Some questions about Kubernetes can only be answered by looking at the experiences of those who have successfully walked the path to the container-based architecture, including: What can be achieved with Kubernetes and what might be illusion? What mistakes can be avoided when implementing the technology? How much time must be scheduled and what resources need to be considered? What changes besides the technical upheaval need to be addressed?

Agile Car Maker

The faster new ideas translate into tangible products, the better the prospect of business success. This concept is referred to as "time to market" – the shorter, the better. In the automotive industry, rapid application development and deployment guarantees a competitive edge. One technical prerequisite is established by containerization and cloud computing, which are asserting themselves in many places and are generally seen as drivers of IT innovation.

Porsche Informatik [1] has taken this path. The company provides IT services for Porsche Holding Salzburg and the Volkswagen Group. Millions of people in car dealerships, workshops, import operations, logistics companies, and the financial services industry, as well as Internet end users, use systems by Porsche Informatik. The organization delivers and manages 180 solutions in 32 countries across four continents. To this end, Porsche Informatik employs more than 800 specialists who develop and provide solutions for the ongoing digital transformation of the automotive industry.

These solutions involve business software for authorized dealers, after sales service, spare parts sales, and financial services. One concrete example is the Car Configurator, which lets prospective new car buyers put together their dream vehicle on the Internet in just a few steps. Both the images of the vehicle and the price computations are instantly updated with any selected details: paint, interior trim, wheels, and so on. Once the desired car has been configured, it can be supplemented with loan, leasing, and insurance offers. The Car Configurator is integrated into the websites of the Volkswagen Group brands and car dealerships.

Another example of the solutions for which Porsche Informatik is responsible is the "Das WeltAuto" [2] used car portal, available in many countries, which provides a wide range of inspected, serviced, and repaired used cars over the Internet. Participating dealers, as well as private sellers, can advertise their used vehicles there. In the US, this service is available through dealers and is called Certified Pre-Owned [3], and in the UK, Approved Used [4].

The basis of the application infrastructure for Porsche Informatik's solutions and services is the Red Hat OpenShift [5] enterprise Kubernetes platform, which the company operates in a private cloud environment. By migrating the previous legacy infrastructure to the container-based, cloud-native platform, Porsche Informatik was able to reduce development times from weeks to hours. On average, applications and services can be built, tested, and deployed in about 90 percent less time than in the past. An initial prototype is available within hours with Red Hat OpenShift.

Michael Karnutsch, Infrastructure Architect at Porsche Informatik, explained that: "Kubernetes is clearly the de facto standard for Linux container development. However, in our opinion, building a Kubernetes infrastructure yourself is not a sensible path to take when commercial products and standard solutions such as Red Hat OpenShift are also available, because they already include many important performance features, such as authorization, authentication, logging, and metrics. However, you also need to be clear about one thing: If you don't have any Kubernetes know-how on the infrastructure and development side, it won't work either."

Red Hat OpenShift, the standard container orchestration product, is based on Kubernetes, provides a stable container platform environment for applications, and helps development teams run their continuous integration/continuous delivery (CI/CD) pipelines. More specifically, Red Hat OpenShift lets developers design, automate, scale, and manage container-based applications. The Enterprise Kubernetes platform includes all the features and services needed to run a container management solution for mission-critical applications on different infrastructures in a certified way, including aspects such as service-level agreements (SLAs), multiple layers of security, automation, and cluster management.

Red Hat OpenShift provides the runtime environment at Porsche Informatik. The platform currently hosts development processes in 11 clusters, with thousands of containers on well over 100 nodes, and is regularly used by around 500 developers. The clusters are broken down into testing and production environments. The infrastructure allows the deployment of a new cluster within a few hours.

Administrators can easily implement and enforce security and other policies across teams and clusters from Red Hat OpenShift's unified management console. Porsche Informatik also uses Red Hat Advanced Cluster Management for Kubernetes and Argo CD for infrastructure management that ensures Red Hat solutions remain up to date, are protected against vulnerabilities, and comply with various standards.

One of the key benefits of the new container-based, cloud-native environment is the self-service capabilities for Porsche Informatik's development teams. They can now provision services and infrastructure independent of the enterprise infrastructure team. The request process for resources is very simple and, above all, fast. In the past, deploying, for example, Apache Tomcat was very time-consuming, from requesting the web server to rolling out a virtual machine and integrating it into the network infrastructure, to setting up the certificates.

From a technical point of view, the benefits of the new infrastructure are also reflected in the greater freedom for development teams. In principle, they can introduce and operate new technologies more easily or set up applications completely independently without having to worry about the underlying infrastructure. Examples include Node.js or a database management system such as MongoDB to cover new use cases.

In terms of security, in particular, Porsche Informatik uses solutions that complement the runtime environment for the logon procedures, container image scanning, and CI/CD, among other uses. In terms of build and deployment environments, Jenkins is used in development with a GitLab environment and Argo CD in the infrastructure area.

Thanks to the introduction of an agile, collaborative DevOps approach supported by Red Hat OpenShift, developers, architects, infrastructure experts, and platform teams at Porsche Informatik can collaborate far more effectively to design and update innovative applications and services, avoiding redundant work in the process.

However, introducing an enterprise Kubernetes platform and adopting agile, iterative processes also require a cultural change within the company. This aspect mainly affects the operations division, rather than the development division, which is already familiar with DevOps processes. Where operations also follow an as-code approach, a new mindset is needed that eliminates the classic separation of such groups as the Linux, network, or storage teams.

