
Show HN: Krucible – Kubernetes clusters for testing and development - BenElgar
https://usekrucible.com
======
BenElgar
Author here. At the last two companies I've worked at we really needed—and
didn't have—a solution for spinning up throwaway Kubernetes clusters that we
could use for testing and development. Krucible is an attempt to solve that
problem.

We've just released a really cool feature called Snapshots that allows you to
image a running Kubernetes cluster, including the state of all applications,
and then create new clusters from that image. It's great for creating
consistent development environments or quick starting test environments.

Happy to answer any questions people might have.

~~~
q3k
> Krucible is an attempt to solve that problem.

For me, this was always ops smell - why do devs need to spin up k8s clusters?
As long as you're not working on some low-level k8s features (your own
operator, or testing cluster-wide resources, or developing k8s components
themselves), then why not use a 'real' cluster for testing? k8s
multitenant/process isolation is definitely good enough for semi-trusted users
like developers, as long as you take sensible measures (ephemeral low-priv
namespaces, podsecuritypolicies, networkpolicies, quotas, etc).

~~~
raesene9
From what I've seen reviewing k8s clusters some of the items in your "sensible
measures" list aren't considered easy to manage and deploy.

In particular good RBAC design, that doesn't end up leaking information across
namespaces, PSPs that are flexible enough for developers but strict enough to
prevent privesc and strong network policies present challenges.

For those, less mature, organizations, a solution like this might present an
easier option.

~~~
q3k
I don't want to gatekeep, but in my opinion organizations that can't afford to
set this up correctly _likely_ shouldn't be running k8s in the first place.

From my experience with companies that haven't done their organizational or
engineering homework: half-assedly deploying Kubernetes ends generally ends up
being an unmaintainable disaster.

One of the high-return-value aspects of k8s is having little clusters
available to multiple tenants. Without this in place k8s really stops making,
being too complex for its actual usecase - so you might be much better of
using something simple like Nomad.

~~~
nrmitchi
Whether they (the user) should (run Kubernetes) or not, there are many systems
and products out there that are meaning to make Kubernetes as accessible as
possible.

In fact, the goal of many solutions (GKE, AKS, EKS, etc) is meant to be "We
managed the entire cluster for you, just deploy your workloads!".

In many situations, if a company is running a single application in their
cluster, many of the these management aspects (networkpolicies, quotas, etc)
are not at all necessary for their use-case.

You say they shouldn't be running k8s in the first place, and I half agree
with you. They don't _need_ to be running k8s. Large platforms have done a lot
of work to make "Run in a Kubernetes Cluster" as approachable as "Run in
Heroku".

Regarding Nomad, sure, but if someone hasn't done their engineering homework,
the chance that they are even familiar with Nomad is slim (no offense to
Nomad)

Edit: A bit of clarity in the first sentence

------
carlreid
I have been setting up something recently using k3s (more specifically k3d for
k3s in Docker) and it seems great so far. I'm having to use k3d since I'm not
in Linux but as soon as WSL2 is available then I can even get rid of the
Docker part I think.

I like the idea of having a developer be able to play entirely with their own
local infrastructure to get as close to production as possible.

A hosted service will definitely make this less painful but once you get up to
speed with k3s then I doubt there is anything faster than using it.

~~~
BenElgar
There are definitely some use cases where having a local-to-your-machine
development environment is more suitable but, as you say, Krucible is easier
to set up and comes with features that just running k3d doesn't, like
snapshots. Our experience is that ensuring that developers are all running in
the same environment is pretty valuable by itself.

------
raesene9
This could be quite a handy service for throwaway cloud clusters. In the past
I've used [https://labs.play-with-k8s.com/](https://labs.play-with-k8s.com/)
but the availability on that service has been a bit spotty of late.

------
Ciberth
How well is this suited to use in classes? We are searching for a good way to
learn students cloud stuff (asw/azure/... but also kubernetes) without high
$$$

~~~
mstipetic
I'm the CTO of msb.com, we're building a k8s learning platform, and are now
expanding into a larger ecosystem of adjacent technologies, from CI/CD
pipelines to istio and such. We regularly spin up hundreds of clusters on
demand which are free to use. Feel free to try out the platform at
learn.msb.com or contact me at mislav @domain

~~~
Ciberth
Thanks to both, right now we are having a hard time and lot of work with exams
and end of semester but I will look into this in the summer months for next
year. It would be really cool to give them a sneak peek ;) Thanks again!

------
tudorizer
Looks neat. May I ask what the tech stack is?

------
acd
How does this differ from Kind and Rancher k3s? The Krucible snapshot feature
seems neat!

