CI/CD with Kubernetes

Ded87c77266697ee6981c2277bb97633?s=47 Bastian Hofmann
August 30, 2019
Programming
0
97

CI/CD with Kubernetes

Ded87c77266697ee6981c2277bb97633?s=128

Bastian Hofmann

August 30, 2019
Tweet

More Decks by Bastian Hofmann

See All by Bastian Hofmann
Ded87c77266697ee6981c2277bb97633?s=48 bastianhofmann
0
67
Ded87c77266697ee6981c2277bb97633?s=48 bastianhofmann
0
52
Ded87c77266697ee6981c2277bb97633?s=48 bastianhofmann
1
73
Ded87c77266697ee6981c2277bb97633?s=48 bastianhofmann
0
74
Ded87c77266697ee6981c2277bb97633?s=48 bastianhofmann
1
39
Ded87c77266697ee6981c2277bb97633?s=48 bastianhofmann
1
190
Ded87c77266697ee6981c2277bb97633?s=48 bastianhofmann
2
98
Ded87c77266697ee6981c2277bb97633?s=48 bastianhofmann
0
98
Ded87c77266697ee6981c2277bb97633?s=48 bastianhofmann
0
370

Other Decks in Programming

See All in Programming
9f33218af7ae5c04e102fcc3076f2f5c?s=48 yhkaplan
1
240
22387942388a45f3f81ebc394700e296?s=48 trywjs
0
760
0b8ad408b31cb9d5cff2828086c65d58?s=48 temoki
5
2.3k
9e9eb825c69d719f2d3c32bdd3bc971e?s=48 atp
2
350
0e97d20ff87bf33851da8cadb86affa9?s=48 0ang3el
0
980
70adfe7679427fa498899769e632b672?s=48 itok
1
170
8b0e9a3684bd29ecece29db2582e38ae?s=48 norioikedo
0
230
E834b4b7cfcba6918f01f45d2916c302?s=48 f110
2
150
2bedb1eb8f841cd3c3ae584600b016e0?s=48 okunokentaro
1
430
D79e3b0b78ca7027eb61d73028d45ad6?s=48 uchi_k
2
320
Fc59401781a26b10f5d4fc5b758fb3b7?s=48 andrewradev
0
160
26e1ba9a02729b2d6013604135221aae?s=48 yhara
0
150

Featured

See All Featured
78b475797a14c84799063c7cd073962f?s=48 holman
448
130k
E6c6e133e74c3b83f04d2861deaa1c20?s=48 searls
202
35k
24fc194843a71f10949be18d5a692682?s=48 gr2m
82
11k
245cee81a9c424266e5e401d844ea881?s=48 lara
13
2.4k
F383c6a4dc55e331bbe2987b622cee6b?s=48 stephaniewalter
256
11k
1b75d89772b7eea1f6c89fbf362607d9?s=48 moore
125
21k
B6a8f005f39d23ffc930508ac9da68b9?s=48 vanstee
115
4.7k
5ce91fa49a613cbc3e20d5f96856473f?s=48 edds
55
9.2k
48c098b6579220a67a6ba949be6e4b5a?s=48 revolveconf
197
9.5k
2f5463832ccb768ccb4a1ca3607c27ef?s=48 jacobian
253
19k
6804f1775cb4babfcc3851298566fbce?s=48 tanoku
85
8.4k
Aff5641764408271f7bc398f2097edd0?s=48 denniskardys
219
110k

Transcript

  1. @BastianHofmann CI/CD with Kubernetes Bastian Hofmann mail@bastianhofmann.de

  2. Continuous Integration

  3. Continuous Delivery

  4. None

  5. Container orchestration platform

  6. Deploy, run and scale your services in isolated containers

  7. No vendor lock in

  8. Standardized APIs

  9. Runs on

  10. Your laptop

  11. None

  12. Bare metal

  13. Cloud Providers

  14. And if you don't want to install and maintain Kubernetes

    yourself

  15. Managed Kubernetes

  16. None
  17. None

  18. So we have code, how do we get this into

    Kubernetes?

  19. Lot's of tools

  20. Example for this talk

  21. None

  22. Example application

  23. https:/ /gitlab.com/bashofmann/ angular-test-app

  24. https:/ /gitlab.com/bashofmann/ angular-test-app-finished

  25. Pipeline with multiple stages, each stage can have multiple jobs

  26. Stage 1: Preparing

  27. Stage 2: Linters and Tests

  28. Stage 3: Building an image

  29. Stage 4: On master: Deploying to Kubernetes into a stage

    namespace

  30. Stage 5: On master: Testing if stage works

  31. Stage 6: On tag: Tag the docker image

  32. Stage 7: On tag: Deploying to Kubernetes into a prod

    namespace

  33. Stage 8: On tag: Testing if prod works

  34. In detail

  35. Stage 1: Preparing

  36. Only do slow operations once and cache and re-use results

  37. Stage 2: Linters and Tests

  38. Add linters for everything

  39. Unit tests

  40. Integration tests

  41. Browser tests

  42. Stage 3: Building an image

  43. Make the build as fast as possible

  44. Make the image as small as possible

  45. Stage 4: On master: Deploying to Kubernetes into a stage

    namespace

  46. Stage 5: On master: Testing if stage works

  47. Stage 6: On tag: Tag the docker image

  48. Stage 7: On tag: Deploying to Kubernetes into a prod

    namespace

  49. Stage 8: On tag: Testing if prod works

  50. Use a versioning scheme

  51. Never deploy "latest"

  52. Use Kubernetes namespaces

  53. Use Helm or similar tools

  54. Make use of Kubernetes "magic"

  55. Sealed Secrets

  56. Secrets are stored encrypted in Git and encrypted inside of

    the cluster

  57. LoadBalancers

  58. Automatically creates a highly available LoadBalancer with a public IP

    address

  59. Ingress controller

  60. The ingress controller (nginx) listens on routing rules in Ingress

    Resources and configures itself to route incoming traffic to the correct running and healthy pods

  61. cert-manager

  62. Cert-manager listens on Ingress Resources and if they need TLS,

    requests a certificate from LetsEncrypt

  63. external-dns

  64. External-DNS listens on Ingress Resources and creates DNS entries

  65. Prometheus

  66. Kubernetes and Node metrics are automatically included

  67. Kubernetes and Node alerts are automatically included

  68. Kubernetes and Node dashboards are automatically included

  69. Scraping targets can be automatically discovered

  70. Service Meshes

  71. None

  72. Alternatives

  73. Flux

  74. None

  75. Knative

  76. Kubernetes-based platform to deploy and manage modern serverless workloads

  77. Tekton CD

  78. CI that runs completely within Kubernetes with Kubernetes Custom Resources

  79. mail@bastianhofmann.de https:/ /twitter.com/BastianHofmann http:/ /speakerdeck.com/u/bastianhofmann