Gitlab hero border pattern left svg Gitlab hero border pattern right svg

Category Direction - Kubernetes Management

Overview

The main motivating factor behind using a container orchestration platform is cost reduction. Kubernetes has become the most widely adopted container orchestration platform to run, deploy, and manage applications. Yet, to seamlessly connect application code with the clusters in various environments, has remained a complex task that needs various approaches of CI/CD and Infrastructure as Code. Given the central part Kubernetes plays in infrastructure, we consider it business critical to support all the workflows and processes our users have around their Kubernetes clusters.

Our mission is to support the Platform Engineers and SRE in enabling developer workflows, to make deployments to every environment frictionless for the developer and reliable for the operator, no matter the experience level. We do this by supporting an integrated experience within GitLab and leverage the existing tools and approaches in the Kubernetes community.

Market overview

Kubernetes is emerging as the de facto standard for container orchestration. Today, Kubernetes runs in half of container environments, and around 90% of containers are orchestrated. (Source).

How can you contribute

Interested in joining the conversation for this category? Please have a look at our global epic where we discuss this topic and can answer any questions you may have or direct your attention to one of the more targeted epics presented below where our focus is today. Your contributions are more than welcome.

Vision

Our vision is that both Self-Managed and SaaS GitLab customers can shrink their cluster operations and cluster-focused platform teams whether they are operating in highly regulated, air-gapped environments or public-cloud-based environments. GitLab offers out-of-the-box integrations for cluster provisioning, deployments, monitoring, security, and alerting functionalities. In our solutions, we acknowledge that cluster management is an inherently complex task and we want to make it easy for inexperienced users without restricting the flexibility for advanced users.

Strategy

We invite you to share your feedback and join the discussion on the future of our Kubernetes integrations.

In collaboration with monitoring and security we provide the core layer, for the GitLab Agent for Kubernetes, that other teams can build upon. Besides this platform-like work, we work directly on improving the deployments.

Pricing strategy

The Kubernetes Agent is aimed at Platform and SRE teams. As a result, we assume that there are other teams our users serve. For this reason, our pricing leans heavily towards the Premium tier. Around every use case, we plan to launch as a Premium product, and want to move parts of the feature to Core as we better understand our users. The dividing line between Core and Premium features until now is around permissions management.

Example: We moved the CI/CD tunnel to GitLab Core, but only when the Agent uses the service account of the cluster side component. At the same time, we are building out a set of "impersonating" featues, where a GitLab user or a CI/CD job can be targeted with Kubernetes RBAC rules. The latter feature set will remain in Premium.

Today

The recommended approach to connect a cluster with GitLab is via the GitLab Agent for Kubernetes. The legacy, certificate based connection is currently being deprecated. Beside these, one can manually configure a $KUBECONFIG or use 3rd party tooling around GitLab CI or webhooks. You can read more about the deprecated features in the related epic.

Using the GitLab Agent, we want to offer a security-oriented, Kubernetes-friendly integration option to Platform Engineers. Besides providing more control for the cluster operator, the agent opens up many new possibilities to make GitLab - cluster integrations easier and deeper. We expect the agent to support various GitLab features with automatic setups and integrations.

As the GitLab Agent itself does not have any features and is responsible for the cluster connection only, every team is welcome to build on this connection. The Agent provides a bi-directional communication channel between the cluster and GitLab, as a result, either GitLab can reach out into the cluster, or the cluster side component can message GitLab. The Agent is available from GitLab CI/CD as well using the CI/CD tunnel.

Today, the Agent supports the following use cases:

Next 6 months

As we deprecate the certificate based integrations, we want to make sure that we can offer alternatives for the most valuable parts of that integration. These are

Beside the feature development, we are actively rewriting and extending the related documentation to be focused around the GitLab Agent for Kubernetes.

Together with the above, we are working on improving the user interfaces around Agent connections, and the "impersonation" features mentioned under the pricing strategy.

Next 9-12 months

We want to make our integrations easy to use. This might mean more automation, conventions and UX improvements. We consider this especially important when we target Software Developers with our features, who might not be familiar with Kubernetes or GitLab at all.

We want to improve the observability aspects of our integrations.

Target User

We are building GitLab's Kubernetes Management category for the enterprise operators, who are already operating production grade clusters and work hard to remove all the roadblocks that could slow down developers without putting operations at risk. Our secondary persona is the Application Operator, who is in charge of 2nd day operations of deployed applictions in production environments.

Jobs

When I have a new version of my application, I want to deploy it into production following my preferred deployment strategy, so that I can reap the fruits of my work and can celebrate success.

Job statements Maturity Confidence Source

When I push a new version into production, I want to monitor core metrics related to the deployment, so that I can be assured about the quality of the new release and act when necessary.

Job statements Maturity Confidence Source

When there is a problem with a just released version, I want an easy way to roll forward or backward.

Job statements Maturity Confidence Source

When I set up a new cluster, I want to make sure that application operators can easily target their developments at it, so they can start using the cluster immediately.

Job statements Maturity Confidence Source

When the engineers need a new cluster, I want to make sure that they can self-serve and the cluster will be set up following company requirements.

Job statements Maturity Confidence Source

Roadmap

A more detailed view into our roadmap is maintained within GitLab.

Challenges

We see Kubernetes as a platform for delivering containerised software to users. Currently, every company builds their own workflows on top of it. The biggest challenges as we see them are the following:

Approach

Maturity

Kubernetes Management is currently Viable.

Competitive landscape

Argo CD

Argo CD is often considered to be the leading GitOps tool for Kubernetes with an outstanding UI.

IBM Cloud Native Toolkit

It provides an Open Source Software Development Life Cycle (SDLC) and complements IBM Cloud Pak solutions. The Cloud Native Toolkit enables application development teams to deliver business value quickly using Red Hat OpenShift and Kubernetes on IBM Cloud.

Spinnaker

Spinnaker is an open-source, multi-cloud continuous delivery platform that helps you release software changes with high velocity and confidence. It provides two core sets of features 1) Application management, and 2) Application deployment.

Backstage

Backstage.io with its service registry oriented approach and kubernetes integration provides an umbrella to integrate other DevOps tools and provides some insights required by developers of Kubernetes workloads.

Analyst landscape

This category doesn't quite fit the "configuration management" area as it relates only to Kubernetes. No analyst area currently defined.

Top Customer Success/Sales issue(s)

Customize Kubernetes namespace per environment for managed clusters

Top user issue(s)

Top internal customer issue(s)

Top Vision Item(s)

Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license