Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CI/CD with Kubernetes
Search
Bastian Hofmann
August 30, 2019
Programming
220
0
Share
CI/CD with Kubernetes
Bastian Hofmann
August 30, 2019
More Decks by Bastian Hofmann
See All by Bastian Hofmann
Monitoring in Kubernetes with Prometheus and Grafana
bastianhofmann
0
350
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
140
Highly available cross-region deployments with Kubernetes
bastianhofmann
1
160
From source to Kubernetes in 30 minutes
bastianhofmann
0
190
Introduction to Kubernetes
bastianhofmann
1
140
Creating a fast Kubernetes Development Workflow
bastianhofmann
1
280
Deploying your first Micro-Service application to Kubernetes
bastianhofmann
2
190
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
260
Dive-In-Workshop: Kubernetes
bastianhofmann
0
450
Other Decks in Programming
See All in Programming
ローカルで稼働する AI エージェントを超えて / beyond-local-ai-agents
gawa
3
270
Nuxt Server Components
wattanx
0
260
YJITとZJITにはイカなる違いがあるのか?
nakiym
0
200
iOS機能開発のAI環境と起きた変化
ryunakayama
0
180
AWS re:Invent 2025の少し振り返り + DevOps AgentとBacklogを連携させてみた
satoshi256kbyte
3
160
Rethinking API Platform Filters
vinceamstoutz
0
11k
煩雑なSkills管理をSoC(関心の分離)により解決する――関心を分離し、プロンプトを部品として育てるためのOSSを作った話 / Solving Complex Skills Management Through SoC (Separation of Concerns)
nrslib
4
860
ルールルルルルRubyの中身の予備知識 ── RubyKaigiの前に予習しなイカ?
ydah
0
130
Reactive ❤️ Loom: A Forbidden Love Story
franz1981
2
230
メッセージングを利用して時間的結合を分離しよう #phperkaigi
kajitack
3
580
実践ハーネスエンジニアリング #MOSHTech
kajitack
7
6.3k
Go_College_最終発表資料__外部公開用_.pdf
xe_pc23
0
180
Featured
See All Featured
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
1
510
Groundhog Day: Seeking Process in Gaming for Health
codingconduct
0
140
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
akihiro_kokubo
PRO
68
38k
The B2B funnel & how to create a winning content strategy
katarinadahlin
PRO
1
330
We Are The Robots
honzajavorek
0
210
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.9k
Ruling the World: When Life Gets Gamed
codingconduct
0
190
Mobile First: as difficult as doing things right
swwweet
225
10k
Embracing the Ebb and Flow
colly
88
5k
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
1
490
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.1k
Transcript
@BastianHofmann CI/CD with Kubernetes Bastian Hofmann
[email protected]
Continuous Integration
Continuous Delivery
None
Container orchestration platform
Deploy, run and scale your services in isolated containers
No vendor lock in
Standardized APIs
Runs on
Your laptop
None
Bare metal
Cloud Providers
And if you don't want to install and maintain Kubernetes
yourself
Managed Kubernetes
None
None
So we have code, how do we get this into
Kubernetes?
Lot's of tools
Example for this talk
None
Example application
https:/ /gitlab.com/bashofmann/ angular-test-app
https:/ /gitlab.com/bashofmann/ angular-test-app-finished
Pipeline with multiple stages, each stage can have multiple jobs
Stage 1: Preparing
Stage 2: Linters and Tests
Stage 3: Building an image
Stage 4: On master: Deploying to Kubernetes into a stage
namespace
Stage 5: On master: Testing if stage works
Stage 6: On tag: Tag the docker image
Stage 7: On tag: Deploying to Kubernetes into a prod
namespace
Stage 8: On tag: Testing if prod works
In detail
Stage 1: Preparing
Only do slow operations once and cache and re-use results
Stage 2: Linters and Tests
Add linters for everything
Unit tests
Integration tests
Browser tests
Stage 3: Building an image
Make the build as fast as possible
Make the image as small as possible
Stage 4: On master: Deploying to Kubernetes into a stage
namespace
Stage 5: On master: Testing if stage works
Stage 6: On tag: Tag the docker image
Stage 7: On tag: Deploying to Kubernetes into a prod
namespace
Stage 8: On tag: Testing if prod works
Use a versioning scheme
Never deploy "latest"
Use Kubernetes namespaces
Use Helm or similar tools
Make use of Kubernetes "magic"
Sealed Secrets
Secrets are stored encrypted in Git and encrypted inside of
the cluster
LoadBalancers
Automatically creates a highly available LoadBalancer with a public IP
address
Ingress controller
The ingress controller (nginx) listens on routing rules in Ingress
Resources and configures itself to route incoming traffic to the correct running and healthy pods
cert-manager
Cert-manager listens on Ingress Resources and if they need TLS,
requests a certificate from LetsEncrypt
external-dns
External-DNS listens on Ingress Resources and creates DNS entries
Prometheus
Kubernetes and Node metrics are automatically included
Kubernetes and Node alerts are automatically included
Kubernetes and Node dashboards are automatically included
Scraping targets can be automatically discovered
Service Meshes
None
Alternatives
Flux
None
Knative
Kubernetes-based platform to deploy and manage modern serverless workloads
Tekton CD
CI that runs completely within Kubernetes with Kubernetes Custom Resources
[email protected]
https:/ /twitter.com/BastianHofmann http:/ /speakerdeck.com/u/bastianhofmann
bastianhofmann
gawa
wattanx
nakiym
ryunakayama
satoshi256kbyte
vinceamstoutz
nrslib
ydah
franz1981
kajitack
xe_pc23
inesmontani
codingconduct
chriscoyier
akihiro_kokubo
katarinadahlin
honzajavorek
reverentgeek
swwweet
colly
danielanewman
![@BastianHofmann CI/CD with Kubernetes Bastian Hofmann [email protected]](https://files.speakerdeck.com/presentations/6780a49841ab4e5ea17a9ae330cd27ab/slide_0.jpg){kind=link}
![[email protected] https:/ /twitter.com/BastianHofmann http:/ /speakerdeck.com/u/bastianhofmann](https://files.speakerdeck.com/presentations/6780a49841ab4e5ea17a9ae330cd27ab/slide_78.jpg){kind=link}