SlideShare una empresa de Scribd logo

Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubernetes

Andrew Phillips
Andrew Phillips

Slides from the presentation "From GitOps to an adaptable CI/CD Pattern for Kubernetes" at the Continuous Delivery NYC meetup, by Andrew Phillips. See https://www.meetup.com/ContinuousDeliveryNYC/events/255366708/ and https://www.youtube.com/watch?v=SYeZ0uIwbLc

Tecnología
1 de 39
From GitOps to an adaptable CI/CD pattern for Kubernetes Andrew Phillips Continuous Delivery : NYC; Nov 1, 2018
From GitOps to an adaptable CI/CD pattern...for everything? Andrew Phillips Continuous Delivery : NYC; Nov 1, 2018
The bio slide ● Been on most sides of this space: developer, infra builder, product owner, evangelist and more ● Long-standing open-source contributor ● Author and regular conference and meetup presenter ● Co-organizer of ContainerDays Boston & NYC
Agenda 1. What’s the challenge? 2. CI/CD practices & patterns today 3. What does Kubernetes add into the mix? 4. A CI/CD pipeline for Kubernetes 5. Next steps for your scenario 6. Q&A
1. The context ● Lots of organizations looking at Kubernetes right now ● Trying to use this also as an opportunity to “clean up” sub-optimal software delivery pipelines ● How to do this right?
1. The challenge ● Lots of new runtime-specific concepts to deal with ● “Kubernetes-native” best practices still very much in flux ● Wrapping your head around “new” practices (e.g. GitOps) is hard ● Extrapolating from new practices in theory to actual, working implementations is even harder ● Figuring out how all this new stuff relates to accepted industry practices and tools is harder still
Failure mode: CCAOA Cargo Cult All Over Again
1. The approach ● Recall good practices that we’d like to retain ● Incorporate refinements related to Kubernetes to create a straw man setup ● Develop a mental model to understand advantages and shortfalls of the setup ● Refine the setup based on tradeoffs to be made related to each user’s particular situation ● Implement using appropriate tools
2. Existing good practice ● Reproducible builds ● Store source and derived artifacts appropriately ● Minimize duplication, especially around environment config ● Keep the business process flexible and the env automation robust ● Support 4 related processes: ○ Application update ○ Environment (config) update ○ Environment spin-up/restore ○ Environment drift detection and remediation ● Specifically, support env-specific (e.g. log settings change) and cross-env (e.g. new app version rollout) processes concisely
Deployment execution: business process vs. technical process Release pipeline A business process, represented as a sequence, possibly very specific to a service Test environment Staging environment Technical components with interdependencies, defined “as-code”. To be automatically sequenced if possible Production environment Deploy to Test Review Approve Deploy to Prod... App Endpoint Config App Endpoint Config’ Old app version Namespace
2. The four related processes ● Application update ○ “I want to validate a new release candidate and promote it through envs to prod” ● Environment (config) update ○ “I want to change the attributes of a particular env only” ● Environment spin-up/restore ○ “I want to (re-)create an environment from scratch, with config from a specific checkpoint/point in time” ● Environment diff, drift detection and remediation ○ “I want to understand how the actual config of an env relates to the intended config, also potentially across different environments”
3. What’s new with Kubernetes ● “as-code” description of what an environment should look like (“environments-as-code”) ● Actuation based on reconciliation engine built into runtime with continuous enforcement ○ Interest in “pull-based”, async invocation via repo-watching ● Out-of-the-box support for some types of rollout via Deployment object, as well as CRDs to define your own ○ But can also manipulate underlying objects directly ● GitOps ~ environments-as-code + async invocation + repo workflow for business process
Deployment execution: adding in Kubernetes Release pipeline A business process, represented as a sequence, possibly very specific to a service Test environment Staging environment Technical components with interdependencies, defined “as-code”. To be automatically sequenced if possible Production environment “environments-as-code” repositories Deploy to Test Review Approve Deploy to Prod... App Endpoint Config App Endpoint Config’ Old app version Namespace
TL;DR Release pipeline A business process, represented as a sequence, possibly very specific to a service Test environment Staging environment Technical components with interdependencies, defined “as-code”. To be automatically sequenced if possible Production environment “environments-as-code” repositories Deploy to Test Review Approve Deploy to Prod... App Endpoint Config App Endpoint Config’ Old app version Namespace Imperative pipeline across environments Declarative spec for each environment (with support for some imperative “cheating” where necessary)
3. The straw man
team1-repo env-repo applied-staging-branch applied-prod-branch master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod- branch config
App1 update
team1-repo env-repo applied-staging-branch applied-prod-branch master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod-bra nch config apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 808080 targetPort: http protocol: TCP name: http selector: app: app1 env: {{ environment }}
team1-repo env-repo applied-staging-branch app1.yaml applied-prod-branch master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod-bra nch config apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 808080 targetPort: http protocol: TCP name: http selector: app: app1 env: {{ environment }} Step 1 apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 8080 targetPort: http protocol: TCP name: http selector: app: app1 env: staging --- apiVersion: apps/v1beta2 kind: Deployment metadata: name: app1 namespace: staging ... --- apiVersion: v1 kind: ConfigMap ...
team1-repo env-repo applied-staging-branch app1.yaml applied-prod-branch app1.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod-bra nch config apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 808080 targetPort: http protocol: TCP name: http selector: app: app1 env: {{ environment }} Step 2 apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 8080 targetPort: http protocol: TCP name: http selector: app: app1 env: production --- apiVersion: apps/v1beta2 kind: Deployment metadata: name: app1 namespace: production ... --- apiVersion: v1 kind: ConfigMap ...
App2 update
team1-repo env-repo applied-staging-branch app1.yaml applied-prod-branch app1.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod- branch config app.version: 0.0.34 port: 8090 image: gcr.io/image@sha256:{{ container.image.digest }}
team1-repo env-repo applied-staging-branch app1.yaml app2.yaml app2-env.yaml applied-prod-branch app1.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod- branch config Step 1app.version: 0.0.34 port: 8090 image: gcr.io/image@sha256:{{ container.image.digest }} apiVersion: apps/v1beta2 kind: Deployment metadata: name: app2 namespace: staging ... spec: replicas: 1 ... image: gcr.io/image@sha256:abcdef ports: - name: http containerPort: 90 --- ... --- apiVersion: v1 kind: ConfigMap ... data: config.yaml: | 'app.version': 0.0.4
