Author Archives: karthequian

About karthequian

I love creating products, and full stack dev comfortable creating things from scratch, and know a bunch about containers, kubernetes, auth and agile development. I live in Austin and organize @devopsdays, @container_days and @cloud_austin. Follow me on twitter.com/iteration1
by | April 19, 2019 · 2:56 pm

Cloud Native security

It’s been a whirlwind few months, and I’ve been terrible about posting to the blog! Had a great time at RSA this year with fellow agile admins James and Ernest, and got to meet many of the folks I really look up to in the security industry. I attended devsecops days as well, which was eye opening to see security folks want to shift more left and work with developers and operations.

Also, I had a chance to present about the different things going on with respect to security in the cloudnative world. Here’s a copy of the slides.

I have more thoughts to add on this, but I’ll come back to it later today!

Leave a comment

Filed under DevOps

by | July 27, 2018 · 10:05 am

3 Features I love in Kubernetes 1.11

Originally published in the cloudnative blog on July 3rd

Kubernetes 1.11 was released last week, and I spent some time looking at the features and fixes released. It’s the 2nd Kubernetes release this year, and this one comes with a lot of cool features to try out. You can take a look at the release notes here, or if you want to get down in the weeds, check out the changelog.

I’m most excited about the “Dynamic Kubelet Configuration” feature! This feature existed previously but has graduated to a “beta” feature. It means that’s it’s more stable than before, and the feature is well recognized. The feature essentially allows you to change the configuration of Kubelet on a running cluster in a more accessible manner using configmaps. The configmap is saved as a part of the Node object which is monitored by Kubelet. Any changes to it and Kubelet will download the reference and stop. If you’re using something like systemd to watch Kubelet, it’ll automagically restart Kubelet, which will start with the new configuration. This feature is super exciting because it gives admins who manage all of the nodes a little break. In the past, any updates to the config had to be rolled individually to each node, which could be a time-consuming process.

I like that Custom Resource Definitions (CRD) are a lot more usable now with versioning. In the past, you were limited to a single version of a CRD; any changes, and you had to create a new one and manually convert everything that used the old CRD to the new one. All a bit painful! With versioning, the path to using updated custom resources is more straightforward than before.

Finally, CoreDNS was promoted to General Availability! In the early Kubernetes years, there some confusion on what DNS provider to use, and there were a few options. For someone who was looking at the ecosystem from the outside, it was hard to tell what DNS solution to pick. I touched on this in my Kubernetes: CNCF Ecosystem course, and how the CNCF was able to steer the community to a better default! It took some time, but in the end, having CoreDNS as a default DNS server will help Kubernetes be more reliable, and make DNS debugging simpler for those of us dealing with the inner workings of K8s.

There are a lot more things released, so check out the release announcement if you haven’t already!

There are also a few tiny things that were released that have me excited:

First, this PR allows for Base64 decoding in a kubectl get command using go-templates. Super useful to have a one-liner to decode what something might be in a secret.

Second, from a monitoring perspective, Kubelet will expose a new endpoint, /metrics/probes. This presents a new Prometheus metric that contains the liveness and readiness probe results for the Kubelet. It will allow you to build better health checks and get a better picture of the state of your cluster.

Third, RBAC decisions are in the audit logs as audit events! Since I’ve worked on authn and authz systems in the past, I get irrationally excited about stuff like this. In the past, we’d have to go hunting through logs to find why an RBAC call passed/failed, whereas now we can quickly look at the audit events stream.

That’s my (biased) list! What about you? What feature or bugfix has you excited? Let me know in the comments below, or tweet at me @iteration1!

Leave a comment

Filed under DevOps

by | July 26, 2018 · 10:52 am

Cloud-native helloworld

wood_3200402_1920-1
Originally published  on cloudnative labs on June 28th, 2018

Speaking and writing come pretty naturally to me, but setting a title is always the hardest part. It’s true while writing code as well- writing 1000 lines of code comes naturally, but when I have to create and name a new file, it’s a different story…

But, I digress- Hi! I’m Karthik Gaekwad, and I’m the newest member of the Developer Relations team here at Cloud-native labs. If you live in Austin, we’ve probably already crossed paths at one of the many meetups I attend or run including CloudAustinAustin DevopsDocker Austin, OWASP, etc; or perhaps at Devopsdays Austin, for which I’ve been one of the core organizers since its inception in 2012. I’m also an author on Lynda.com, and have authored a few courses on Kubernetes, and Agile devops methodologies.

