Eliminate the Kubernetes Adoption Challenges with Devtron

TL;DR: Devtron simplifies Kubernetes adoption by streamlining application deployment, enhancing cluster visibility, easing debugging and integrating essential tools, all while providing robust security & reducing the adoption timeline from months to weeks.

4 months ago   •   10 min read

By Siddhant Khisty
In this article

Moving your business applications to Kubernetes is a rewarding process, but it’s wrought with several different challenges and pitfalls and if done incorrectly, might do more harm than good. In our previous article, we talked about some of the major challenges associated with the Kubernetes adoption process. You can read more about the challenges here.

To give you a quick recap of the different challenges we talked about previously, we covered

  • Challenges with getting started with Kuberentes
  • Challenges related to integrating tools from the Kubernetes ecosystem
  • Challenges with implementing robust security and policies in Kubernetes

Within this article, we will dive deep into how Devtron is solving these challenges with respect to migrating to Kubernetes, and how it helps you avoid a lot of the different pitfalls. Devtron enables you to reduce the adoption timeline from a couple of months to just a few weeks. Let’s look at how Devtron addresses all the challenges that we have talked about previously.

Simplifying the Adoption process with Devtron

Devtron has multiple different capabilities that address the problems within the adoption process, and help streamline the the process. It has abstracted out a lot of the complexities associated with Kubernetes and made it a lot easier to deploy, observe, and debug your applications on Kubernetes.

Devtron provides a very simple way to onboard your applications, saving you a ton of time for containerzing your applications and creating multiple YAML configuration files. You can simple use Devtron’s UI-driven approach to create, configure and deploy all your applications onto the cluster. Check out this blog to learn more about the simplicity Devtron offers for application deployment

Additonally, there might be a scenario where you want to use the configuration from one application in a different application. Devtron let’s you clone the configurations from existing applications, which further reduces developer effort, and increases velocity.

Single pane of glass view for all k8s resources

Kubernetes has a lot of different kinds of resources which are all required for running, configuring, and securing your applications. Being able to visualize all these different resources, and see what’s running in the cluster, reduces a lot of the challenges associated with it while working with the different resources. For example, your application might be using a persistent volume along with a secret. Getting the correct context, and assigning those resources to your application can be a challenge.

Fig 1. Resource Browser Overview
[Fig. 1] Resource Browser Overview

Within Devtron, you have the resource browser, which lets you monitor all of the resources running within the cluster. The resources are further grouped into logical sections such as workloads, networking, config & storage, and more, which contain the resources associated with them. This increase in cluster visibility provides developers with a much easier time to view all resources and co-relate them with each other, and it’s helpful during debugging as well. Furthermore, you can run certain actions such as checking the real-time logs, exec into the terminal, check events on the resources from the dashboard itself.

In case you want to view the live manifest of a particular Kubernetes resource, Devtron lets you access it from the dashboard itself. What if you find out that you want to edit certain configurations within the manifest? Devtron will let you edit the manifest well, and once you’re satisfied with the new configurations, the resource will be updated to reflect the new manifest.

Fig 2. Resource Browser - Pod Manifest
[Fig. 2] Resource Browser - Pod Manifest

Real-time application status monitoring

In Kubernetes, your applications are deployed as microservices, i.e. multiple small applications work in unison. Observing all of the components related to a particular application is often a challenge. Within Devtron, you can see the live status of the application, and also observe certain metrics. Having all the resources grouped in a single place makes it a lot easier to gain visibility into your application’s specific components.

Fig 3. App Health Metrics
[Fig. 3] App Health Metrics

Devtron also shows you in real-time if the application’s health is degraded, and if so what components are in an unhealthy state. Let’s say some essential resources like specific Custom resources are missing. Devtron will show you which resources are missing. That makes it a lot easier to know what you have to do to fix the application. If you’re running security scans, Devtron shows you a detailed security report, showing you all the vulnerabilities that exist within that application.