team1-repo env-repo applied-staging-branch app1.yaml app2.yaml app2-env.yaml applied-prod-branch app1.yaml app2.yaml app2-env.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod- branch config Step 2 app.version: 0.0.34 port: 8090 image: gcr.io/image@sha256:{{ container.image.digest }} apiVersion: apps/v1beta2 kind: Deployment metadata: name: app2 namespace: production ... spec: replicas: 1 ... image: gcr.io/image@sha256:abcdef ports: - name: http containerPort: 90 --- ... --- apiVersion: v1 kind: ConfigMap ... data: config.yaml: | 'app.version': 0.0.4
App2 prod config change
team1-repo env-repo applied-staging-branch app1.yaml app2.yaml app2-env.yaml applied-prod-branch app1.yaml app2.yaml app2-env.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod- branch config apiVersion: v1 kind: ConfigMap metadata: name: app2-env-config namespace: production labels: app: app2 env: production data: config.yaml: | 'log.level': INFOTRACE
team1-repo env-repo applied-staging-branch app1.yaml app2.yaml app2-env.yaml applied-prod-branch app1.yaml app2.yaml app2-env.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod- branch config Step 1 apiVersion: v1 kind: ConfigMap metadata: name: app2-env-config namespace: production labels: app: app2 env: production data: config.yaml: | 'log.level': INFOTRACE apiVersion: v1 kind: ConfigMap metadata: name: app2-env-config namespace: production labels: app: app2 env: production data: config.yaml: | 'log.level': TRACE
3. The straw man ● Source config in app repo, “compiled” (a.k.a. hydrated) config in env repo(s) ○ Cf. source code in app repo, compiled code in artifact repository ● One app repo per app/team, shared env repos for environments ● Use branches where possible to represent different environments ○ If greater separation via access control is needed, use different repos or consider other storage ● Keep config in app repo unless it needs to be independent of the app lifecycle or you really, really need to be able to change it for one env ○ Allows you to use templating/overriding to cut down on duplication ○ The fewer places to keep track of config, the better ● Source config doesn’t have to be “raw” YAML, can be more suitable abstraction! ○ Cf. higher-level language source code vs. low-level assembly code
3. The straw man ● Prefer explicit invocation over “repo-watching” ○ Avoids “root-level” process running inside cluster, and provides more flexibility for multi-step rollouts ○ “Repo-watching” makes visualizing current status harder, and requires some sort of feedback mechanism to distinguish successful from failed deployments in the repo ○ Hard to support phased/multi-step application ○ Easier to reproduce/simulate
3. The straw man ● Prefer explicit invocation over “repo-watching” ○ Avoids “root-level” process running inside cluster, and provides more flexibility for multi-step rollouts ○ “Repo-watching” makes visualizing current status harder, and requires some sort of feedback mechanism to distinguish successful from failed deployments in the repo ○ Hard to support phased/multi-step application ○ Easier to reproduce/simulate ● Commit after successful application, not before ○ Avoids having to distinguish attempted from successful deployments in the repo ○ Allows for richer pre-application validation than code diff in a PR (e.g. three-way diff against actual environment) ○ Avoids commit rights to repo being equivalent to deploy rights to env (and your automation will need commit rights to make pull requests, unless you used forked repos) ○ Harder if pull requests are used for the business process (as in vanilla GitOps) - requires multiple branches or “on approve” deployment
4. The mental model ● Understand how your app is updated across two dimensions: ● code change promoted through to prod ● common externalized config setting, e.g. localized title dependent on app version independent of environment
4. The mental model ● Understand how your app is updated across two dimensions: ● code change promoted through to prod ● common externalized config setting, e.g. localized title ● adding debug logging to staging ● configuring a scaling policy in prod based on a new metric dependent on app version independent of environment dependent on environment
4. The mental model ● Understand how your app is updated across two dimensions: ● code change promoted through to prod ● common externalized config setting, e.g. localized title ● rotating database credentials for prod ● updating discovery service endpoint ● adding debug logging to staging ● configuring a scaling policy in prod based on a new metric dependent on app version independent of environment dependent on environment independent of app version
4. The mental model ● Understand how your app is updated across two dimensions: Application update Static environment config update (App-linked) environment config update dependent on app version independent of environment dependent on environment independent of app version
4. The mental model ● Understand how your app is updated across two dimensions: Application update Static environment config update (App-linked) environment config update dev responsibility ~ app repo platform responsibility ~ env repo
4. The mental model 1. Application update a. “I want to validate a new release candidate and promote it through envs to prod” 2. Environment (config) update a. “I want to change the attributes of a particular env only” 3. Environment spin-up/restore a. “I want to (re-)create an environment from scratch, with config from a specific checkpoint/point in time” 4. Environment diff, drift detection and remediation a. “I want to understand how the actual config of an env relates to the intended config, also potentially across different environments”
● App repo is driving deployment, env repo is snapshotting cluster state ○ Think source code in github is to docker image in registry as template in app repo is to manifest in env repo ● Env repo is just a checkpoint in time, cluster can evolve ○ Kubernetes applies changes to manifests ○ Strategies like exponential rollouts or traffic shifting apply changes over time ● Env repo is not a guaranteed healthy state ○ We can defer snapshotting until some health/success metric… but rollback has no silver bullet ● Deletion from either repo ≠ deletion from cluster ○ Challenge is: not trivial to know if cluster depends, or will depend on manifest not submitted to repo ○ kubectl apply --prune attempts to solve this with a lot of (scary) caveats 4. The mental model
5. Tuning for your scenario ● Appropriate level of abstraction? How much “raw” Kubernetes YAML should our developers have access to? ● Where should the abstraction live? In templates? In CRDs? In the automation tool? ● What to use for templating? Token replacement or overrides? ● When do you snapshot/publish to the env repo? On every change to the cluster? Or when a desired end-state is reached? (think multi-step rollout) ● Access control: how many repos do you need? Are code repositories right for your use case, or e.g. a blobstore better? ● Am I distributing or deploying? Helm is much better suited for distribution than deployment ○ Its templating capability is often used as part of deployment flows, though
5. Implement ● Choose storage implementations and partitioning strategies for your environments-as-code ● Define the appropriate level of abstraction for your developers and choose tools to support it ● Choose a flexible automation tool for your deployment business process ● Define an appropriate definition of deployment health/success to determine when a deployment is “good” ● Decide which of the four processes - app update, env config update, env restore and env drift detection - you want to support ● Build pipelines ● Done!

