The IT landscape has changed thanks to Kubernetes. Mathias Herzog, Team Leader for Linux Engineering at PostFinance, explains how PostFinance is working with the new de facto standard for developing cloud-based applications.
Kubernetes is open source, and therefore fits in perfectly with the technology strategy of our IT infrastructure. The modern cloud-based platform ideally supports PostFinance’s agile software development processes. What’s more, dynamic resource scaling and the self-healing of Runtime components help reduce operating costs significantly.
As a shared platform, Kubernetes provides the basis for business-critical application services. Each of the clusters are set up to be readily available, and are distributed across different PostFinance data centers. Steps to link it to operating systems for logging, monitoring, tracing and alarming, as well as to embed it in the security infrastructure of PostFinance, are being implemented with additional open-source components, and various software components written in-house are being used for automation. The components are written in the Golang programming language and are also made available under an open-source licence in the The link will open in a new window GitHub of the Kubernetes community.
In recent months, Kubernetes has become the de facto standard for developing cloud-based applications. The development of Kubernetes and the countless additional components is progressing rapidly. By getting to grips with these technologies ourselves, we are able to keep up with the times and work with state-of-the-art open-source technology. With the rapid development of technology, the challenge is to constantly acquire new knowledge in order to keep up. It is a steep learning curve, and there are still no “proven” concepts for us to fall back on, and so the only way to learn is to draw from our own experiences and to keep working with other companies that deal with the technology.
For an application to be optimally scaled on Kubernetes, it is important for it to be “cloud ready”, as it were. In an ideal scenario, the application as a whole would be distributed across various smaller micro services. Each component of the application should ideally be stateless, and should be restarted several times within the cluster to ensure a given service is available at all times.
At PostFinance, several earlier applications have a more monolithic structure. Even some of the frameworks used are still too cumbersome for Kubernetes. This is why existing applications practically never undergo 1:1 migrations, and frameworks often have to be adapted in some way. In these instances, migrations to the Kubernetes platform are gradual in nature, and involve the removal of individual services from the monolithic system and rewriting them. Those areas that work with purchased software components also pose a challenge. Software developers on the market often find themselves lagging behind the technological advances of cloud-based applications, and cannot enjoy the benefits of Kubernetes platforms right away.
A current trend in the cloud-native environment is the development of serverless frameworks, exemplified by the well-known Google Cloud Functions and Amazon AWS Lambda pioneering technologies. There are several different frameworks available on the Kubernetes platform that can be used to map these types of serverless deployments. However, as no project has really established itself yet, it is too early for PostFinance to implement specific developments in this area. But it is something we will be keeping a close eye on. Another trend in the Kubernetes environment is “service mesh”. A service mesh can, for instance, be used to map different deployment strategies (blue/green, canary, a/b), and to implement fine-tuned, cross-service security rules. In this area too, the development of different frameworks is progressing. PostFinance is also focussing on this trend, and has already started work on some initial proofs of concept and taken some initial steps.
Kubernetes is particularly a good option for dynamic, distributed and scalable microservice patterns. In the case of highly I/O intensive and state-based applications (e.g. database systems, Elasticsearch clusters and so on), we do not use Kubernetes. At PostFinance, these types of applications are run on virtual or physical Linux/Windows systems.
