Posts Tagged ‘PaaS’
[DevoxxPL2022] How We Migrate Customers and Internal Teams to Kubernetes • Piotr Bochyński
At Devoxx Poland 2022, Piotr Bochyński, a seasoned cloud native expert at SAP, shared a compelling narrative on transitioning customers and internal teams from a Cloud Foundry-based platform to Kubernetes. His presentation illuminated the strategic imperatives, technical challenges, and practical solutions that defined SAP’s journey toward a multi-cloud Kubernetes ecosystem. By leveraging open-source projects like Kyma and Gardener, Piotr’s team addressed the limitations of their legacy platform, fostering developer productivity and operational scalability. His insights offer valuable lessons for organizations contemplating a similar migration.
Understanding Platform as a Service
Piotr began by contextualizing Platform as a Service (PaaS), a model that abstracts infrastructure complexities, allowing developers to focus on application development. Unlike Infrastructure as a Service (IaaS), which provides raw virtual machines, PaaS delivers managed runtimes, middleware, and automation, accelerating time-to-market. However, this convenience comes with trade-offs, such as reduced control and potential vendor lock-in, often tied to opinionated frameworks like the 12-factor application methodology. Piotr highlighted SAP’s initial adoption of Cloud Foundry, an open-source PaaS, to avoid vendor dependency while meeting multi-cloud requirements driven by legal and business needs, particularly in sectors like banking. Yet, Cloud Foundry’s constraints, such as single HTTP port exposure and reliance on outdated technologies like BOSH, prompted SAP to explore Kubernetes as a more flexible alternative.
Kubernetes: A Platform for Platforms
Kubernetes, as Piotr elucidated, is not a traditional PaaS but a container orchestration framework that serves as a foundation for building custom platforms. Its declarative API and extensibility distinguish it from predecessors, enabling consistent management of diverse resources like deployments, namespaces, and custom objects. Piotr illustrated this with the thermostat analogy: developers declare a desired state (e.g., 22 degrees), and Kubernetes controllers reconcile the actual state to match it. This pattern, applied uniformly across resources, empowers developers to extend Kubernetes with custom controllers, such as a hypothetical thermostat resource. The Kyma project, an open-source initiative led by SAP, builds on this extensibility, providing opinionated building blocks like Istio-based API gateways, NATS eventing, and serverless functions to bridge the gap between raw Kubernetes and a developer-friendly PaaS.
Overcoming Migration Challenges
The migration to Kubernetes presented multifaceted challenges, from technical complexity to cultural adoption. Piotr emphasized the steep learning curve associated with Kubernetes’ vast resource set, compounded by additional components like Prometheus and Istio. To mitigate this, SAP employed Kyma to abstract complexities, offering simplified resources like API rules that encapsulate Istio configurations for secure service exposure. Another hurdle was ensuring multi-cloud compatibility. SAP’s Gardener project, a managed Kubernetes solution, addressed this by providing a consistent, Kubernetes-compliant layer across providers like AWS, Azure, and Google Cloud. Piotr also discussed operational scalability, managing thousands of clusters for hundreds of teams. By applying the Kubernetes controller pattern, SAP automated cluster provisioning, upgrades, and security patching, reducing manual intervention and ensuring reliability.
Lessons from the Journey
Reflecting on the migration, Piotr candidly shared missteps that shaped SAP’s approach. Early attempts to shield users from Kubernetes’ complexity by mimicking Cloud Foundry’s API failed, as developers craved direct control over Kubernetes resources. Similarly, restricting cluster admin roles to prevent misconfigurations stifled innovation, leading SAP to grant greater flexibility. Some technology choices, like the Service Catalog project, proved inefficient, underscoring the importance of aligning with Kubernetes’ operator pattern. License changes in tools like Grafana also necessitated pivots, highlighting the need for vigilance in open-source dependencies. Piotr’s takeaways resonate broadly: Kubernetes is a long-term investment, requiring a balance of opinionated tooling and developer freedom, with automation as a cornerstone for scalability.
Links:
[DevoxxBE2013] OpenShift Primer: Get Your Applications into the Cloud
Eric D. Schabell, JBoss technology evangelist at Red Hat, demystifies OpenShift, a PaaS revolutionizing cloud deployment for Java EE, PHP, Ruby, and beyond. Author of the OpenShift Primer e-book, Eric—drawing from his integration and BPM expertise—guides attendees through rapid app migration, showcasing portability without code rewrites. His action-packed session deploys a Java project in minutes, contrasting OpenShift’s ease with cumbersome VMs.
OpenShift’s open-source ethos, Eric argues, delivers developer freedom: Git-based workflows, auto-scaling gears, and cartridge-based runtimes. From free tiers to enterprise scalability, it transforms cloud adoption, with European data centers addressing latency and privacy concerns.
Demystifying PaaS and OpenShift Fundamentals
Eric contrasts IaaS’s VM drudgery with PaaS’s streamlined abstraction. OpenShift, atop Red Hat Enterprise Linux, provisions environments via cartridges—pre-configured stacks for languages like Java.
He demos creating an app: rhc app create, Git push, and instant deployment, emphasizing no vendor lock-in.
Rapid Deployment and Portability
Portability reigns: Eric deploys a legacy Java EE app unchanged, leveraging JBoss EAP cartridges. PHP/Ruby examples follow, highlighting multi-language support.
This agnosticism, Eric notes, preserves investments, scaling from localhost to cloud seamlessly.
Scaling, Monitoring, and Security
Auto-scaling gears adjust to loads, Eric illustrates, with hot-deploy for zero-downtime updates. Monitoring via console tracks metrics; security integrates LDAP and SSL.
For Europe, Irish data centers mitigate latency, with GDPR-compliant options addressing data sovereignty.
Why OpenShift? Open-Source Advantages
Eric’s pitch: unmatched ease, no code changes, and open-source values. Free tiers on AWS East Coast suit demos, with paid plans offering local regions like Ireland.
He invites booth chats, contrasting OpenShift’s speed with competitors’ rigidity.