Ease of debugging

Whether you are a Kubernetes expert, or just starting you are going to have to debug the cluster, or your applications at some point in time. Because Kubernetes is distributed in nature, it can become difficult to debug and pinpoint the root cause of the problem. Devtron offers multiple functionalities that ease the difficulties during the debugging process.

The first thing you’d want to check during the debugging process are the events that have occurred during the specific period. Devon has an entire audit log of all the events that have occurred within the cluster. Using this information, you can pinpoint the source of the issue and reach a swift resolution.

Fig 4. Resource Browser Events
[Fig. 4] Resource Browser Events

Viewing the events, however, is only the first step in the debugging process. The events will help you pinpoint the particular pod that is causing issues. The next step will be inspecting the events and logs of that specific pod. Based on the events, you might want to even run some commands within the pod to debug it. Devtron allows you to easily view the logs, and events as well as get access to your favorite shell within the pod. This makes the debugging process a lot easier

Fig 5. Helm app events
[Fig. 5] Helm app events

Multiple containerizing and packaging options

Everything in Kubernetes runs within containers. By its very definition, Kubernetes is a container orchestrator. If you want to run your applications on Kubernetes clusters, you have to containerize them. The process of containerizing can be challenging, and it has a slight learning curve. Devtron can help you streamline the containerization process.

For building a container, you would have to create a Dockerfile which will be used for building the container. If you already have a Dockerfile, you can use it to build your applications within Devtron. However, if you don’t have it, Devtron gives you Dockerfile templates for several popular programming languages and frameworks. You also have the option of using buildpacks for building your applications.

Fig 6. Dockerfile templates
[Fig. 6] Dockerfile templates

Simplifying Tool integration with Devtron

Devtron is built upon some of the most trusted and widely adopted tools such as ArgoCD, Grafana, Trivy, Clair, etc and is built in a modular fashion where users can extend its capabilities depending upon the requirements.

Devtron integrations for extending functionality

Apart from using the Helm charts to integrate different tools within your cluster, Devtron also has some native tool integrations within it. You can see all the available integrations from the Stack Manager.

These integrations leverage proven open-source technologies from the cloud-native ecosystem and make Devtron even more powerful. For example, you can include security scanning using Trivy or install the Grafana monitoring stack within your Devtron instance.

Fig 7. Stack Manager
[Fig. 7] Stack Manager

Easy tool-integrations with Helm Marketplace

Devtron comes with a helm marketplace where you can see different community helm charts and you can also add chart repositories for the helm charts you want to deploy. It allows you to manage the life-cycle of helm charts without getting into the complex helm cli commands thorugh the helm dashboard. Additionally, you can also create chart groups, adding the helm charts which are frequently used when you spin you a new Kubernetes infra and deploy them all together.

Fig 8. Helm Chart Store
[Fig. 8] Helm Chart Store

These charts can also be reused across different environments. Devtron lets you create groups of different charts that can easily be deployed across different environments with a simple click.

Managing the lifecycle of any Helm application becomes much easier with Devtron. After you have deployed the Helm app, you can get insights into all the resources created by the Helm chart and the resources are logically grouped into appropriate categories. This enhanced visibility into charts makes it much easier to debug Helm applications, especially if a particular resource is missing or in an error state.

Fig 9. Helm app Details
[Fig. 9] Helm app Details

Moreover, Devtron allows you to change the Chart configuration whenever you like, view the differences between two different configurations, and in case of any errors, you can see the deployment history and rollback to a previous chart version.

Simplifies Multi-Cluster/ Cloud Workloads

Managing applications across multiple clusters and multiple clouds is a very big challenge. One of the biggest reasons for this challenge is the lack of visibility across clusters. Devtron practically eliminates the challenges associated with managing clusters across multiple different environments. Devtron will show you all the different applications running in your cluster, and which cluster and environment they are running in.

Fig 10. Multi-cluster visibility
[Fig. 10] Multi-cluster visibility

Apart from just showing you the different environments that the application exists in, you can also configure your CI/CD pipeline to deploy to specific environments. You can create a parallel pipeline that will let you deploy the applications to multiple environments simultaneously. Different environments would require different environment-specific configurations as well. Devtron lets you set specific configurations for all the different environments, which makes multi-cluster management a breeze.

