(One of my summaries of the 2023 Dutch edgecase k8s conference in Utrecht, NL).
He is involved in the FinOps foundation. FinOps is about cooperation between the OPS side and the business side of companies. Cloud is critical to every business, but it is very different from regular IT procurement: it is decentralized, for instance. Small purchases can be made in all parts of the company. And the costs are variable instead of the old fixed costs of a regular data center.
They have a finops “framework”, based around personas:
Finops practitioner
Executive
Business/product owner
Finance/procurement
Engineering/operations
And around different phases:
Inform
Optimize
Operate
(I couldn’t really follow the style of presentation very well… so the summary is lacking a bit. I have a few hopefully useful snippets below).
The core seems to be that it is hard to attribute costs. An idea he mentioned is to label/tag everything in your kubernetes cluster. That gives you a start in attributing costs.
The cncf lists projects for FinOps, some of which are open source. An example is OpenCost. There’s also “FinOps open cost and usage specification” (FOCUS).
Somewhere during his presentation he mentioned DOK, data on kubernetes, when he mentioned running postgres inside a container. That’s something I’m going to check out.
FinOps is useful, but there’s more: GreenOps. The same reporting tools can be used for looking at your “cloud carbon footprint”. Important, as we only have one production environment: the earth.
Developer efficiency is really important. Portworx is a company that wants to help there. “Why can’t developers have self-service”? Running a database in your cluster? Fine! We want it.
Database as a service, storage automation, backup and disaster recovery. “Enterprise storage platform”.
You can use portworx pre-packaged in many commercial clouds, but also in your own clusters.
Watch out with experienced people. Especially those with 20 years IT experience and 0 years kubernetes experience. Don’t give them admin access to something they don’t understand. He gave an example.
kubectl diff
ignores extra fields in your environment. Argocd relies on
kubectl diff
. So argocd thinks everything is up to date. But there might
be extra manual fields in your production config, like a manual resource limit
or an extra label…
Kubernetes does what you tell it too. For instance, pruning your cluster removes everything that’s not in your config. Nice! But when you accidentally remove part of your config from your repository, just as quickly kubernetes cleans up your cluster… Watch out.
Restarting the internal image repository (person A) at the same time as updating the nginx containers from that same internal image repository (person B). Only…. the image repository was behind nginx that needed that same image repository… Circular dependency.
So:
Don’t trust experience.
Don’t put dependencies of your cluster inside your cluster.
How to bring cloud native concepts to the edge. For that Suse focuses on six things:
Onboarding. Getting remote machines to join up in your cluster.
Cluster management. Upgrading.
Observability..
Security.
Workload managment.
OS management. Keeping this up to date.
There are difficulties. Industrial IoT can be legacy environments. Lengthy lifesycles. Old hardware. Lack of standardisation. Something running an old Windows XP is pretty common to find. Traditionally often slow to adopt change.
Two main targets:
Getting the market to adopt cloud native techniques.
Interfacing with both legacy and modern IoT devices.
Having to use containers: yes, that’s clear. No need to discuss that. Some standardisation on how to run/manage it: yes please. What could really help: a pluggable mechanism for discovery of IoT devices in k8s. Plus integration and automation for apps to use those discovered devices.
He introduced Akri. A “resource interface” for connecting existing devices to kubernetes. USB stuff on a windows host, for instance.
Akri runs on a node and handles discovery. Upon discovery, a k8s service is started to expose the data. Application can then consume the data via said service.
He showed a quick live demo. Which actually worked, even after accidentally dumping the hdmi connector in his glass of water :-)
My name is Reinout van Rees and I work a lot with Python (programming language) and Django (website framework). I live in The Netherlands and I'm happily married to Annie van Rees-Kooiman.
Most of my website content is in my weblog. You can keep up to date by subscribing to the automatic feeds (for instance with Google reader):