Container Technology – Interview with Simon Pearce

The cloud report conducted five short interviews with five people from the cloud and container technology environment and asked five questions. The fives interview was with Simon Pearce, Product Owner and Team Lead at SysEleven. 

 

 

Why using container technology?  

Container technology is playing an increasingly important role in the DevOps sector. Because they run in the context of the host operating system, containers are particularly portable and resource-saving – they do not need to start their own operating system, as would be the case with virtual machines. Through container technology it is possible to focus more on development by making critical operational expenses obsolete. It is a generic way to deploy applications anywhere, including hybrid deployments. For good reasons, Kubernetes is becoming the standard for container orchestration: It enables you to build containerized applications via CI/CD pipelines and ensures stable and high-performance application operations through a range of powerful features that enable automated repair and scaling as well as deployment rollouts and rollbacks. 

 

What is the best invention of the last 12 months? 

There have been many good inventions regarding container technology, therefore it is difficult to only pick one. My top 3 inventions are: 

 

  • Hashicorp Vault enables to store, secure, and monitor access to tokens, passwords, certificates, and encryption codes to protect secrets and other sensitive data. That means maximum security with a role and permissions module already installed. 
  • Service Mesh is a dedicated infrastructure layer for facilitating service-to-service communications between microservices. The benefits are observability into communication, secure connections, or automated retries and backoffs for failed requests. 
  • KubeOne was developed by our partner Loodse and is an open source Kubernetes cluster lifecycle management tool. It takes care of installing, configuring, upgrading and maintaining HA Kubernetes clusters. It is a solution that supports HA clusters, follows the Kubernetes best-practices, and comes with a simple and declarative API based on the Kubernetes Cluster-API. 

 

What is your security approach? 

With more than 13 years of experience in providing infrastructures we know the complex challenges in secure IT operations. We have found and developed a range of measurements and services that we use to protect our infrastructure against external attacks. Our company and our data centers are located in Germany – which means that German law and strict data protection regulations apply to us – especially regarding the General Data Protection Regulation (GDPR). Data stored by us will not be passed on to third parties without an explicit agreement. 

We implement secure, exclusive access to the instances of your setup in detail through a VPN, with which applications such as external exchange tools and ERP systems can be connected. Secure operations require services and applications to be accessible at all times, also redundancies at various levels provide a high level of reliability. This is enabled and implemented by two geographically separate data centers, which are connected through our redundant fiber optic ring. We also distribute backups across the data centers to eliminate the risk of data loss. Furthermore we have a catalog of measurements to prevent and avert DDoS attacks and proactively inform our users about security issues we discover. We also have an automated way of updating/patching software components.  

Wha​t is your favorite product in regards of container technology? 

One of my favourite products is Knative, which is an open source community project that added components to Kubernetes to enable the deployment, execution and management of serverless, cloud native applications, making it possible to take advantage of both container technology and serverless architectures. While container technology is already well known and highly portable, Serverless provides efficiency and automation. It allows developers to focus on their code without worrying about building and deploying. At SysEleven we’re using Knative in our data collection project, and since we’re expecting to receive a variable load of data, Knative features make it easy to scale up our services according to their needs. 

Caas vs Paas: which solution are you using/providing and why? 

With MetaKube we provide a Kubernetes solution that combines the benefits of managed operations, e.g. lifecycle management, with “as a service” components such as backup & recovery. Our multi-cloud integration guarantees even more flexibility: clusters can be created on the SysEleven OpenStack Cloud, AWS Cloud and Azure Cloud. Furthermore MetaKube takes care of automated security patching, upgrades, troubleshooting and proactive monitoring and provides automated Day 2 Operations with a variety of cloud native tools, e.g. Prometheus, Vault, LinkerD and NGINX. 

 

About Simon Pearce 

Simon Pearce is the Product Owner and MetaKube Team Lead at SysEleven. MetaKube is SysEleven’s answer to managed Kubernetes. Simon has been working at SysEleven in Berlin since 2013. He has over 15 years of experience in the web hosting industry. With a focus on building distributed systems on public and private clouds. He is responsible for the Kubernetes service team at SysEleven. Working on improving the experience of running managed Kubernetes clusters on various cloud platforms.