Recomendados

Docker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
Docker New York City: From GitOps to a scalable CI/CD Pattern for KubernetesDocker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
Docker New York City: From GitOps to a scalable CI/CD Pattern for KubernetesAndrew Phillips
 
Speeding up your team with GitOps
Speeding up your team with GitOpsSpeeding up your team with GitOps
Speeding up your team with GitOpsBrice Fernandes
 
Delivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsDelivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsWeaveworks
 
Hands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm UsersHands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm UsersWeaveworks
 
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksSecure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksWeaveworks
 
Continuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event KeynoteContinuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event KeynoteWeaveworks
 
Kubecon seattle 2018 workshop slides
Kubecon seattle 2018 workshop slidesKubecon seattle 2018 workshop slides
Kubecon seattle 2018 workshop slidesWeaveworks
 
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison DowdneySetting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison DowdneyWeaveworks
 

Recomendados

Docker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
Docker New York City: From GitOps to a scalable CI/CD Pattern for KubernetesDocker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
Docker New York City: From GitOps to a scalable CI/CD Pattern for KubernetesAndrew Phillips
 
Speeding up your team with GitOps
Speeding up your team with GitOpsSpeeding up your team with GitOps
Speeding up your team with GitOpsBrice Fernandes
 
Delivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsDelivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsWeaveworks
 
Hands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm UsersHands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm UsersWeaveworks
 
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksSecure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksWeaveworks
 
Continuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event KeynoteContinuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event KeynoteWeaveworks
 
Kubecon seattle 2018 workshop slides
Kubecon seattle 2018 workshop slidesKubecon seattle 2018 workshop slides
Kubecon seattle 2018 workshop slidesWeaveworks
 
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison DowdneySetting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison DowdneyWeaveworks
 
Continuous Security for GitOps
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOpsWeaveworks
 
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturasparkfabrik
 
Gitops Hands On
Gitops Hands OnGitops Hands On
Gitops Hands OnBrice Fernandes
 
The journey to GitOps
The journey to GitOpsThe journey to GitOps
The journey to GitOpsNicola Baldi
 
GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...Weaveworks
 
Flagger: Istio Progressive Delivery Operator
Flagger: Istio Progressive Delivery OperatorFlagger: Istio Progressive Delivery Operator
Flagger: Istio Progressive Delivery OperatorWeaveworks
 
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDKubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDSunnyvale
 
Openshift argo cd_v1_2
Openshift argo cd_v1_2Openshift argo cd_v1_2
Openshift argo cd_v1_2RastinKenarsari
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes waysparkfabrik
 
GitOps Toolkit (Cloud Native Nordics Tech Talk)
GitOps Toolkit (Cloud Native Nordics Tech Talk)GitOps Toolkit (Cloud Native Nordics Tech Talk)
GitOps Toolkit (Cloud Native Nordics Tech Talk)Weaveworks
 