Although getting started in the Kubernetes world isn't rocket science, companies need to keep a few things in mind. From the perspective and experience of Porsche Informatik, the following best practices appear to be helpful:

• Trials and intensive testing of a Kubernetes environment should come first.
• The use of a standard platform is always recommended; it takes a lot of work off the company's shoulders.
• Users should always stick to the Kubernetes standard.
• A registry and base image structure must be created and made available to developers.
• New developers need help to get started, more specifically in the form of documentation with a detailed process description for various actions, such as deploying applications.

The result of such a process is an infrastructure that scales, maintains, and patches well and that future-proofs the enterprise for challenges that lie ahead.

Of course, development at Porsche Informatik is an ongoing process. In the medium term, the aim is to deploy Red Hat OpenShift in a public cloud. Porsche Informatik's goal is to deliver all applications to employees and end users in all countries with Microsoft Azure Red Hat OpenShift. Managed services from Microsoft will also be accessible to developers in the future "as code" from a pipeline.

Agile Authority

More agility was also the issue in a large German federal authority. Although agile processes had already been in use for about three years in the development of new software, the waterfall model was still used for older software in the core inventory (Java 2 Platform, Enterprise Edition (J2EE) applications, service-oriented architecture (SOA) services, Oracle Fusion Middleware): A development department updated programs about three times a year, and other business units operated them. In contrast, new software that is created in line with the DevSecOps approach and is also operated by the same team can already be up and running with a 14-day cycle.

Even before Kubernetes, people were dealing with virtualization and containers with Apache Mesos, which manages all the resources of a data center or cloud in a centralized, platform-independent way and also natively supports Docker containers. However, it had become increasingly difficult to find employees with Mesos expertise. When the previously used container orchestrator DC/OS was discontinued, a decision was taken to switch to the market leader, Kubernetes.

In the course of doing so, a number of difficulties had to be overcome, such as rapid migration of all legacy DC/OS processes along with their data into the Kubernetes world or the introduction of a service mesh (Istio [6]) that did not exist before. Troubleshooting across multiple virtualization layers also proved to be very complex. On top of that, the strict compliance requirements of the public sector had to be met. Differences in the willingness to adapt to new things and to leave behind traditional ways were present across the various departments.

In the end, however, some achievements on the positive side were noteworthy. A cutting-edge and innovative technology platform has been established for the next few years and is constantly evolving. It forms the basis for the development of agile software that can also be ported easily to hybrid clouds in container format. Classic operations also benefit from the very high level of automation, which makes many manual work steps superfluous. The recruitment of new employees is also easier now.

What proved to be particularly important en route to Kubernetes was having well-coordinated teams that regularly exchanged ideas in a spirit of trust and that cultivated shared values, such as an open error culture. From a technical point of view, the experience with several smaller clusters instead of a single very large cluster was positive (and involved the use of a specially tailored Kubernetes distribution – from SUSE in this case), as was a consistent alignment with the mission statement of infrastructure as code, to ensure traceability and repeatability.

Agile Media

Kubernetes is not only providing food for thought in industry and government, but also in the media – for example, at the leading Spanish media company Atresmedia [7], which houses radio, television, and streaming services under one roof. The people in charge recognized that the expectations of today's media consumers cannot be served well by legacy, monolithic applications. Moreover, the cost of software maintenance (e.g., for the content management system) had risen to dizzying heights. At the same time, the environment was slow and had limited scalability, which is a very important criterion when huge volumes of data are generated in a short period of time, such as in the course of election coverage.

Therefore, the company decided to break with the old architecture and base a new approach on microservices. The underpinnings were to be Canonical's Charmed Kubernetes [8] product, which comes with a high level of automation and scalability. The vendor was not an unknown, and the company had relied on Ubuntu for encoding and transcoding videos for many years. With its containerization approach, microservices promised the flexibility, resilience, and ease of management Atresmedia was looking for. Of all the microservices-oriented projects the company tested, Kubernetes performed best and offered the added benefit of having a large community.

Canonical helped Atresmedia automate the deployment, operation, and scaling of the new Kubernetes cluster with the help of Juju, the operational lifecycle management tool for Charmed, resulting in a seamless implementation and massive simplifications of on-going application management. Additionally, Juju facilitated Atresmedia's deployment of cloud-native applications, both on-premises and in the cloud, which is an important requirement given the company's hybrid and multicloud strategy.

Initially, Atresmedia relied on Canonical support for day-to-day operations. However, since the roll-out, the in-house IT team has built up expertise and now maintains the cluster independently. Canonical remains available to resolve any major issues, but in four years they have not had a single significant incident. Óscar Martinez, Head of Architecture and Backend Development at Atresmedia, comments: "We always strive for autonomy. So it was good to know that we were not tied to a consulting service. And now that we have in-house skills, Juju is invaluable. It has helped us become totally flexible when we need to develop or modify the cluster."

The new Kubernetes-based solution makes scaling issues a thing of the past. As soon as the ATRESplayer streaming service is faced with increased traffic, the system automatically scales up its resources to cope with the traffic. It passed its baptism of fire during the Spanish general election in 2019, where it presented the latest election results in real time to hundreds of thousands of Spanish citizens. "If we had not been able to handle the traffic and provide up-to-date data, it would have been a serious blow to our competitiveness," said Miguel Rodriguez, "but Charmed Kubernetes met our expectations. Scaling worked without any problems."