Modern day deployments can often resemble the chaos of navigating the high seas with poor visibility and the dangers of unexpected events. Dev and test environments, running test data sets and feature flags in the public cloud, and production being served from a self-managed site that securely hosts client data can all be a challenge without full observability and control.
In this webinar, we show how you can reliably expand your Kubernetes footprint with Weave GitOps. Confidently observe and control your fleets, all from a single pane of glass across any environment.
Join this webinar to learn how to:
Control the health and propagation of customized clusters
Easily assign and secure clusters across multiple teams for multiple purposes
Observe all actions across all environments all from within Git
Understand managing all deployments across your cluster and fleets
Observe and command your fleets across any kubernetes with weave git ops
1. Observe and Command Your
Fleets Across Any Kubernetes
with Weave GitOps
August 2021
Jordi Mon, Product Marketing Director
David Stauffer, Senior Product Manager
1
2. Webinar Platform - FAQs
Using Zoom
• You are in listen only mode
• This webinar is being recorded
• Q&A session will follow the presentation, please use the Q&A panel to
submit questions
• Hit escape to exit full screen
Technical Issues - please visit Zoom Help
https://support.zoom.us/hc/en-us/articles/206175806-Top-Questions
3. Jordi Mon
Product Marketing Director
Jordi Mon is an open source product specialist, community builder
and public speaker. He has worked on product strategy, product
management and, mostly, product marketing of Open Source or
Open Core products. He has created and managed events for
communities like the C and C++ programmers and for product
managers. He has spoken at multiple events about DevOps, culture
change through innersourcing, and the larger cloud native
landscape. He is an OpenUK and PMM Alliance ambassador and is
based in London, UK
@jordimonpmm
✉ jordi@weave.works
3
Speaker Introduction
David Stauffer
Senior Product Manager
David Stauffer is a Senior Product Manager at Weaveworks. For David,
the most exciting job in the world is building the right product for the
customer. Passionate about any and all end-users, he has experience
working in different startups across the globe. He has worked on making
the edge real through Kubernetes and working in the GSMA aligning on
the architectural design for a federated edge. David is based in London.
✉ david.stauffer@weave.works
4. 4
The GitOps Company
Our mission is to provide a developer centric operating model
for cloud native technologies
● Weaveworks provides a modular solution for customers
transitioning to a cloud native platform
● We are a neutral vendor adding value to any flavor of
managed Kubernetes
● We deliver consistent management and monitoring
workflows to simplify operations
We are leaders in “GitOps” – best practices for consistent
management of cloud native apps
5. • Founding chair of the
CNCF technical oversight
committee (TOC)
• Coined the term GitOps,
and created the open
source tools that make
it work (Flux, Weave
GitOps)
• Creator of eksctl, the most
used way to work with
AWS EKS
• Invented open source
solutions to run
Kubernetes at scale for our
own Weave Cloud SaaS
product
Team Thought Leadership
• Alexis Richardson, CEO
• Paul Fremantle, VP Product
• Steve George, COO
• Global Presence:
– US East, Central, West
– Europe
– India, Thailand
– South America
Notable Facts
• Founded in 2014
• Investors include: Accel,
AWS, Deutsche Telekom,
Ericsson, Google Ventures,
Orange and Redline
• Top 10 contributor to the
CNCF
• Multiple - thousand plus
star open source projects
Weaveworks
5
6. Weave GitOps Enterprise (Subscription)
Scaled GitOps
● Fleet Management with MCCP
● Advanced Curated Weave Policies using tools
Enterprise GitOps
● Curated model/profiles with cluster components
● Application tenancy through workspaces
● Authorization models consistent across the environment.
Kubernetes native
Weave GitOps Core (open-source)
Core GitOps
● Curated GitOps toolset, installer, runtime, and proven
example configurations
Prerequisites
● Infrastructure provisioner
● Source code repo platform
● Container registry
Weave GitOps
Keyword: GitOps maturity model
weave.works/blog/the-gitops-maturity-model
9. Use Cases
Achieving cloud native speed without vendor lock-in
1. Application Delivery and Operations
Enabling application development teams to do DevOps at scale.
Deploying applications through a dev/staging/prod pipeline.
2. Platform as code
Deploying the same ‘standard platform’ using a platform-as-code
approach. Whether on-premise or in the cloud. Deploying and
managing multiple different Kubernetes clusters.
3. Security and controls
Using GitOps-based security controls to secure the deployment for
both Operators and DevOps teams.
11. Weave GitOps Enterprise (subscription)
Scaled GitOps
● Fleet Management with MCCP
● Advanced Curated Weave Policies using tools
Enterprise GitOps
● Curated model/profiles with cluster components
● Application tenancy through workspaces
● Authorization models consistent across the environment.
Kubernetes native
Weave GitOps Core (free and open-source)
Core GitOps
● Curated GitOps toolset, installer, runtime, and proven
example configurations
Prerequisites
● Infrastructure provisioner
● Source code repo platform
● Container registry
Weave GitOps: one product, two tiers
12. Weave GitOps Core
● Built on CNCF Flux
● Open source and free tier base for our subscription Enterprise tier
● Just two commands to get GitOps running
○ wego gitops install
○ wego app add .
12
15. Weave GitOps Enterprise (subscription)
Scaled GitOps
● Fleet Management with MCCP
● Advanced Curated Weave Policies using tools
Enterprise GitOps
● Curated model/profiles with cluster components
● Application tenancy through workspaces
● Authorization models consistent across the environment.