The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitWeaveworks
 
Cloud Technical Challenges
Cloud Technical ChallengesCloud Technical Challenges
Cloud Technical ChallengesGuy Coates
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsMariano Cunietti
 
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDA GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDJulian Mazzitelli
 
Gitlab ci, cncf.sk
Gitlab ci, cncf.skGitlab ci, cncf.sk
Gitlab ci, cncf.skJuraj Hantak
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCDCloudOps2005
 
Intro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopWeaveworks
 
Introducing GitLab
Introducing GitLabIntroducing GitLab
Introducing GitLabTaisuke Inoue
 
Git & GitLab
Git & GitLabGit & GitLab
Git & GitLabGaurav Wable
 
DevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentDevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentOpsta
 
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerSpinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerAndrew Phillips
 
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with Concourse
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with ConcourseContinuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with Concourse
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with ConcourseVMware Tanzu
 

Más contenido relacionado

La actualidad más candente

Continuous Security for GitOps
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOpsWeaveworks
 
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturasparkfabrik
 
The journey to GitOps
The journey to GitOpsThe journey to GitOps
The journey to GitOpsNicola Baldi
 
GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...Weaveworks
 
Flagger: Istio Progressive Delivery Operator
Flagger: Istio Progressive Delivery OperatorFlagger: Istio Progressive Delivery Operator
Flagger: Istio Progressive Delivery OperatorWeaveworks
 
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDKubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDSunnyvale
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes waysparkfabrik
 
GitOps Toolkit (Cloud Native Nordics Tech Talk)
GitOps Toolkit (Cloud Native Nordics Tech Talk)GitOps Toolkit (Cloud Native Nordics Tech Talk)
GitOps Toolkit (Cloud Native Nordics Tech Talk)Weaveworks
 
The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitWeaveworks
 
Cloud Technical Challenges
Cloud Technical ChallengesCloud Technical Challenges
Cloud Technical ChallengesGuy Coates
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsMariano Cunietti
 
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDA GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDJulian Mazzitelli
 
Gitlab ci, cncf.sk
Gitlab ci, cncf.skGitlab ci, cncf.sk
Gitlab ci, cncf.skJuraj Hantak
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCDCloudOps2005
 
Intro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopWeaveworks
 
DevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentDevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentOpsta
 

La actualidad más candente (20)

Continuous Security for GitOps
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOps
 
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
 
Gitops Hands On
Gitops Hands OnGitops Hands On
Gitops Hands On
 
The journey to GitOps
The journey to GitOpsThe journey to GitOps
The journey to GitOps
 
GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...
 
Flagger: Istio Progressive Delivery Operator
Flagger: Istio Progressive Delivery OperatorFlagger: Istio Progressive Delivery Operator
Flagger: Istio Progressive Delivery Operator
 
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDKubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
 
Openshift argo cd_v1_2
Openshift argo cd_v1_2Openshift argo cd_v1_2
Openshift argo cd_v1_2
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes way
 
GitOps Toolkit (Cloud Native Nordics Tech Talk)
GitOps Toolkit (Cloud Native Nordics Tech Talk)GitOps Toolkit (Cloud Native Nordics Tech Talk)
GitOps Toolkit (Cloud Native Nordics Tech Talk)
 
The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps Toolkit
 
Cloud Technical Challenges
Cloud Technical ChallengesCloud Technical Challenges
Cloud Technical Challenges
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operations
 
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDA GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
 
Gitlab ci, cncf.sk
Gitlab ci, cncf.skGitlab ci, cncf.sk
Gitlab ci, cncf.sk
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCD
 
Intro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps Workshop
 
Introducing GitLab
Introducing GitLabIntroducing GitLab
Introducing GitLab
 
Git & GitLab
Git & GitLabGit & GitLab
Git & GitLab
 
DevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentDevOps: The Future of Software Development
DevOps: The Future of Software Development
 

Similar a Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubernetes

Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerSpinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerAndrew Phillips
 
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with Concourse
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with ConcourseContinuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with Concourse
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with ConcourseVMware Tanzu
 
How to Scale Operations for a Multi-Cloud Platform using PCF
How to Scale Operations for a Multi-Cloud Platform using PCFHow to Scale Operations for a Multi-Cloud Platform using PCF
How to Scale Operations for a Multi-Cloud Platform using PCFVMware Tanzu
 
New York Kubernetes: CI/CD Patterns for Kubernetes
New York Kubernetes: CI/CD Patterns for KubernetesNew York Kubernetes: CI/CD Patterns for Kubernetes
New York Kubernetes: CI/CD Patterns for KubernetesAndrew Phillips
 
How to implement continuous delivery with enterprise java middleware?
How to implement continuous delivery with enterprise java middleware?How to implement continuous delivery with enterprise java middleware?
How to implement continuous delivery with enterprise java middleware?Thoughtworks
 
Meetup Openshift Geneva 03/10
Meetup Openshift Geneva 03/10Meetup Openshift Geneva 03/10
Meetup Openshift Geneva 03/10MagaliDavidCruz
 
20171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v0120171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v01Scott Miao
 
goployer, 코드 기반의 배포 도구 - 송주영 (beNX) :: AWS Community Day 2020
goployer, 코드 기반의 배포 도구 - 송주영 (beNX) :: AWS Community Day 2020goployer, 코드 기반의 배포 도구 - 송주영 (beNX) :: AWS Community Day 2020
goployer, 코드 기반의 배포 도구 - 송주영 (beNX) :: AWS Community Day 2020AWSKRUG - AWS한국사용자모임
 
