Kubernetes AMA: Experts Debunk AI for Policy Comparison, Advocate Gateway API, and Outline Platform Best Practices

Source
#kubernetes #ai #platform-engineering #gitops #backstage

The recent “Ask Us Anything” session offered pragmatic insights into modern cloud-native challenges, emphasizing best practices and strategic tool adoption. On the application of AI in policy management, experts advised against its direct use for policy comparison and suggestions, instead recommending Kyverno CLI’s dry run for repeatable validation. AI, they argued, is better suited for non-repeatable, creative problem-solving such as deriving fixes for failed policies. For ingress, a strong recommendation was made to migrate from Nginx Ingress Controller (specifically the soon-to-be-discontinued ingress-nginx) to Gateway API, citing its superior throughput and dynamic management capabilities crucial for handling diverse traffic patterns including streaming and API calls. Additionally, the discussion highlighted the importance of deploying Container Network Interface (CNI) solutions like Celium during initial cluster creation, underscoring the significant operational hurdles involved in post-deployment CNI changes.

Platform engineering discussions underscored the necessity of standardization, advocating for organizations to adapt to industry-standard tools like Backstage (which follows the C4 model) rather than customizing tools to fit potentially less structured existing processes. For managing large Kubernetes fleets (over 40 clusters) with Flux and Crossplane, a decentralized “brain cluster” model was proposed, where a central instance provisions and manages local Crossplane/Flux instances on each target cluster, thereby avoiding central bottlenecks. Insights from CubeCon NA 2023 indicated a maturing Kubernetes ecosystem, with a shifting focus from foundational innovations to operational simplification, efficiency (e.g., managed services, FinOps), and the integration of AI as a standard workload. The session also championed ephemeral and remote development environments as vital for enhancing developer velocity, endorsing dev containers and tools such as GitHub Codespaces, while acknowledging the current maintenance status of DevPod. Finally, the distinction between Tecton (a CI workflow engine) and GitOps tools like Argo CD/Flux (a CD synchronization mechanism) was clarified, emphasizing their complementary rather than competitive roles in the software delivery pipeline.