I’m joining the Cloud-native labs team from the Oracle Container Engine team- which is Oracle’s managed Kubernetes service running on Oracle Cloud Infrastructure. Naturally, I’ll be focusing my efforts on Kubernetes, microservices and Cloud Native architectures and applications.

There are many things I’m excited about with the new job, but I’m most excited to learn and teach! The one constant theme that I’ve noticed with Kubernetes over the last few years since it got hot is the word “How?”. As a user of Kubernetes, I’ve frequented in the Kubernetes doc searching for answers, and as a Lynda author, I’ve received many messages of thanks from viewers that they now knew how to use Kubernetes. The cloud-native ecosystem is one of the fastest growing ecosystems I’ve seen, and it’s hard to keep up with the changes, new releases, and new projects that support the ecosystem. As a result, I’m excited to spend more time keeping pace with all the new happenings and spend time researching best practices for microservices and cloud-native apps, welcome new users to the world of K8s, and bridge the gap between the cloud-native platforms we have on OCI today.

I’ll be spending a lot of time researching, speaking, blogging and answering questions! Feel free to reach out to me on TwitterLinkedin or comment on here as well- I’m here for you!

-Karthik

Leave a comment

Filed under DevOps

by | January 26, 2018 · 12:25 pm

CNCF and K8s 101’s

I never make New Year’s resolutions, but I want to do something different for 2018!

One thing I’m learning a lot about is Kubernetes and the CNCF ecosystem around it over the past couple of years and often find myself having a hard time keeping up with ecosystem sometimes. There are almost weekly releases on the many projects, and getting started content for all the new tools and technology is hard to find.

So! I plan to do quick 101 blogs on different topics under the Container/Kubernetes/CNCF umbrella. My first blog article will be on Prometheus- The monitoring tool that integrates GREAT with k8s! It’ll be based on my GitHub code here: https://github.com/karthequian/prometheus-demo (shhh sneak peak).

But, I need your help! Give me a list of things you are confused about in the container space, or want more info on, and I’ll be happy to do the legwork on it!

So, give me input here, or on twitter!

1 Comment

Filed under Cloud, DevOps, k8s, Monitoring

by | January 26, 2018 · 10:09 am

Released! Learning Kubernetes and K8s: Native Tools

 

I’ve been working on the managed Kubernetes Engine at Oracle as described here by my StackEngine CEO Bob Quillin.

Being knee deep in the Kubernetes and CNCF ecosystem is very exciting, and it reminds me a lot of the early days of the Docker ecosystem. Kubecon in December had a lot going on with a plethora of projects and lots of vendors. In the future, I believe Kubernetes will be the defacto platform that many large enterprises will use as their orchestration and IT platform when they look to modernize their architecture. It is either all Kubernetes, or all cloud native, or serverless, or somewhere in between.

And speaking of K8s, my Lynda courses on Kubernetes just released! I had filmed them late last year at Lynda’s campus in Carpinteria, CA- Learning Kubernetes and Kubernetes: Native Tools!

Learning Kubernetes covers all the information you’ll need to get started using Kubernetes- the concepts, examples, install and everything you’ll need to get started rocking with k8s!

Kubernetes: Native Tools is a shorter course that covers the different tools available in the k8s ecosystem.

Let me know what you think- and, reach out if you have questions or issues! K8s might be overwhelming initially, but stick with it, and it’ll make your container management life so much easier!

9 Comments

Filed under DevOps

by | October 18, 2017 · 10:09 am

Long live ChatOps, RIP AOL IM!

