Aditya Pande
9 min readDec 26, 2020


Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions.

Docker, Microsoft Azure, Ansible, Vagrant, and Google Compute Engine are some of the popular tools that integrate with Kubernetes to solve various Company use-cases. Google and Red Hat are the biggest contributors, but there is also Meteor, CoreOS, Huawei, Mesosphere and many more.

In addition, Kubernetes is no longer perceived as something new to experiment with, it is gaining enough credit to be used more and more in production. In fact, by 2019, this platform was in production in 78% of the companies. One year earlier, in 2018, it was in 58%. Companies such as Tinder, Reddit, New York Times, Airbnb or Pinterest have integrated this technology into their services.

Companies are looking to develop applications, and containers and open source are becoming very important, as they realize that Kubernetes is the first step to create modern scalable applications.

Kubernetes is a system that can be used to efficiently implement applications. As a result, it can help companies save money by using less labor to manage their IT infrastructure.


Embracing Cloud Native as a User — and a Vendor

Huawei is a multinational company which is the largest telecommunications equipment manufacturer in the world and has more than 180,000 employees. In order to support its fast business development around the globe, Huawei has eight data centers for its internal I.T. department, which have been running 800+ applications in 100K+ VMs to serve these 180,000 users. With the rapid increase of new applications, the cost and efficiency of management and deployment of VM-based apps all became critical challenges for business agility. After deciding to use container technology, Huawei began moving the internal I.T. department’s applications to run on Kubernetes. By the end of 2016, Huawei’s internal I.T. department managed more than 4,000 nodes with tens of thousands containers using a Kubernetes-based Platform as a Service (PaaS) solution. The global deployment cycles decreased from a week to minutes, and the efficiency of application delivery has been improved 10 fold. Hou says: “We also see significant operating expense spending cut in some circumstances 20–30 percent, which is very helpful for our business.”


An Early Adopter of Containers, Spotify Is Migrating from Homegrown Orchestration to Kubernetes.

Launched in 2008, Spotify is the audio-streaming platform which has grown to over 200 million monthly active users across the world. “Our goal is to empower creators and enable a really immersive listening experience for all of the consumers that we have today — and hopefully the consumers we’ll have in the future,” says Jai Chakraborty, Director of Engineering, Infrastructure and Operations. An early adopter of microservices and Docker, Spotify had containerized microservices running across its fleet of VMs with a homegrown container orchestration system called Helios. By late 2017, it became clear that “having a small team working on the features was just not as efficient as adopting something that was supported by a much bigger community,” he says. Kubernetes was more feature-rich than Helios. Plus, they wanted to benefit from added velocity and reduced cost, and also align with the rest of the industry on best practices and tools. The team spent much of 2018 addressing the core technology issues required for the migration. “We were able to use a lot of the Kubernetes APIs and extensibility features of Kubernetes to support and interface with our legacy infrastructure, so the integration was straightforward and easy,” says Site Reliability Engineer James Wen.

Migration started late that year and has accelerated in 2019. “Our focus is really on stateless services, and once we address our last remaining technology blocker, that’s where we hope that the uptick will come from,” says Chakraborty. The biggest service currently running on Kubernetes takes over 10 million requests per second as an aggregate service and benefits greatly from auto scaling. Before, teams would have to wait for an hour to create a new service and get an operational host to run it in production, but with Kubernetes, they can do that on the order of seconds and minutes. In addition, with Kubernetes’s bin-packing and multi-tenancy capabilities, CPU utilization has improved on average two- to threefold.


Building an Image Trust Service on Kubernetes with Notary and TUF

IBM Cloud offers public, private, and hybrid cloud functionality across a diverse set of runtimes from its Open Whisk-based function as a service (FaaS) offering, managed Kubernetes and containers, to Cloud Foundry platform as a service (PaaS). These runtimes are combined with the power of the company’s enterprise technologies, such as MQ and DB2, its modern artificial intelligence (AI) Watson, and data analytics services. Users of IBM Cloud can exploit capabilities from more than 170 different cloud native services in its catalog, including capabilities such as IBM’s Weather Company API and data services. In the later part of 2017, the IBM Cloud Container Registry team wanted to build out an image trust service. The work on this new service culminated with its public availability in the IBM Cloud in February 2018. The image trust service, called Portieris is fully based on the Cloud Native Computing Foundation (CNCF) open source project Notary.

Portieris is a Kubernetes admission controller for enforcing content trust. Users can create image security policies for each Kubernetes namespace, or at the cluster level, and enforce different levels of trust for different images. Portieris is a key part of IBM’s trust story, since it makes it possible for users to consume the company’s Notary offering from within their IKS clusters. The offering is that Notary server runs in IBM’s cloud, and then Portieris runs inside the IKS cluster. This enables users to be able to have their IKS cluster verify that the image they’re loading containers from contains exactly what they expect it to, and Portieris is what allows an IKS cluster to apply that verification.