Immutable Infrastructure: Rise of the Machine Images
Immutable Infrastructure: Rise of the Machine ImagesImmutable Infrastructure: Rise of the Machine Images
Immutable Infrastructure: Rise of the Machine ImagesC4Media
 
Tech talk specflow_bddx_hassa_nagy
Tech talk specflow_bddx_hassa_nagyTech talk specflow_bddx_hassa_nagy
Tech talk specflow_bddx_hassa_nagySkills Matter
 
Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019ciberkleid
 
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things BetterTaking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things BetterMatt Tesauro
 
MongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James BroadheadMongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James BroadheadMongoDB
 
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)Brian Culver
 
Taking AppSec to 11 - BSides Austin 2016
Taking AppSec to 11 - BSides Austin 2016Taking AppSec to 11 - BSides Austin 2016
Taking AppSec to 11 - BSides Austin 2016Matt Tesauro
 
給 RD 的 Kubernetes 初體驗
給 RD 的 Kubernetes 初體驗給 RD 的 Kubernetes 初體驗
給 RD 的 Kubernetes 初體驗William Yeh
 
Cloud Native CI/CD with Spring Cloud Pipelines
Cloud Native CI/CD with Spring Cloud PipelinesCloud Native CI/CD with Spring Cloud Pipelines
Cloud Native CI/CD with Spring Cloud PipelinesLars Rosenquist
 
Cloud Native CI/CD with Spring Cloud Pipelines
Cloud Native CI/CD with Spring Cloud PipelinesCloud Native CI/CD with Spring Cloud Pipelines
Cloud Native CI/CD with Spring Cloud PipelinesLars Rosenquist
 
Continuous Delivery with a PaaS Application
Continuous Delivery with a PaaS ApplicationContinuous Delivery with a PaaS Application
Continuous Delivery with a PaaS ApplicationMark Rendell
 

Similar a Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubernetes (20)

Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerSpinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
 
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with Concourse
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with ConcourseContinuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with Concourse
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with Concourse
 
How to Scale Operations for a Multi-Cloud Platform using PCF
How to Scale Operations for a Multi-Cloud Platform using PCFHow to Scale Operations for a Multi-Cloud Platform using PCF
How to Scale Operations for a Multi-Cloud Platform using PCF
 
New York Kubernetes: CI/CD Patterns for Kubernetes
New York Kubernetes: CI/CD Patterns for KubernetesNew York Kubernetes: CI/CD Patterns for Kubernetes
New York Kubernetes: CI/CD Patterns for Kubernetes
 
How to implement continuous delivery with enterprise java middleware?
How to implement continuous delivery with enterprise java middleware?How to implement continuous delivery with enterprise java middleware?
How to implement continuous delivery with enterprise java middleware?
 
Meetup Openshift Geneva 03/10
Meetup Openshift Geneva 03/10Meetup Openshift Geneva 03/10
Meetup Openshift Geneva 03/10
 
20171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v0120171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v01
 
goployer, 코드 기반의 배포 도구 - 송주영 (beNX) :: AWS Community Day 2020
goployer, 코드 기반의 배포 도구 - 송주영 (beNX) :: AWS Community Day 2020goployer, 코드 기반의 배포 도구 - 송주영 (beNX) :: AWS Community Day 2020
goployer, 코드 기반의 배포 도구 - 송주영 (beNX) :: AWS Community Day 2020
 
Immutable Infrastructure: Rise of the Machine Images
Immutable Infrastructure: Rise of the Machine ImagesImmutable Infrastructure: Rise of the Machine Images
Immutable Infrastructure: Rise of the Machine Images
 
CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
 
Tech talk specflow_bddx_hassa_nagy
Tech talk specflow_bddx_hassa_nagyTech talk specflow_bddx_hassa_nagy
Tech talk specflow_bddx_hassa_nagy
 
Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019Delivery Pipelines as a First Class Citizen @deliverAgile2019
Delivery Pipelines as a First Class Citizen @deliverAgile2019
 
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things BetterTaking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
 
MongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James BroadheadMongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James Broadhead
 
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
How to convert your Full Trust Solutions to the SharePoint Framework (SPFx)
 
Taking AppSec to 11 - BSides Austin 2016
Taking AppSec to 11 - BSides Austin 2016Taking AppSec to 11 - BSides Austin 2016
Taking AppSec to 11 - BSides Austin 2016
 
給 RD 的 Kubernetes 初體驗
給 RD 的 Kubernetes 初體驗給 RD 的 Kubernetes 初體驗
給 RD 的 Kubernetes 初體驗
 
Cloud Native CI/CD with Spring Cloud Pipelines
Cloud Native CI/CD with Spring Cloud PipelinesCloud Native CI/CD with Spring Cloud Pipelines
Cloud Native CI/CD with Spring Cloud Pipelines
 
Cloud Native CI/CD with Spring Cloud Pipelines
Cloud Native CI/CD with Spring Cloud PipelinesCloud Native CI/CD with Spring Cloud Pipelines
Cloud Native CI/CD with Spring Cloud Pipelines
 
