AWS re:Invent 2019 Tech Column – Five Tips for Container and K8S Best Practices

Nextlink Technical Social Media Curator participated in many technical sessions during the five-day AWS re:Invent 2019 event. In this article, we will be sharing with you five tips from US software analytics company New Relic’s software consultant, who is the speaker and who coaches customers on best practices of containers and K8S.

First, the speaker started off mentioning the brief process for customers to import containers and K8S, and explaining the benefits of using related services, including speeding the overall service development process, optimizing the cost, and being portable. She explained that if we search for “Best practice for Kubernetes” on the Internet, there are a lot of related resources we can find, but based on her years of coaching experience in a real business environment, she eventually classified the following five points:


Build small container images

If the files of the container images are too large, it may cause many problems, and will also run counter to the spirit of Containers. The benefits for reducing the size are to reduce deployment time, reduce security weaknesses, use less storage space, and make downloading updates and cold start faster. Developers should, before construction, confirm which apps are to be packaged in the container, choose the appropriate base image (for example, using Alpine will save 10 times the space than using node.js), and avoid unnecessary packaging and file.


Leverage namespaces

The namespace in K8S can be used to separate the resources of each group into a virtual cluster according to the execution team, development strategy, etc. After developers use namespaces to isolate resources, they not only increase manageability and security, but also improve the performance of Kubernetes APIs. Through modifying the config file and using kubectl, you can initiate changes and update the namespace of each cluster for it to have non-duplicate names.


Set up health checks

When an emergency occurs, if health checks were set up before the occurrence, you may discover the issue promptly and solve the problem; you can also see the status in the cluster and track specific events during operation. Developers can download the YAML file and use the correct syntax to correct the error, set initialDelaySeconds and use kubectl to collect relevant information in K8S.


Use resource requests & limits

Developers should make special restrictions and use config files to make resource requests; use kubectl to push updates and describe nodes to see a list of requests and restrictions. If the resource constraints are not set, the pod will be unstable and will be restricted or forced to terminate. If the set value is greater than the number of cores of the largest node, the pod will never be scheduled.


Understand the context of problems

Developers can install the K8S log output package, update the correct credential information, and use kubectl to capture logs. This can provide more detailed content for the overall operating status of the K8S environment and this method can also be applied to the node, pod, and cluster levels.