For organizations embracing Kubernetes, getting to production — and staying there — remains a challenge. Despite its potential to streamline operations and enable consistent application delivery, Kubernetes introduces a level of complexity that many teams struggle to manage, especially across hybrid environments.
In a recent webinar, Curtis Rissi, principal solutions architect at AWS, and Alex Shiroma, senior solutions architect at Spectro Cloud, shared their perspectives on what it takes to succeed with Kubernetes.
Drawing on experience with customers across industries, they offered practical guidance for adopting Amazon EKS, scaling Kubernetes operations, and navigating edge computing with EKS Hybrid Nodes.
This article distills key takeaways and best practices from that conversation. To watch the full webinar, click here.
Kubernetes simplifies operations — once you’ve made the investment
According to Curtis Rissi, many AWS customers pursue Kubernetes for a simple reason: they want to deliver value to their own customers faster. That means building applications quickly, deploying them efficiently, and focusing engineering time on differentiated business logic — not infrastructure plumbing.
“Kubernetes helps simplify the stack. It gives you consistency,” said Rissi. “Instead of dealing with five different platforms in five environments, you have one common API. That means less to manage. It lowers the operational burden.”
That consistency also translates to portability. Organizations gain the ability to move workloads across clouds, data centers, and even edge environments without being locked into proprietary interfaces or tooling.
But while Kubernetes reduces long-term complexity, it does not eliminate it. And getting to the point where it delivers value takes time.
“From proof of concept to a well-oiled production deployment can easily take 16 months,” said Rissi. “It’s not just spin up a cluster and go. You need infrastructure, governance, security, observability, and upgrades. That takes dedicated expertise.”
Declarative infrastructure is key to managing scale
One theme that emerged throughout the discussion was the importance of defining infrastructure as code — and going beyond infrastructure to manage the full application stack declaratively.
Alex Shiroma explained that the Cluster API project has helped standardize the way organizations manage the infrastructure layers that support Kubernetes, such as the OS, Kubernetes distribution, and network and storage plugins.
“But there’s a lot more above that. Some of our customers have more than 20 additional layers just to support their production apps,” said Shiroma. “What we advocate is modeling the entire stack — from OS to platform add-ons to application-level dependencies — as code. That makes it reusable, testable, and consistent.”
He pointed to one customer, Remine, that used this approach to speed up its migration to Amazon EKS. The company had already been using AWS for some time but lacked hands-on experience with EKS specifically.
“They were looking at a long timeline,” said Shiroma. “But by building repeatable templates for their Kubernetes stacks, they were able to test and onboard quickly. In the end, they completed their EKS migration in about three months instead of more than a year.”
Don’t overlook day 2 operations
Rissi emphasized that many teams focus heavily on cluster provisioning and initial setup, but underestimate the complexity of day 2 operations — especially when managing multiple clusters.
“It’s one thing to get a workload running,” he said. “But what happens when there’s a vulnerability in an ingress controller and you need to upgrade 100 clusters? How do you do that safely and consistently?”
This is where drift becomes a major concern. When each cluster is configured slightly differently over time, even routine tasks like upgrades become risky. Maintaining alignment between the declared configuration and the actual state of each cluster is essential.
“Auto-reconciliation is one of the biggest advantages of a declarative model,” said Shiroma. “When your configuration lives in code and is continuously enforced, you eliminate drift. That makes operations safer. Upgrades don’t break things, because you’re confident in what’s running.”
He cited RapidAI as an example of a customer facing this challenge. The company provides AI-based stroke detection software that runs in hospitals and medical centers. Their Kubernetes infrastructure needs to be stable, secure, and maintainable — often in disconnected or bandwidth-constrained environments.
“When there was a recent security issue with a widely used ingress controller, they were able to identify affected clusters, test a fix, and push the update across environments without downtime,” Shiroma said.
Edge environments introduce new constraints
Not all workloads can run in the cloud. Some must stay close to the data source — due to latency requirements, compliance needs, or simply lack of reliable connectivity. In these cases, edge computing is essential. But edge environments also bring operational challenges.
“Whether it’s a manufacturing plant, a hospital, or a retail store, you might be deploying into locations that don’t have IT staff on site,” said Rissi. “You need to be able to deploy and manage clusters remotely, with minimal footprint and overhead.”
That’s one reason Amazon introduced EKS Hybrid Nodes, which allow customers to run Kubernetes worker nodes on-premises or at the edge, connected to a managed EKS control plane in the cloud.
“The idea is that AWS manages the control plane — so you don’t have to — and you just bring your own nodes,” Rissi explained. “That could be anything from a rack-mounted server to a Raspberry Pi. As long as it runs a supported OS and has connectivity, you can install the CLI and join it to your EKS cluster.”
Shiroma noted that this model pairs well with Spectro Cloud’s edge management capabilities. Palette, Spectro Cloud’s management platform, integrates with EKS hybrid nodes to simplify lifecycle management, policy enforcement, and upgrades across a large fleet of edge clusters.
“For customers who have thousands of edge devices in the field, this approach provides central management with local execution,” he said. “You don’t need to run a full control plane on every node. That reduces resource consumption and simplifies security.”
Security must be built in at every level
Security was another recurring theme — especially when dealing with edge environments that lack the physical protections of a data center.
Rissi explained that in the EKS hybrid model, AWS secures the control plane and provides hooks for identity and access management, observability, and systems management. But customers are responsible for the hardware, operating system, and any additional security tooling on the worker nodes.
“Think of it like the shared responsibility model for cloud,” he said. “AWS handles the managed components. You handle your data, your access policies, and your nodes.”
Shiroma added that tools like Palette can help extend security to the edge by enabling customers to consistently deploy endpoint protection agents, enforce OS-level hardening policies, and automate patching across environments.
“You don’t want your engineers logging into hundreds of edge devices to apply a security update,” he said. “You want to define it once and push it out automatically.”
Advice for teams getting started
Both speakers concluded with some practical advice for teams beginning or expanding their Kubernetes journey.
First, start with a clear understanding of your goals. Kubernetes is a powerful platform, but it’s not a fit for every use case — and it won’t eliminate complexity on its own.
Second, invest in automation early. “If you’re doing it manually now, you’ll regret it later,” said Rissi. “The more you can define in code — your infrastructure, your policies, your workloads — the more scalable and secure your operations will be.”
Third, plan for day 2 from day 1. Consider how you will monitor, patch, upgrade, and scale your clusters over time. Build repeatable processes and test them.
Finally, don’t go it alone. The ecosystem has matured significantly, and tools exist to simplify much of the heavy lifting.
“Kubernetes gives you consistency and portability,” said Shiroma. “But to realize those benefits, you have to approach it with discipline. That means automation, governance, and lifecycle thinking from the start.”
Your next steps
To learn how Spectro Cloud works with AWS to simplify migrations and accelerate hybrid cloud, book a meeting with one of our experts.