Published
January 29, 2024

Simplify Kubernetes day 2 ops with Palette Cluster Profiles

Adelina Simion
Adelina Simion
Education Engineer

Like many organizations, you’ve gone cloud native, adopted Kubernetes and deployed your workloads into production clusters. Now what? Managing, updating, and securing those Kubernetes clusters — in other words, day 2 operations — is naturally your top priority. 

In this blog we’ll shed light on what is Day 2 Kubernetes and explore how Palette’s concept of Cluster Profiles can help you simplify and automate some essential day-to-day operations activities, such as Kubernetes cluster updates. 

What are Day 2 operations?

In the cloud-native world a “day” refers to the phases of the IT operations lifecycle. 

  • Day 0 is the design phase. In this first stage of your lifecycle, you and your team develop the architecture and technologies (commercial or open source) you need to support the functional requirements of the applications you’re deploying. 
  • Day 1 is the deploy phase. In the second stage of your lifecycle, you actually stand up the environment and implement the application stack.
  • Day 2 is the operate phase. Finally, the application shifts from a development project to a production environment, becoming available to its users. Changing an application or its environment once it’s live is typically more complex because you need to maintain availability.

Take a look at the following diagram to see some of the typical activities you might undertake in each phase, from Day 0 to Day 2. 

Kubernetes Day 2 Operations with Cluster Profiles

Check out our vintage blog post Kubernetes Lifecycle Management! So Important! (What Does It Mean?) to learn more about the different phases, and check out some of our other blog posts that cover other Day-2 management aspects such as cost management, security practices, and more.

How can you make Kubernetes day 2 ops easier?

As the complexity of your Kubernetes environments grows, Day 2 management becomes not just time-consuming, but challenging. 

According to the 2023 State of Production Kubernetes report, 75% of respondents say they suffer issues affecting the running of their clusters and 40% say they lack the skills and headcount to manage Kubernetes. 

If you don’t take control, you can risk the availability, performance and security of your application workloads. 

At Spectro Cloud we’ve built our Palette management platform to support you with many of the most important day 2 activities. Take a look at the table for details.

Day-2 activity Palette support
Scale clusters Add/Reduce nodes in a node pool
Add extra worker pools
Resize nodes
Add availability zones
Multicluster management
Apply patches/updates Perform rolling upgrades
Cluster reconciliation
Scheduled and on-demand backups
Improve observability Monitor cluster infrastructure health
Default usage metrics
Maintain platform orchestration event stream
Log collection
Monitor your stack
Evaluate security posture SBOM scanning
Maintain compliance and governance standards
Security best practices, including automatic SSL certificate update

Cluster updates with Palette 

The “Deploy Cluster Profile Updates” tutorial gives you a hands-on insight into how Palette’s architecture supports Day-2 operations on Kubernetes clusters. It walks you through deploying and updating a cluster, highlighting how this critical Day-2 operation works with Palette. 

Let’s take a look at a real scenario you might encounter. 

You’ve just started a new job on the platform team of a midsize manufacturer, running multiple clusters globally. Your team is fully remote, distributed around the world and you find yourself working alone for a couple of hours. Suddenly, the application team pings you. They have rolled out a new version of the application and this has caused an outage. They need your help to roll back to get their clusters to a healthy state, without any downtime. 

This is just one example where you will need to know how to simplify your day 2 Kubernetes and learn how Palette’s Cluster Profiles can support.

Cluster Profiles are a central concept in Palette, as they allow you to specify layers for your workloads using packs, Helm charts, Zarf packages, or cluster manifests. Cluster Profiles are the declarative, full-stack models that Palette follows when it provisions, scales, and maintains your clusters, providing you with consistency across environments. 
Once you create your Cluster Profile, you can deploy it to a new cluster in various ways: using the Palette UI, the Spectro Cloud Terraform Provider, or the Palette CLI. You can learn how to create your first cluster in our “Deploy a Cluster” tutorial. Once created, clusters are maintained through Palette’s Day-2 operations capabilities. 