Continuous Delivery with a PaaS Application
Continuous Delivery with a PaaS ApplicationContinuous Delivery with a PaaS Application
Continuous Delivery with a PaaS Application
 

Más de Andrew Phillips

Spinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery
Spinnaker Summit 2019: Where are we heading? The Future of Continuous DeliverySpinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery
Spinnaker Summit 2019: Where are we heading? The Future of Continuous DeliveryAndrew Phillips
 
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...Andrew Phillips
 
nycdevops: "Breaking Down the Prod/Dev Wall"
nycdevops: "Breaking Down the Prod/Dev Wall"nycdevops: "Breaking Down the Prod/Dev Wall"
nycdevops: "Breaking Down the Prod/Dev Wall"Andrew Phillips
 
Metrics-driven Continuous Delivery
Metrics-driven Continuous DeliveryMetrics-driven Continuous Delivery
Metrics-driven Continuous DeliveryAndrew Phillips
 
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...Andrew Phillips
 
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...Andrew Phillips
 
The Multiple Dimensions of Cross-Cloud Computing
The Multiple Dimensions of Cross-Cloud ComputingThe Multiple Dimensions of Cross-Cloud Computing
The Multiple Dimensions of Cross-Cloud ComputingAndrew Phillips
 
Implementing Continuous Deployment
Implementing Continuous DeploymentImplementing Continuous Deployment
Implementing Continuous DeploymentAndrew Phillips
 
Know your cirrus from your cumulus (with notes)
Know your cirrus from your cumulus (with notes)Know your cirrus from your cumulus (with notes)
Know your cirrus from your cumulus (with notes)Andrew Phillips
 
Know your cirrus from your cumulus
Know your cirrus from your cumulusKnow your cirrus from your cumulus
Know your cirrus from your cumulusAndrew Phillips
 
Deployment is the new build
Deployment is the new buildDeployment is the new build
Deployment is the new buildAndrew Phillips
 

Más de Andrew Phillips (11)

Spinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery
Spinnaker Summit 2019: Where are we heading? The Future of Continuous DeliverySpinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery
Spinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery
 
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...
 
nycdevops: "Breaking Down the Prod/Dev Wall"
nycdevops: "Breaking Down the Prod/Dev Wall"nycdevops: "Breaking Down the Prod/Dev Wall"
nycdevops: "Breaking Down the Prod/Dev Wall"
 
Metrics-driven Continuous Delivery
Metrics-driven Continuous DeliveryMetrics-driven Continuous Delivery
Metrics-driven Continuous Delivery
 
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...
 
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...
 
The Multiple Dimensions of Cross-Cloud Computing
The Multiple Dimensions of Cross-Cloud ComputingThe Multiple Dimensions of Cross-Cloud Computing
The Multiple Dimensions of Cross-Cloud Computing
 
Implementing Continuous Deployment
Implementing Continuous DeploymentImplementing Continuous Deployment
Implementing Continuous Deployment
 
Know your cirrus from your cumulus (with notes)
Know your cirrus from your cumulus (with notes)Know your cirrus from your cumulus (with notes)
Know your cirrus from your cumulus (with notes)
 
Know your cirrus from your cumulus
Know your cirrus from your cumulusKnow your cirrus from your cumulus
Know your cirrus from your cumulus
 
Deployment is the new build
Deployment is the new buildDeployment is the new build
Deployment is the new build
 

Último

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 

Último (20)