Kubernetes native
Weave GitOps Core (free and open-source)
Core GitOps
● Curated GitOps toolset, installer, runtime, and proven
example configurations
Prerequisites
● Infrastructure provisioner
● Source code repo platform
● Container registry
Weave GitOps: one product, two tiers
16. What’s New?
● Web UI control panel
● Policy Management and Execution
● Team Workspaces Updates
● Profiles
● Fleet Management
16
17. Web UI control panel
GUI with a representation of the complete
CD process. Global view to take immediate,
granular action.
17
GitOps means permanent reconciliation
of states: desired and actual state.
Weave GitOps’ web UI helps you
visualize application lifecycle, drift and
cluster health among other critical
metrics.
Continuous Operations made simple.
18. Web UI control panel
● Represents the repositories that
store a collection of a
declarative description of
runnable units
● Describes for the platform how
to deploy, start, operate, and
retire the corresponding service
artifact.
● Presents which of those repos is
being polled by the Weave
GitOps controllers
● Presents the services and the
workloads running in instances
in a specific environment,
including status
18
19. Kubernetes Guardrails
Kubernetes Policy Management through
the whole GitOps lifecycle from
development through deployment
19
Kubernetes guardrails for any
deployment running anywhere.
Apply declared policies required by any
regulator, global or regional from our
100s of built-in policies.
Modify or create your own specific policy
to extend your platforms capabilities at
any point in time.
Enforce environment and workload
compliance from the get go with policy
as code.
20. Policy Management and Execution
20
● Policy Coverage at
Deploy Commit Time and
at Runtime
● Provided and tested
policies include:
○ PCI/DSS
● Organization Policies for
Deployments
○ Required labeling
● Custom Policies
21. Team Workspaces
Secure, portable Kubernetes tenants for
applications, projects, or users
Team Workspaces significantly
simplifies the management and
portability of applications by allowing
engineers to collaborate effectively
across teams, clusters and repositories.
Operate across separate teams or
environments on a single cluster with
the security in place that gives each
team control of its own tenant.
21
22. Team Workspaces
● Team workspaces enable GitOps across multiple namespaces on the same cluster
aligned with multiple engineering teams.
● Each workspace is configured with:
○ Resource quotas and limits
○ Network policies that define which pods, services and namespaces can
communicate with one another.
○ RBAC rules and roles can also be implemented that specify who can do what to
configurations and deployments.
● Team Workspaces are portable between Weave GitOps Enterprise clusters, so
building application high availability or Disaster Recovery is very simple
● Team Workspaces are declarative and can be managed using GitOps and profiles
22
23. GitOps Package
Management
The simplest and most secure way to
organize Kubernetes applications and
resources at scale
23
Weave GitOps Enterprise Package
Manager provide a secure and easy
method to organize the applications
and services that run in your Kubernetes
clusters. A profile contains the artifacts
that configure and deploy your services,
all using GitOps. A profile manager
provides securable methods to install
profiles and manage catalogs of profiles
in a GitOps way
24. Profiles
A profile can contain manifests, Helm releases, and Kustomize templates. These artifacts
can declare any Kubernetes resource
A profile can contain other profiles.
All profiles are defined in a git repository.
Profiles can be used on multiple clusters, in any combination. This allows definitions of
“classes” of clusters which are a combination of applications and services.
As profiles themselves contain Kubernetes resources, they are secured using Kubernetes
standard role based authorization.
24
25. Profiles
25
Artifacts
Profile 2
Artifacts
Profile 1
● A Profile is a "package" of Kubernetes
deployable objects, known as
Artifacts, along with any configurable
values. An artifact can be one of:
○ Helm Chart
○ Raw Kubernetes yaml
○ Kustomize patch
○ Another nested Profile
● Profiles can contain other profiles,
allowing for complex deployment
patterns for applications and services.
26. Managing Fleets of
Clusters
Reliable, repeatable management of
Kubernetes clusters across any platform or
managed service
Operational performance is improved
with Cluster fleet management. Weave
GitOps Enterprise users can reuse
cluster templates easily from git. These
templates are consistent and
immutable making system behavior
predictable. Improvement of
infrastructure code is open to
contributions from anyone as anything
defined as code is.
26
27. Fleet Management
Cluster fleet management allows users to manage clusters across all platforms and
environments through the Cluster API.
Weaveworks GitOps Enterprise ensures tested, curated, and supported Cluster API
providers
Cluster templates for the Cluster API providers makes declaring new clusters very
straightforward
All clusters managed by Weave GitOps Enterprise are maintained in git
Cluster life cycle management is controlled by the Cluster API provider for each service or
platform
27
28. Fleet Management
28
● Cluster life cycle management
using the Cluster API (CAPI)
● Cluster infrastructure templates to
make cluster provisioning
repeatable and reliable
● Credentials for CAPI providers
stored as secrets in the git
repository
● All cluster templates, along with
the cluster bootstrap profile, are
stored in git making day zero
recovery simple
● Fleet management across all
platforms and environments: CAPI
provides platform independence
32. 32
Further info
Download Weave GitOps Core for free:
https://www.weave.works/product/gitops-core/
Request a demo for Weave GitOps Enterprise
https://www.weave.works/product/gitops-enterprise/
Sign up for a free GitOps workshop (August 19):
https://bit.ly/3xTvdsG