Cluster Profile layers give you the flexibility to easily make changes by removing, swapping or adding a new layer, either from the Spectro Cloud registries or your own custom ones. They can also be imported and exported in JSON format, making it easy to reuse them. 

Palette Cluster Profiles can be updated through different methods, as summarized in the table below.

Method Description Cluster application process
Cluster Profile versions Create a new version of the Cluster Profile with your updates. Select the new version of the Cluster Profile. Apply this new profile version to the clusters you want to update.
Cluster Profile updates Change the Cluster Profile in place. Palette detects the difference between the provisioned resources and this profile. A pending update is available to clusters using this profile. Apply pending updates to the clusters you want to update, at a time that is convenient.
Cluster overrides Change the configuration of a single deployed cluster outside its Cluster Profile. Save and apply the changes you've made to your cluster. These changes are not persisted back to your cluster profile and will not affect other clusters.

Updating with Cluster Profile versions

The recommended way to update Cluster Profiles is by creating Cluster Profile versions. They are commonly used for adding, removing, or swapping layers, as well as pack configuration updates. Cluster Profile versions provide better change visibility and control over the layers in your host clusters. 

One of the key advantages of using Cluster Profile versions is that they make it possible to maintain a copy of previously known working states, serving as a library for rollback and audit purposes. The ability to roll back to a previously verified, working cluster profile in one action shortens the time to recovery in the event of an incident.

In the scenario we described above, you can roll back to the previous Cluster Profile version in one click, and Palette will bring your cluster to that state. This is possible through the declarative approach of Cluster Profiles, which ensures that your cluster is brought back to a consistent, known state once the reconciliation process is completed. 

The application developers can then fix their code, while your cluster returns to a previously known working state. Happy days! 

Once the fix is applied and you have verified it, you can then release the newer cluster profile version to all your clusters, regardless of the complexity of your infrastructure. Palette will monitor and maintain the state of your clusters, removing the need for error-prone manual effort.

Updating profiles in place

Cluster profiles can also be updated in place, without creating a new cluster profile version. The previous state of the cluster profile will not be saved once it is overwritten, so you do not have the same capability to roll back changes as previously.

Palette monitors the state of your clusters and notifies you when updates are available for your host clusters. This feature is beneficial to managing production environments that may contain many clusters, making it difficult to know which clusters are linked to a particular cluster profile. Clusters with pending updates that have not been applied yet are marked in the list of clusters. You may then choose to apply your changes at a convenient time.

Updating cluster profiles in place

Applying cluster-specific overrides

Finally, if you want to make cluster-specific changes, Palette provides cluster overrides. They allow you to apply cluster-level changes, but they do not offer the same audit trail as Cluster Profile versions. These changes persist even if you apply another cluster profile version. When applying updates, Palette highlights your overrides in the cluster profile differential viewer. This feature is beneficial for keeping track of and reviewing dynamic overrides in complex production environments. 

Looking back at our scenario, you could use cluster overrides to manually edit a manifest to point to another version of an application or set an environment variable that disables a particular feature flag. 

Applying cluster-specific overrides

Learn more about Palette

Kubernetes Day-2 operations can pose exciting engineering challenges. In this blog post, we've introduced a powerful concept for simplifying many of those activities, by updating and applying new versions of a Palette Cluster Profile to make changes to your running clusters.

Make sure to check out the “Deploy Cluster Profile Updates” tutorial for more details and hands-on steps on how to use the key features highlighted in this blog post. You will need a Palette account to successfully complete it — arrange a demo to get started.

We'd love feedback on this tutorial or any ideas about future tutorials you'd like to see. You can leave feedback directly in the tutorial through our feedback button or head to our Slack community to discuss directly with the Spectro Cloud team and other users.

Thanks for reading! 

Tags:
Cluster Profiles
Day 2 ops
Using Palette
Docs
Subscribe to our newsletter
By signing up, you agree with our Terms of Service and our Privacy Policy