm curious because, you know, you know,
00:46:01
Speaker
what your thought is on why do you think that is? I mean, I know that in larger companies even that are probably later adopters to just Kubernetes in general, there's patches of DevOps and GitOps in various places. So I could see an individual team kind of bootstrapping their effort in this space with something like Kuberst. And I'm just curious like, you know,
00:46:22
Speaker
What were those conversations and what were they like in terms of how long it took for people to get started? Yeah. Starting Kubernetes is just tough work. Think about walking into a new shop, but just imagine any generic software shop that has maybe 10 microservices and they have some pre-existing infra and they've been working on VMs and now they're trying to adopt Kubernetes.
00:46:51
Speaker
Or maybe they have nothing yet. You're going to end up with some engineers, hopefully. If you're lucky, you're going to find some engineers that are excited about Cloud Native, ready to tackle the CNCF landscape, which is just like this hustling ecosystem of... When you go into a shop like that and you get a handful of engineers that
00:47:21
Speaker
maybe came from a couple of different places, maybe have different histories and experiences of the tools that worked well for them in their last shop, et cetera. What we have found is that they're gonna start debating and arguing, and it's tough to pick the right English controller, and it's tough to pick the right secrets manager, and it's tough to pick the right CI tool
00:47:47
Speaker
and whether or not you should be for them to get ops. And all of these decisions create opportunities to slow down Kubernetes giving the company value. That's not to say that the research isn't warranted. While you're doing that research, you're not shipping to production. And that's bad for organizations. Our stance is that like, hey,
00:48:16
Speaker
You're right to have those debates. You are. It's a good idea. You should install Kube first and decide, hey, should we not use NGINX as a neighbor as a developer? And great question. Maybe you shouldn't. And start experimenting on a platform that has secrets management and secrets management and everything, all wired up and ready to go and shipping your apps to prod.
00:48:44
Speaker
while you're figuring that tough time consuming stuff out with your team. And our hope is that like, that's going to produce likely some more contributions to Coop first. Like, I, you know, Ingress Engine X was great, but
00:49:02
Speaker
Look what we did with traffic and now we have an option of controllers instead of just a single opinionated ingress controller and we do try to do that. We want to be very vendor agnostic with the tech that we pick. If we use Azure Core Vault, we know it's not for everyone and that's A-O-K.
00:49:24
Speaker
We would love for somebody to submit a contribution that had something that bulk covers all the ground for us, which is a lot. It's IDP, it's Secrets Management, blah, blah, blah. But that's not to say that you can't evolve the platform in any direction your organization needs. Yeah, I think that's the best I can do on that.
00:49:49
Speaker
No, that's a perfect answer. I feel like there's a lot of focus on getting to the value that Kubernetes can bring first now. We've moved on from a...
00:49:58
Speaker
from focusing on the infrastructure and getting it installed and celebrating that, now it's like, that's great, that's old news.
Value of Kubernetes and Community Support
00:50:05
Speaker
We want to actually build something that's useful for business value and where I work at this point. We're seeing a lot of that and it's awesome to see this whole project. We're going to give you a chance to direct people where they can get started, how they can contribute, what you just talked about, where they can find out more. But before we do that, we always have a
00:50:24
Speaker
section of the show, which is our chat GPT question, which is basically we, we asked chat GPT to come up with a question for for you about the topic. And, and you don't have to answer it, you can absolutely answer it. But if you don't, we let itself answer the disease, their own analogy. So the question that I came up with for, you know, podcast guests on this topic was,
00:50:49
Speaker
Imagine Kubernetes as a wild untamed beast. Can you share with us your most memorable taming experience when setting up a Kubernetes environment for production and why it felt like wrestling a dragon? Ooh, that's a heavy boar. If you don't have a boar. If you need a three hour train ride to New York City to get an answer for that. Yeah, let's see. How do you slay
00:51:18
Speaker
with a production installation that I, man, that is just.
00:51:29
Speaker
We can let chat GPT answer the question. It's funny because when I asked it to answer this question, it was like, I can't possibly answer that question. I haven't done that before. And I said, well, just make believe that you were a person that does it. And he goes, well, OK, that's a fantastic analogy. Setting up a Kubernetes production indeed feels like taming a wild beast, it says. One of the most memorable experiences I had while I,
00:51:56
Speaker
when we were migrating our services to a Kubernetes-based infrastructure for the first time. Very appropriate for you guys, I think.
00:52:03
Speaker
It says the dragon in our case was managing persistent storage. Kubernetes as you know is designed for stateless applications and our application had a significant stable component and we had to ensure all our data was not only persistent but also could be accessed quickly and reliably across the pods. It goes on to say basically that the real dragon, the real challenge was ensuring that the entire team
00:52:27
Speaker
was up to speed with Kubernetes because it's a powerful system, but also complex and has steep learning curve. We invested a lot of time in training and building internal documentation to ensure everyone could work effectively. So in the end, it says something along the, we didn't just team the dragon, but we made it our ally, which I thought was kind of funny.
00:52:52
Speaker
Yeah. So we have, we have fun with getting some, some viewpoints of chat GBT and what it's scraped off the internet, so to speak. It's usually not far from the truth, honestly. It's true that like getting your organization to buy into a new mental model of software delivery on top of Kubernetes is a big challenge. It truly is. And, you know,
00:53:19
Speaker
We hope that like with Coopers, we have a Coopers community, a Slack workspace where we have like almost 200 people now that are all using these same tools the same ways.