I grew up in Muscat, Oman, and it was an exciting time when we got Internet at home in 1996. By 1998, all of my friends who had Internet at home were first on ICQ and then on AOL IM. AOL IM was huge when I went to college in the early 2000’s and was the primary way to connect friends together to chat. Back then, it was rare to have chat rooms, and the rooms that existed were usually long-running things set up to talk about general topics.

The first time I saw value in a chat room in a professional setting was when I got invited to a Basecamp “deploy room” by fellow Agile Admin Peco (or was it Ernest?) at NI when our quarterly release cycle was going super poorly, and all of us (100 other people) were waiting around at hour #34 trying to figure out why some random enterprise application was holding up the rest of the release process. Post invitation to the room, I was able to look at the past messages between the ops team about application failures, and then realized pretty quickly that our databases weren’t actually responding like they should. It took all of 10 minutes to ask someone on the ops side with credentials to run a database query, and figure out that the db creds were all wrong. 2 hours later, the release was all done…

That moment made me realize that 1×1 chats were great, but having a persistent chat rooms with teams of people added value to an organization.

Recently, a colleague asked me a simple question that made me reflect. He asked, “What’s the big deal about Slack?”. At work, there’s been a big push to move towards Slack, when we’ve had 1×1 chat forever. Here are my 5 most compelling reasons for doing so:

1) Collaboration++: 15 years ago, software was a simpler, and there was no cloud/microservices. You’d have 1 large binary to deploy for a platform, and typically have a few folks who understood the overall workings of platform. Today, with microservices, you require a bunch of applications to deploy, and each of these have specific owners who understand specifics. Thus, you’re going to have to have conversations with multiple folks to figure out any issues. Having this in a room setting versus a 1×1 setting gets you to a resolution faster.

2) Chat metadata: Chat is less about words, and more about conversations that include images, links, slash commands, workflows etc. Chatops tools make pasting these much easier than before, and looking at formatted code in Slack is so much easier to read than looking at the same in pidgin.

3) Chat History: Chat apps now give you history – even from when you were not online or in the chat room. This is valuable from the perspective that you can see everything from when you weren’t around, and don’t have to ask someone to keep repeating the problem over and over again. You can just scroll up, read the context, and be ready to help if you can. This is my one knock against IRC (or at least the implementation of IRC at a company I worked at); it was nice to have everyone in a spot, but it only worked when we were VPN’ed in, and had no history.

4) Pipelining with chatbots: Continuous Integration/Delivery is all the rage these days! Having a chat system that allows for your devops systems to push data is a primary requirement in order to build a pipeline of this sort. Responses to broken builds, tests, alerts are quicker when the data associated with these are transmitted to a chatroom that you’re looking at, than having to look at Jenkins all the time. Chatbots are invaluable in this scenario, and help you with information flow.

5) The new normal: A new generation of engineers already do this. It’s already part of the culture for the next generation of engineers who work on open source (for example, kubernetes slack) and there’s even chatter about slack at Universities now. The world is evolving towards broader conversation, and not having chatops tools will hurt your company in terms of hiring and retention.

 

Agree/Disagree, or have a different perspective? Let me know by commenting below!

4 Comments

Filed under Agile, DevOps

Tagged as

by | October 14, 2017 · 1:55 pm

Docker 101

Working at Stackengine, and now at Oracle, I’ve been working in the Docker ecosystem for the last 5 years!

While containerization has taken the IT and devops world by storm, a lot of larger enterprises might still be on the outside looking in. If you find yourself in that boat, you’re in luck!

Here’s a quick video on getting you running your very first Docker container on your Mac in under 5 minutes.

Also, I had the pleasure of traveling back to my childhood hometown of Bengaluru and presenting a workshop at Code Conf this year. I’ll create a separate post about my travels, but I got to present a workshop lab that is an Introduction to Containers. This lab is a perfect follow on to the video above, and will help you get started on your Docker journey! Let me know if you have questions.

If you’re more of a product manager, or just looking for why you’d want to use Docker, and understand its usecases, you can take a look at this presentation I had published on Why to docker? as shown below.

Questions, comments, or concerns? Hit us up by leaving a comment below…

2 Comments

Filed under DevOps

by | August 13, 2015 · 10:38 am

Why to Docker?

