Regarding #2, I think it's hard to integrate k8s with the rest of your infrastructure. If you are using, say, a combination of Terraforms + Ansible or Puppet to keep everything in shape, right now you have two options:
1) Write a bunch of bash scripts around kubectl and a bunch of YAML files. While painful, this the way I ended up going for (plus blackbox to GPG encrypt/decrypt secrets on the repo)
2) Try to use your usual tools (Ansible/Puppet) as a replacement for kubectl. This is the dream, but the plugins for Ansible and Puppet only support subsets of the latest k8s features, or require annoying stuff like setting your API endpoint on every task.
In other words, getting reproducible deploys between different k8s clusters (say, one for staging and one for production) is not really a thing yet. I guess there's an argument for saying that one should use k8s-native solutions for that (such as namespaces) but what about having clusters in different data centers?
1) Write a bunch of bash scripts around kubectl and a bunch of YAML files. While painful, this the way I ended up going for (plus blackbox to GPG encrypt/decrypt secrets on the repo)
2) Try to use your usual tools (Ansible/Puppet) as a replacement for kubectl. This is the dream, but the plugins for Ansible and Puppet only support subsets of the latest k8s features, or require annoying stuff like setting your API endpoint on every task.
In other words, getting reproducible deploys between different k8s clusters (say, one for staging and one for production) is not really a thing yet. I guess there's an argument for saying that one should use k8s-native solutions for that (such as namespaces) but what about having clusters in different data centers?