IBM’s intention in offering a managed Kubernetes container service and image registry is to provide a fully secure end-to-end platform for its enterprise customers. “Image signing is one key part of that offering, and our container registry team saw Notary as the de facto way to implement that capability in the current Docker and container ecosystem,” Hough says. The company had not been offering image signing before, and Notary is the tool it used to implement that capability.

“With our IBM Cloud Kubernetes as-a-service offering and the admission controller we have made available, it allows both IBM services as well as customers of the IBM public cloud to use security policies to control service deployment”, says Hough.


Airbnb, Inc. is an American vacation rental online marketplace company based in San Francisco, California, United States. Airbnb maintains and hosts a marketplace, accessible to consumers on its website or via an app.

Airbnb’s transition from a monolithic to a microservices architecture is pretty amazing. They needed to scale continuous delivery horizontally, and the goal was to make continuous delivery available to the company’s 1,000 or so engineers so they could add new services. Airbnb adopted Kubernetes to support over 1,000 engineers concurrently configuring and deploying over 250 critical services to Kubernetes. The net result is that AirBnb can now do over 500 deploys per day on average.


Tinder is an American geosocial networking and online dating application that allows users to anonymously swipe to like or dislike other profiles based on their photos, a small bio, and common interests. One of the best examples of accelerating time to market comes from Tinder. This blog describes Tinder’s K8 journey well. And here’s the cliff notes version of the story: Due to high traffic volume, Tinder’s engineering team faced challenges of scale and stability. And they realized that the answer to their struggle is Kubernetes. Tinder’s engineering team migrated 200 services and ran a Kubernetes cluster of 1,000 nodes, 15,000 pods, and 48,000 running containers. While the migration process wasn’t easy, the Kubernetes solution was critical to ensure smooth business operations going further.


Pinning Its Past, Present, and Future on Cloud Native

After eight years in existence, Pinterest had grown into 1,000 microservices and multiple layers of infrastructure and diverse set-up tools and platforms. In 2016 the company launched a roadmap towards a new compute platform, led by the vision of creating the fastest path from an idea to production, without making engineers worry about the underlying infrastructure.

The first phase involved moving services to Docker containers. Once these services went into production in early 2017, the team began looking at orchestration to help create efficiencies and manage them in a decentralized way. After an evaluation of various solutions, Pinterest went with Kubernetes.

“By moving to Kubernetes the team was able to build on-demand scaling and new failover policies, in addition to simplifying the overall deployment and management of a complicated piece of infrastructure such as Jenkins,” says Michael Benedict, Product Manager for the Cloud and the Data Infrastructure Group at Pinterest. “We not only saw reduced build times but also huge efficiency wins. For instance, the team reclaimed over 80 percent of capacity during non-peak hours. As a result, the Jenkins Kubernetes cluster now uses 30 percent less instance-hours per-day when compared to the previous static cluster. “We are in the position to run things at scale, in a public cloud environment, and test things out in way that a lot of people might not be able to do.”


Enabling 5G and DevOps at a Telecom Company with Kubernetes

Nokia’s core business is building telecom networks end-to-end; its main products are related to the infrastructure, such as antennas, switching equipment, and routing equipment. “As telecom vendors, we have to deliver our software to several telecom operators and put the software into their infrastructure, and each of the operators have a bit different infrastructure,” says Gergely Csatari, Senior Open Source Engineer. “There are operators who are running on bare metal. There are operators who are running on virtual machines. There are operators who are running on VMware Cloud and OpenStack Cloud. We want to run the same product on all of these different infrastructures without changing the product itself.”

The company decided that moving to cloud native technologies would allow teams to have infrastructure-agnostic behavior in their products. Teams at Nokia began experimenting with Kubernetes in pre-1.0 versions. “The simplicity of the label-based scheduling of Kubernetes was a sign that showed us this architecture will scale, will be stable, and will be good for our purposes,” says Csatari. The first Kubernetes-based product, the Nokia Telephony Application Server, went live in early 2018. “Now, all the products are doing some kind of re-architecture work, and they’re moving to Kubernetes.”

Kubernetes has enabled Nokia’s foray into 5G. “When you develop something that is part of the operator’s infrastructure, you have to develop it for the future, and Kubernetes and containers are the forward-looking technologies,” says Csatari. The teams using Kubernetes are already seeing clear benefits. “By separating the infrastructure and the application layer, we have less dependencies in the system, which means that it’s easier to implement features in the application layer,” says Csatari. And because teams can test the exact same binary artifact independently of the target execution environment, “we find more errors in early phases of the testing, and we do not need to run the same tests on different target environments, like VMware, OpenStack, or bare metal”. “Kubernetes opened the window to all of these open source projects instead of implementing everything in house. Our engineers can focus more on the application level, which is actually the thing what we are selling, and not on the infrastructure level. For us, the most important thing about Kubernetes is it allows us to focus on value creation of our business”, says GERGELY CSATARI, SENIOR OPEN SOURCE ENGINEER, NOKIA.