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubernetes

  • 1. From GitOps to an adaptable CI/CD pattern for Kubernetes Andrew Phillips Continuous Delivery : NYC; Nov 1, 2018
  • 2. From GitOps to an adaptable CI/CD pattern...for everything? Andrew Phillips Continuous Delivery : NYC; Nov 1, 2018
  • 3. The bio slide ● Been on most sides of this space: developer, infra builder, product owner, evangelist and more ● Long-standing open-source contributor ● Author and regular conference and meetup presenter ● Co-organizer of ContainerDays Boston & NYC
  • 4. Agenda 1. What’s the challenge? 2. CI/CD practices & patterns today 3. What does Kubernetes add into the mix? 4. A CI/CD pipeline for Kubernetes 5. Next steps for your scenario 6. Q&A
  • 5. 1. The context ● Lots of organizations looking at Kubernetes right now ● Trying to use this also as an opportunity to “clean up” sub-optimal software delivery pipelines ● How to do this right?
  • 6. 1. The challenge ● Lots of new runtime-specific concepts to deal with ● “Kubernetes-native” best practices still very much in flux ● Wrapping your head around “new” practices (e.g. GitOps) is hard ● Extrapolating from new practices in theory to actual, working implementations is even harder ● Figuring out how all this new stuff relates to accepted industry practices and tools is harder still
  • 7. Failure mode: CCAOA Cargo Cult All Over Again
  • 8. 1. The approach ● Recall good practices that we’d like to retain ● Incorporate refinements related to Kubernetes to create a straw man setup ● Develop a mental model to understand advantages and shortfalls of the setup ● Refine the setup based on tradeoffs to be made related to each user’s particular situation ● Implement using appropriate tools
  • 9. 2. Existing good practice ● Reproducible builds ● Store source and derived artifacts appropriately ● Minimize duplication, especially around environment config ● Keep the business process flexible and the env automation robust ● Support 4 related processes: ○ Application update ○ Environment (config) update ○ Environment spin-up/restore ○ Environment drift detection and remediation ● Specifically, support env-specific (e.g. log settings change) and cross-env (e.g. new app version rollout) processes concisely
  • 10. Deployment execution: business process vs. technical process Release pipeline A business process, represented as a sequence, possibly very specific to a service Test environment Staging environment Technical components with interdependencies, defined “as-code”. To be automatically sequenced if possible Production environment Deploy to Test Review Approve Deploy to Prod... App Endpoint Config App Endpoint Config’ Old app version Namespace
  • 11. 2. The four related processes ● Application update ○ “I want to validate a new release candidate and promote it through envs to prod” ● Environment (config) update ○ “I want to change the attributes of a particular env only” ● Environment spin-up/restore ○ “I want to (re-)create an environment from scratch, with config from a specific checkpoint/point in time” ● Environment diff, drift detection and remediation ○ “I want to understand how the actual config of an env relates to the intended config, also potentially across different environments”
  • 12. 3. What’s new with Kubernetes ● “as-code” description of what an environment should look like (“environments-as-code”) ● Actuation based on reconciliation engine built into runtime with continuous enforcement ○ Interest in “pull-based”, async invocation via repo-watching ● Out-of-the-box support for some types of rollout via Deployment object, as well as CRDs to define your own ○ But can also manipulate underlying objects directly ● GitOps ~ environments-as-code + async invocation + repo workflow for business process
  • 13. Deployment execution: adding in Kubernetes Release pipeline A business process, represented as a sequence, possibly very specific to a service Test environment Staging environment Technical components with interdependencies, defined “as-code”. To be automatically sequenced if possible Production environment “environments-as-code” repositories Deploy to Test Review Approve Deploy to Prod... App Endpoint Config App Endpoint Config’ Old app version Namespace
  • 14. TL;DR Release pipeline A business process, represented as a sequence, possibly very specific to a service Test environment Staging environment Technical components with interdependencies, defined “as-code”. To be automatically sequenced if possible Production environment “environments-as-code” repositories Deploy to Test Review Approve Deploy to Prod... App Endpoint Config App Endpoint Config’ Old app version Namespace Imperative pipeline across environments Declarative spec for each environment (with support for some imperative “cheating” where necessary)
  • 18. team1-repo env-repo applied-staging-branch applied-prod-branch master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod-bra nch config apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 808080 targetPort: http protocol: TCP name: http selector: app: app1 env: {{ environment }}
  • 19. team1-repo env-repo applied-staging-branch app1.yaml applied-prod-branch master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod-bra nch config apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 808080 targetPort: http protocol: TCP name: http selector: app: app1 env: {{ environment }} Step 1 apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 8080 targetPort: http protocol: TCP name: http selector: app: app1 env: staging --- apiVersion: apps/v1beta2 kind: Deployment metadata: name: app1 namespace: staging ... --- apiVersion: v1 kind: ConfigMap ...
  • 20. team1-repo env-repo applied-staging-branch app1.yaml applied-prod-branch app1.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod-bra nch config apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 808080 targetPort: http protocol: TCP name: http selector: app: app1 env: {{ environment }} Step 2 apiVersion: v1 kind: Service metadata: name: app1-service ... spec: type: ClusterIP ports: - port: 8080 targetPort: http protocol: TCP name: http selector: app: app1 env: production --- apiVersion: apps/v1beta2 kind: Deployment metadata: name: app1 namespace: production ... --- apiVersion: v1 kind: ConfigMap ...
  • 23. team1-repo env-repo applied-staging-branch app1.yaml app2.yaml app2-env.yaml applied-prod-branch app1.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod- branch config Step 1app.version: 0.0.34 port: 8090 image: gcr.io/image@sha256:{{ container.image.digest }} apiVersion: apps/v1beta2 kind: Deployment metadata: name: app2 namespace: staging ... spec: replicas: 1 ... image: gcr.io/image@sha256:abcdef ports: - name: http containerPort: 90 --- ... --- apiVersion: v1 kind: ConfigMap ... data: config.yaml: | 'app.version': 0.0.4
  • 24. team1-repo env-repo applied-staging-branch app1.yaml app2.yaml app2-env.yaml applied-prod-branch app1.yaml app2.yaml app2-env.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod- branch config Step 2 app.version: 0.0.34 port: 8090 image: gcr.io/image@sha256:{{ container.image.digest }} apiVersion: apps/v1beta2 kind: Deployment metadata: name: app2 namespace: production ... spec: replicas: 1 ... image: gcr.io/image@sha256:abcdef ports: - name: http containerPort: 90 --- ... --- apiVersion: v1 kind: ConfigMap ... data: config.yaml: | 'app.version': 0.0.4
