Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CI/CD with Kubernetes
Search
Bastian Hofmann
August 30, 2019
Programming
0
180
CI/CD with Kubernetes
Bastian Hofmann
August 30, 2019
Tweet
Share
More Decks by Bastian Hofmann
See All by Bastian Hofmann
Monitoring in Kubernetes with Prometheus and Grafana
bastianhofmann
0
320
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
100
Highly available cross-region deployments with Kubernetes
bastianhofmann
1
140
From source to Kubernetes in 30 minutes
bastianhofmann
0
150
Introduction to Kubernetes
bastianhofmann
1
140
Creating a fast Kubernetes Development Workflow
bastianhofmann
1
250
Deploying your first Micro-Service application to Kubernetes
bastianhofmann
2
180
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
220
Dive-In-Workshop: Kubernetes
bastianhofmann
0
430
Other Decks in Programming
See All in Programming
なんとなくわかった気になるブロックテーマ入門/contents.nagoya 2025 6.28
chiilog
1
270
AI駆動のマルチエージェントによる業務フロー自動化の設計と実践
h_okkah
0
170
PostgreSQLのRow Level SecurityをPHPのORMで扱う Eloquent vs Doctrine #phpcon #track2
77web
2
540
おやつのお供はお決まりですか?@WWDC25 Recap -Japan-\(region).swift
shingangan
0
140
Flutterで備える!Accessibility Nutrition Labels完全ガイド
yuukiw00w
0
160
「テストは愚直&&網羅的に書くほどよい」という誤解 / Test Smarter, Not Harder
munetoshi
0
180
Goで作る、開発・CI環境
sin392
0
240
状態遷移図を書こう / Sequence Chart vs State Diagram
orgachem
PRO
1
130
すべてのコンテキストを、 ユーザー価値に変える
applism118
3
1.3k
10 Costly Database Performance Mistakes (And How To Fix Them)
andyatkinson
0
410
『自分のデータだけ見せたい!』を叶える──Laravel × Casbin で複雑権限をスッキリ解きほぐす 25 分
akitotsukahara
2
640
AI コーディングエージェントの時代へ:JetBrains が描く開発の未来
masaruhr
1
180
Featured
See All Featured
How to train your dragon (web standard)
notwaldorf
96
6.1k
Designing for humans not robots
tammielis
253
25k
[RailsConf 2023] Rails as a piece of cake
palkan
55
5.7k
Building Applications with DynamoDB
mza
95
6.5k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
233
17k
Automating Front-end Workflow
addyosmani
1370
200k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
331
22k
A Modern Web Designer's Workflow
chriscoyier
695
190k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
48
2.9k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
138
34k
Transcript
@BastianHofmann CI/CD with Kubernetes Bastian Hofmann mail@bastianhofmann.de
Continuous Integration
Continuous Delivery
None
Container orchestration platform
Deploy, run and scale your services in isolated containers
No vendor lock in
Standardized APIs
Runs on
Your laptop
None
Bare metal
Cloud Providers
And if you don't want to install and maintain Kubernetes
yourself
Managed Kubernetes
None
None
So we have code, how do we get this into
Kubernetes?
Lot's of tools
Example for this talk
None
Example application
https:/ /gitlab.com/bashofmann/ angular-test-app
https:/ /gitlab.com/bashofmann/ angular-test-app-finished
Pipeline with multiple stages, each stage can have multiple jobs
Stage 1: Preparing
Stage 2: Linters and Tests
Stage 3: Building an image
Stage 4: On master: Deploying to Kubernetes into a stage
namespace
Stage 5: On master: Testing if stage works
Stage 6: On tag: Tag the docker image
Stage 7: On tag: Deploying to Kubernetes into a prod
namespace
Stage 8: On tag: Testing if prod works
In detail
Stage 1: Preparing
Only do slow operations once and cache and re-use results
Stage 2: Linters and Tests
Add linters for everything
Unit tests
Integration tests
Browser tests
Stage 3: Building an image
Make the build as fast as possible
Make the image as small as possible
Stage 4: On master: Deploying to Kubernetes into a stage
namespace
Stage 5: On master: Testing if stage works
Stage 6: On tag: Tag the docker image
Stage 7: On tag: Deploying to Kubernetes into a prod
namespace
Stage 8: On tag: Testing if prod works
Use a versioning scheme
Never deploy "latest"
Use Kubernetes namespaces
Use Helm or similar tools
Make use of Kubernetes "magic"
Sealed Secrets
Secrets are stored encrypted in Git and encrypted inside of
the cluster
LoadBalancers
Automatically creates a highly available LoadBalancer with a public IP
address
Ingress controller
The ingress controller (nginx) listens on routing rules in Ingress
Resources and configures itself to route incoming traffic to the correct running and healthy pods
cert-manager
Cert-manager listens on Ingress Resources and if they need TLS,
requests a certificate from LetsEncrypt
external-dns
External-DNS listens on Ingress Resources and creates DNS entries
Prometheus
Kubernetes and Node metrics are automatically included
Kubernetes and Node alerts are automatically included
Kubernetes and Node dashboards are automatically included
Scraping targets can be automatically discovered
Service Meshes
None
Alternatives
Flux
None
Knative
Kubernetes-based platform to deploy and manage modern serverless workloads
Tekton CD
CI that runs completely within Kubernetes with Kubernetes Custom Resources
mail@bastianhofmann.de https:/ /twitter.com/BastianHofmann http:/ /speakerdeck.com/u/bastianhofmann