I recently gave a presentation on “Why to Docker” for the BrightTalk summit. Here’s a list of all the things I talked about. I had a great turnout of over 300 people, and some great questions that followed. Fortunately, I finished a bit early and was able to answer a bunch of the questions (was asked about 30). I’ll end up adding answers to all the questions this weekend!

Here’s a link to the slides:

Leave a comment

Filed under DevOps

Tagged as ,

by | June 9, 2015 · 11:21 am

Devops State of the Union 2015

James, Karthik, and Ernest did a Webcast on Devops State of the Union 2015 talk for the BrightTalk Cloud Summit. It went well!  We had 187 attendees on the live feed. In this blog post we’ll add resources discussed during the talk and we will seed the comments below with all the questions we received during the webcast and answer them here – you’re all welcome to join in the discussion.

The talk was intended to be an overview of DevOps, with a bunch of blurbs on current and developing trends in DevOps – we don’t go super deep into any one of them (this was only 40 minutes long!). If you didn’t understand something, we’ve added resource links (we got some questions like “what is a container” and “what is a 12-factor app,” we didn’t have time to go into that in great detail so check some of the links below for more.

devopsstateoftheunion

Resources:

22 Comments

Filed under DevOps

Tagged as , , , , , ,

by | November 20, 2013 · 5:11 pm

ReInvent – Fireside Chat: Part 1

One of the interesting sessions at ReInvent was a fireside chat with Werner Vogels., where CEO’s or CTO’s of different companies/startups who use AWS talked about their applications/platforms and what they liked and wanted form AWS. It was a 3 part series with different folks, and I was able to attend the 1st one, but I’m guessing videos are available for the others online.  Interesting session, giving the audience a window into the way C level people think about problems and solutions…

First up, the CTO of mongodb…

Lots of people use mongo to store things like user profiles etc for their applications. Mongo performance has gotten a lot better because of ssd’s

Recently funded 150 million, and wanting to build out a lot of tools to be able to administer mongo better.

Apparently being a mongodb dba is a really high paying job these days!

User roles may be available in mongo next year to add more security.

Werner and Eliot want to work together to bring a hosted version of mongo like RDS.

Next up twilio’s Jeff Lawson

Jeff is ex amazon.

Untitled

Software people want building blocks and not some crazy monolithic thing to solve a problem. Telecom had this issue, and that is why I started Twilio.

Everyone is agile! We don’t have answers up front, but we figure out these answers as we go.

Started with voice, then moved to SMS followed by a global presence. Most customers of ours wanted something that didn’t want boundaries and just wanted an API to communicate with their customers.

Werner: It’s hard to run an API business. Tell us more…
Lawson: It is really hard. Apis are kinda like webapps when it comes to scaling. REST helps a lot from this perspective. Multi tenancy issues gets amplified when you have an API business.

Twilio apparently deploys 20 times a day. Aws really helps with deployment because you can bring brand new environments that look exactly like prod and then tear it down when things aren’t needed.

When it comes to api’s, we write the documentation first and show our customers first before actually implementing the API. Then iterate iterate iterate on the development.

Jeff asks: Make it easier to make vpc up and running.

Next up: Valentino with adroll (realtime bidding)

Untitled

There’s a data collection pipe which gets like 20 tb of data everyday.

Latency is king: Typically latency is like 50ms and 100ms. This is still a lot for us. I wish we had more transparency when it comes to latency inside aws and otherwise…

Why dynamo db? Didn’t find something simple at the time, and it was nice to be able to scale something without having to worry about it. We had 0 ops people at the time to work on scaling at the time.

Read write rates: 80k reads per second (not consistent), 40k writes per second.

Why erlang? You’re a python god.
I started working on Python with the twisted framework. But I realized that Python didn’t fit our use case well; the twisted system worked just as well but it would be complicated to manage it and needed a bit of hacks..

Today it would be hard to pick between erlang and go….

Leave a comment

Filed under Cloud, Conferences

Tagged as , , , , ,