  • 27. team1-repo env-repo applied-staging-branch app1.yaml app2.yaml app2-env.yaml applied-prod-branch app1.yaml app2.yaml app2-env.yaml master- branch service config staging- branch deployme nt prod- branch deployme nt team2-repo master- branch custom-s ettings staging- branch config prod- branch config Step 1 apiVersion: v1 kind: ConfigMap metadata: name: app2-env-config namespace: production labels: app: app2 env: production data: config.yaml: | 'log.level': INFOTRACE apiVersion: v1 kind: ConfigMap metadata: name: app2-env-config namespace: production labels: app: app2 env: production data: config.yaml: | 'log.level': TRACE
  • 28. 3. The straw man ● Source config in app repo, “compiled” (a.k.a. hydrated) config in env repo(s) ○ Cf. source code in app repo, compiled code in artifact repository ● One app repo per app/team, shared env repos for environments ● Use branches where possible to represent different environments ○ If greater separation via access control is needed, use different repos or consider other storage ● Keep config in app repo unless it needs to be independent of the app lifecycle or you really, really need to be able to change it for one env ○ Allows you to use templating/overriding to cut down on duplication ○ The fewer places to keep track of config, the better ● Source config doesn’t have to be “raw” YAML, can be more suitable abstraction! ○ Cf. higher-level language source code vs. low-level assembly code
  • 29. 3. The straw man ● Prefer explicit invocation over “repo-watching” ○ Avoids “root-level” process running inside cluster, and provides more flexibility for multi-step rollouts ○ “Repo-watching” makes visualizing current status harder, and requires some sort of feedback mechanism to distinguish successful from failed deployments in the repo ○ Hard to support phased/multi-step application ○ Easier to reproduce/simulate
  • 30. 3. The straw man ● Prefer explicit invocation over “repo-watching” ○ Avoids “root-level” process running inside cluster, and provides more flexibility for multi-step rollouts ○ “Repo-watching” makes visualizing current status harder, and requires some sort of feedback mechanism to distinguish successful from failed deployments in the repo ○ Hard to support phased/multi-step application ○ Easier to reproduce/simulate ● Commit after successful application, not before ○ Avoids having to distinguish attempted from successful deployments in the repo ○ Allows for richer pre-application validation than code diff in a PR (e.g. three-way diff against actual environment) ○ Avoids commit rights to repo being equivalent to deploy rights to env (and your automation will need commit rights to make pull requests, unless you used forked repos) ○ Harder if pull requests are used for the business process (as in vanilla GitOps) - requires multiple branches or “on approve” deployment
  • 31. 4. The mental model ● Understand how your app is updated across two dimensions: ● code change promoted through to prod ● common externalized config setting, e.g. localized title dependent on app version independent of environment
  • 32. 4. The mental model ● Understand how your app is updated across two dimensions: ● code change promoted through to prod ● common externalized config setting, e.g. localized title ● adding debug logging to staging ● configuring a scaling policy in prod based on a new metric dependent on app version independent of environment dependent on environment
  • 33. 4. The mental model ● Understand how your app is updated across two dimensions: ● code change promoted through to prod ● common externalized config setting, e.g. localized title ● rotating database credentials for prod ● updating discovery service endpoint ● adding debug logging to staging ● configuring a scaling policy in prod based on a new metric dependent on app version independent of environment dependent on environment independent of app version
  • 34. 4. The mental model ● Understand how your app is updated across two dimensions: Application update Static environment config update (App-linked) environment config update dependent on app version independent of environment dependent on environment independent of app version
  • 35. 4. The mental model ● Understand how your app is updated across two dimensions: Application update Static environment config update (App-linked) environment config update dev responsibility ~ app repo platform responsibility ~ env repo
  • 36. 4. The mental model 1. Application update a. “I want to validate a new release candidate and promote it through envs to prod” 2. Environment (config) update a. “I want to change the attributes of a particular env only” 3. Environment spin-up/restore a. “I want to (re-)create an environment from scratch, with config from a specific checkpoint/point in time” 4. Environment diff, drift detection and remediation a. “I want to understand how the actual config of an env relates to the intended config, also potentially across different environments”
  • 37. ● App repo is driving deployment, env repo is snapshotting cluster state ○ Think source code in github is to docker image in registry as template in app repo is to manifest in env repo ● Env repo is just a checkpoint in time, cluster can evolve ○ Kubernetes applies changes to manifests ○ Strategies like exponential rollouts or traffic shifting apply changes over time ● Env repo is not a guaranteed healthy state ○ We can defer snapshotting until some health/success metric… but rollback has no silver bullet ● Deletion from either repo ≠ deletion from cluster ○ Challenge is: not trivial to know if cluster depends, or will depend on manifest not submitted to repo ○ kubectl apply --prune attempts to solve this with a lot of (scary) caveats 4. The mental model
  • 38. 5. Tuning for your scenario ● Appropriate level of abstraction? How much “raw” Kubernetes YAML should our developers have access to? ● Where should the abstraction live? In templates? In CRDs? In the automation tool? ● What to use for templating? Token replacement or overrides? ● When do you snapshot/publish to the env repo? On every change to the cluster? Or when a desired end-state is reached? (think multi-step rollout) ● Access control: how many repos do you need? Are code repositories right for your use case, or e.g. a blobstore better? ● Am I distributing or deploying? Helm is much better suited for distribution than deployment ○ Its templating capability is often used as part of deployment flows, though
  • 39. 5. Implement ● Choose storage implementations and partitioning strategies for your environments-as-code ● Define the appropriate level of abstraction for your developers and choose tools to support it ● Choose a flexible automation tool for your deployment business process ● Define an appropriate definition of deployment health/success to determine when a deployment is “good” ● Decide which of the four processes - app update, env config update, env restore and env drift detection - you want to support ● Build pipelines ● Done!