00:53:34
Speaker
So we wanted that that's a really important facet to what we're bringing to the table. Like we're not just bringing a tool that you can use to install and fast track Kubernetes creation and adoption, but you've got this select workspace with me and Jared and all of our employees and all of our community members that we've acquired so far that are ready to help answer
00:53:54
Speaker
It doesn't matter what the question is. You don't know what a pot is. Let's have a competition. Whatever the challenge is, how GitOps works. And so we hope to be able to share our expertise with our community and with shops that are adopting Kubernetes for the first time because it is a mental week together from VM work and application delay.
00:54:22
Speaker
It absolutely is. It absolutely is. And that's a good lead in. You know, where can someone find that Slack community? Where can they get started? Where they can contribute? Any of those types of resources, spit them out here and then we'll make sure to link them in the show notes. Yeah, absolutely. So it's coopress.io, K-U-V-E-F-I-R-S-T.io. And that's going to get you everywhere. If you get a coopress.io slash Slack,
00:54:45
Speaker
that'll bring you to our workspace. We have docs.kupress.io that talks about all of our different platforms. We're on YouTube, we're on Twitter, we're everywhere, but if you get a kupress.io, that'll be your starting point to every place that we can ship you. We are actively looking for contributions from
00:55:06
Speaker
user community and feedback about how we're falling short on the user's vision of fast Kubernetes ephemeral environments, whatever it might be, cause that we don't get support. We're ready to talk to our users about anything that they need. Yeah. And I have one last note on that. There are people at companies right now that are one man, two man, three, whatever.
00:55:38
Speaker
they see the value in being able to drop into our community and immediately have 40 other people using the same tools to ask questions about. We really want to focus on helping them become successful with their Kubernetes journey campaign.
00:55:52
Speaker
Yeah, that's, well, that's a great, that's a great way to end. And I hope our listeners and viewers can hop on board and join your community, check out the tool, get started on your laptop, whatever it may be. And we'll put all the show notes, all the links in the show notes for everyone to get started. And John
Episode Wrap-up
00:56:08
Speaker
and Jared, it was a pleasure to have you on here. It was a pleasure to have you both in the same room, it sounds like, which is always new for us. I feel like most of the time we're working to distribute. So nice to see you and thank you again.
00:56:20
Speaker
Yeah, it was a real pleasure having us on. Thank you so much. All right, Bob. And that was a fun episode. It was cool to see John and Jared in the same room. We often don't get that. I know. You know, it's cool for them as well in this world. I know I've been sort of seeing more people IRL, so to speak. So it's cool to see them there. I thought that was really cool episode. You know, just talking about
00:56:46
Speaker
just complexities in general, like this comes up all the time, right? Are we making Kubernetes too complex? Is it too complex for my use case? The answers will vary, obviously, like the classic answer of it depends is really the answer here. But you know, there are a lot of barriers when you are talking about
00:57:03
Speaker
sort of a full production, you know, DevOps friendly, using GitOps, has security built in, has all these kind of workflows that we talk about on the show or that are implemented in a lot of shops. It's hard to get all that moving, right? I think their stat was like three to nine months. It's probably not far off. I mean, I don't think that was tied to any survey, but I wouldn't be surprised if some shots were even a lot longer. So just, you know, the Q first kind of problem where it's really
00:57:32
Speaker
getting you off the ground without needing every tiny little skill set. Now you obviously need to know how those things work still. You have to have people familiar with how they're going about things and hopefully they can.
00:57:43
Speaker
help you with those problems if you go along. But yeah, the good jumping off point, and I really like the idea of it not being tied to, you must use this. They were very open with, yeah, we realize everybody's not going to want to use the same OS. We're not going to want to use the same component here or there. And it being open source, I think, is a total win.
00:58:04
Speaker
I don't know. You do have to start somewhere. Make your best guess as Q1st is doing, and then if customers want to bring in a different CD tool or a different authentication and authorization tool, why not?
00:58:20
Speaker
for a majority of the people out there that just want to get started and write some code, I think tools like CubeFirst are going to be super helpful because even, I think I said this on the podcast, right, but even for me to deploy everything and make sure everything works together,
00:58:35
Speaker
It's going to take me at least a couple of days. Like it's just time consuming and difficult. And if Cube first can automate all of that for me in the first 45 minutes, that's awesome. Like I can just start writing code. If I remember the video that did it right, once they have everything instantiated, the way to invite more users is just updating a file in your Git repo and the GitOps workflow automatically pushes those users into a HashiCorp vault.
00:59:03
Speaker
creates credentials for them, and then you can use those credentials to log into GitLab, to log into Argo CD, and all of that plumbing is already done for you. So, I don't know, it really makes sense if you are just getting started, that zero to one use case, and I know we discussed with them, like, how do organizations who are already at that one point, how do they get to 100, right?
00:59:24
Speaker
And they are still working on it. They did talk about how they can bring in existing terraform, the folders that you might have with the state and include it with the Kubernetes ecosystem, but I don't know. We are headed in the right direction. Yeah, I think so. I find it's probably a much more useful tool to, you know, Greenfield, new companies. And I think they did say that, right? Start it up so I have a lot more use for it. I mean, a large, huge companies is very hard because there's usually a designated set of
00:59:51
Speaker
procedures and things you have to do. So it's hard to just like drop in something. But really cool stuff. Go try it out. I actually plan on trying it out. I think it's a really good tool for like demos and stuff like that for what we do. So I will let you know, John and Jared, I guess, in due time when I get to it. But with that, I think that's really the end of today's show, right? Yeah, that's it. So happy, happy 50th episode, Bobbin. We'll have to celebrate. We have some hopefully some cool news coming up in terms of
01:00:21
Speaker
Um, you know, being able to interact with the show some more and get some more out of it. So stay tuned. Uh, we'll announce those things soon. And with that, that brings us to the end of today's episode. I'm Ryan. I'm Robert. And thanks for joining another episode of Kubernetes bite. Thank you for listening to the Kubernetes bites podcast.