Smooth sailing aboard Kubernetes on DigitalOcean: Why our new stack is all that
There’s rarely a day when we’re not exploring some new solution to make life easier for our clients and dev teams. There’s always a better tool, right? Recently this meant stepping away from AWS and Docker Swarm. After observing security risks brought on by custom tools and intricate Python and Bash scripting, the stack’s deployment process was as clunky as a Chevy Chevette with spotty floorboards and a Cherry Bomb exhaust.
When Kubernetes appeared on the horizon, it looked like it might have the goods: a scalable, highly efficient system for managing infrastructure. Despite the steep learning curve, we took the plunge. The benefits were immediate.
Paired with DigitalOcean, Kubernetes’ container orchestration gives developers the ability to scale effortlessly. Nodes are added/removed automatically, ensuring applications are responsive when traffic hits peak levels. Kubernetes also automates common tasks, which saves time and lowers the risk of errors. Finally, there’s the cost savings of an open-source platform that runs on commodity hardware. With DigitalOcean’s pricing model, you only pay for the underlying nodes, steering clear of the Kubernetes price tag all together.
Another reason for our move to Kubernetes was the potential to autoscale deployments based on incoming HTTP traffic. Given that existing solutions were overly complicated or not fully realized, we ended up writing our own. This led to significant efficiency gainzz. Now, when a site is inactive, it gets “put to sleep” by scaling down to zero running instances. This frees up precious CPU and memory in our Kubernetes cluster. By pausing when not in use, and automatically ramping back up when needed, we’re able to host more dev sites at less cost.
Kubernetes isn’t without its challenges. One of them was how to securely store and access secrets. Previously, we relied on Hashicorp Vault, but it was costly to run, more advanced than we needed, and overly complicated as a result. While Kubernetes has built-in secrets management, the interface for editing them is less than stellar. We settled on 1Password to store secrets and 1Password Connect Kubernetes Operator to sync them into Kubernetes secrets.
Sailing into the sunset
By offering a flexible tool for managing infrastructure, it’s easy to see why Kubernetes has enjoyed such widespread adoption. If you can take the time to master containers, pods, deployments, services, and ingresses, the solution is well worth it. For our gang at Lelander, it’s led to new levels of scalability, automation, and cost savings. If you have visions of making the switch, give us a holler. We can walk you through the process in greater detail. We might even put on some Christopher Cross to set the mood.