Too much of a good thing?
You’ve probably heard about managed Kubernetes — in fact, there’s a good chance you’re using it, right now.
Whether it’s AKS, GKE, EKS or another TLA, managed Kubernetes… just works. It’s the gateway drug to the awesomesauce that is Kubernetes.
And now, picture the scene: you’re on your first vacation in five years, a vacation made possible by one of these magical services.
As you sip on your piña colada beneath a palm tree, a gentle breeze rustling its leaves, you feel… pretty smug, to be honest. Your strategy paid off. In a world where a cloud hyperscaler offers a pre-baked Kubernetes experience for dollars an hour, you’d have to be crazy to manage your own clusters. Don’t build, buy!
Your ops teams are busy. Your dev teams are busy. It’s all going well. So well, actually, that you’ve just signed off on adding another cloud vendor. What’s better than one cloud? Multiple clouds!
Hedging your bets like this means you’ll have leverage over your vendors and while you’re at it, make sure that you’re safe from vendor lock in. You’ve played this game before — same old playbook.
But wait… what’s happening?
A future version of you has discovered an arcane apparatus with an unusual capability: it can reach back in time and slap you. The air shimmers, humming with unfathomable energy as the machine crackles into action.
But future you didn’t bother completing the certification in temporal weaponry. He misses the mark, and instead slaps a coconut in the tree you’re sitting under. The coconut falls down, down, down, landing with a solid thunk on your head. Fortunately, it was just a baby coconut, and you’re not dead. Instead, you spilled your cocktail and picked up an epic headache. Through the pain, one question cannot be ignored:
Why did future you try to slap you through the space-time continuum?
Day 2 operations is far more important than you thought
Future you’s slap came from about five years in the future. Future you discovered that Kubernetes clusters, even managed ones, have a tendency to mutate into a type of flying spaghetti monster that only an Italian could be proud of.
Why? Basically, managed K8s only really deals with the foundational components of Kubernetes. If you imagine Kubernetes as being like an operating system, then everything else installed and running on the cluster is like the applications you’d install on your OS. While the cloud vendor will keep the base layer of Kubernetes up to date, patched etc, they won’t do the same thing for all the other stuff that your developers and operations teams will want to install on the cluster.
This leaves you and your teams looking after dull but very important activities like updates, security patches, policies and scaling. What usually happens is someone installs something with Helm on one cluster, and without any intervention, that something will stay as it is forever. So they start using tools like Terraform and CI/CD pipelines to keep it all updated. Some components don’t get installed with Helm, and dependency issues start to crop up. Now someone has to maintain it all.
Build vs buy just went out the window — because now your teams are building stuff to manage the bought system. The spaghetti monster just grew extra limbs, and even the Italian isn’t proud of it anymore.
Future you ended up carving out larger and larger pieces of budget for the custom-built spaghetti monster management software. New developers and ops entering your company end up spending a lot of time onboarding and learning about your spaghetti monster management platform, instead of working on your core business application. Future you wasn’t very happy any more. He hadn’t been on vacation since that wonderful week sat under the palm tree.
Managed Kubernetes doesn’t solve multi-cloud issues
Day 2 operations wasn’t the only thing ruining future you’s mood.
Your operations teams had already figured out that they could control cost and get visibility of clusters through the first cloud provider. After all, cloud vendors come with fairly comprehensive cost-management tools so you can see at a glance which projects or users are using which clusters.
But future you quickly discovered that when there was more than one cloud provider, it became a lot more difficult to keep the same level of oversight and control. Suddenly projects and users were popping up on both clouds. Maybe some of them didn’t use consistent naming schemes, or departments only created clusters on one cloud and not the other. Clusters went unused for months or even years, burning cash to heat the water for the spaghetti. The finance department got involved, because costs were spiraling but they couldn’t quite make sense of it.
The operations team said no problem — they’d build out more functionality in the newly named “spaghetti monster containment platform”. The home-built platform was becoming its own special kind of entity, evolving at the same pace as the spaghetti monster itself. The operations team said they’d need extra budget and need to hire more people to pull it off, but it was all fine — they liked doing stuff like that, anyway.
The spaghetti monster had migrated to a second kitchen, and, like an invasive species, it was thriving.
Buy, not build! Wait, what?
Future you was being a bit hard on you. Kubernetes is sneaky. Powerful, useful, paradigm-shifting … but sneaky. It really could have happened to the best of us, and it already has. With the best intentions, you quite rightly set out to make the best of managed Kubernetes. After all, the cloud vendors do indeed do a great job at, well, managing Kubernetes. It’s just that, as mentioned earlier, Kubernetes is almost like an operating system. It can host almost anything, many anythings, that quickly add up and demand their own full lifecycle management.
And let’s not forget that our lovely operations and developer teams, while well intentioned, still love building stuff (that is why you hired them, after all). “It’s just one file” is how every 10,000 liner behemoth of custom operations knowledge was born. When the pressure goes on to deliver, it’s easy to fall off the wagon and start building because business and customers always come first.
While managed Kubernetes does its job when going multi-cloud, it’s important to remember exactly what its job is. It’s definitely not going to take care of all of your K8s applications and customizations for you. It’s not going to take care of managing multiple cloud clusters and reconciling them between clouds, or enforcing and managing day 2 operations for you across them. The spaghetti monster is always lurking in day 2, waiting to flop into your kitchen and wreak devastation in your meticulously organized pantry.
Where does that leave you, then?
Well, you avoided a fairly hefty slap from future you, but you still became collateral damage from the baby coconut.
Maybe the coconut hit distracted you from your piña colada long enough to make you reconsider whether doing multi-cloud with managed Kubernetes is all you need. Maybe it hit you just hard enough to give you strange visions of a weird spaghetti monster flailing about, invading multiple kitchens in your neighbourhood.
Future you wasn’t willing to take the chance that you’d get the picture by yourself. As you stand up and bend over to pick up your now sandy cocktail glass, you see a note lying in the sand. You recognize your own handwriting, although it looks like you were shaking while writing it — probably due to all the stress.
The note reads:
“Dear past me, if you’re reading this it means my wormhole machine works. The events of the past were so terrifying that I needed to reach back in time to ensure they never occur. I got that idea from watching The Terminator — remember that movie?
Anyway, what you need to do is check out Spectro Cloud. You need to do it now. Read about Palette, and how it can help you with all of your day 0, 1, and most importantly day 2 operations. I wish I’d known about it, wait … I did know about it if you’re reading this, right? Nevermind. Go and read about it, then contact them and tell them about the spaghetti monster. They can help you. Good luck, for my sake.
PS: I’d say I’m sorry about the slap, but I deserved it.”