Fig 11. Multi-Environment Deployment Pipeline
[Fig. 11] Multi-Environment Deployment Pipeline

Simplifying DevSecOps with Devtron

Devtron streamlines the DevSecOps flow by providing a platform that integrates seamless with the entire application lifecycle. It uses a policy-driven approach to ensure that every application deployed meets a security standard.

Devtron also has integrations for popular open source security projects such as Trivy, which scan your images in the CI pipeline. Additionally, you can run code level security scans by using a number of different plugins such as CodeQL and Semgrep. To get detailed insights into how Devtron approaches DevSecOps, you can check out this blog post.

Managing fine-grained access control

Devtron streamlines access control within Kubernetes and lets you clearly define the level of access that a user should have. Devtron allows you to define the permissions for all your users. You can provide permissions to specific resources, and you can even control the level of access that a user has.

Fig 12. User Permissions
[Fig. 12] User Permissions

Devtron also lets you configure permissions for a different set of resources i.e. Devtron Apps, Helm Apps, Jobs, and Chart Groups. For the Kubernetes-specific resources, you have precise control over which pods you want to provide permissions to. You can even provide access to only one particular resource.

Fig 13. Kubernetes RBAC
[Fig. 13] Kubernetes RBAC

Now what if you have multiple developers in your team who need the same set of permissions? Surely setting those permissions for every single developer is going to be a hassle. To tackle this, Devtron provides you with permission groups. You can make one Permission group for your developers, and assign the appropriate permissions. Then, you simply have to assign these permissions groups to all your developers, and they will all get the appropriate level of access to the Kubernetes resources.

Fig 14. Permission Groups
[Fig. 14] Permission Groups

Streamlined DevSecOps practices & policies

Security is a big concern especially when you are deploying your application into a production environment. You don’t want a critical security vulnerability to go live in production. That opens the doors for customer data getting leaked. Within Devtron, you have the security scanning integration which uses Trivy to scan your container images. Once you have the integration installed, you can configure your CI pipeline to scan the container images and detect vulnerabilities.

Fig 15. Enable Application Security Scanning
[Fig. 15] Enable Application Security Scanning

After the scans are finished, you can see the results of all the scans, and you can even filter the scan results based on a few filter conditions. The scans will show if the application is safe for deployment, or if they have some vulnerabilities and the level of the security vulnerabilities.

Fig 16. Security Scan Results
[Fig. 16] Security Scan Results

If you have a security vulnerability, you wouldn’t want to deploy that application to production right? Devtron lets you configure some security policies as well which allows you to enforce certain behaviors when vulnerabilities are found. These policies can be enforced at different levels such as the global, cluster, environment, and application levels.

You can set a policy on what to do if a certain level of vulnerability is found. If the severity is low, you might be fine with deploying the application, but if it’s a critical vulnerability, you would want to block the deployment.

Fig 17. Security Policies
[Fig. 17] Security Policies

Conclusion

While the process of adopting Kubernetes is difficult, Devtron addresses many of the challenges that are seen when moving to a Kubernetes cluster. It’s solving the initial adoption challenges, by significantly reducing the Kubernetes learning curve. You don’t need to figure out how every Kubernetes resource works, and how it should be mapped to each other. Devtron strikes the perfect balance between cluster visibility and abstraction, which helps accelerate the adoption process, as well as minimize the debugging complexities.

Kubernetes has a vast ecosystem of different tools and technologies that extend its functionality. Figuring out how to integrate and use all these different tools and technologies can get overwhelming. By leveraging the power of helm charts, Devtron is making it very easy to integrate different tools into your cluster based on your requirements. Devtron also has robust security features, including fine-grained access management, security scanning, enforcing policies at various levels, and more!

If you have any queries, don't hesitate to connect with us. Join the discussions and shared knowledge in our actively growing Discord Community.

Related articles

Spread the word

Keep reading