Upgrade to Pro — share decks privately, control downloads, hide ads and more …

CI/CD with Kubernetes

8e82eb7e128a14a16d642ae55227339b?s=47 Bastian Hofmann
August 30, 2019
Programming
0
100

CI/CD with Kubernetes

8e82eb7e128a14a16d642ae55227339b?s=128

Bastian Hofmann

August 30, 2019
Tweet

More Decks by Bastian Hofmann

See All by Bastian Hofmann
8e82eb7e128a14a16d642ae55227339b?s=48 bastianhofmann
0
90
8e82eb7e128a14a16d642ae55227339b?s=48 bastianhofmann
0
59
8e82eb7e128a14a16d642ae55227339b?s=48 bastianhofmann
1
75
8e82eb7e128a14a16d642ae55227339b?s=48 bastianhofmann
0
76
8e82eb7e128a14a16d642ae55227339b?s=48 bastianhofmann
1
39
8e82eb7e128a14a16d642ae55227339b?s=48 bastianhofmann
1
190
8e82eb7e128a14a16d642ae55227339b?s=48 bastianhofmann
2
99
8e82eb7e128a14a16d642ae55227339b?s=48 bastianhofmann
0
99
8e82eb7e128a14a16d642ae55227339b?s=48 bastianhofmann
0
380

Other Decks in Programming

See All in Programming
De4cef85165e8a063b5e40fe1f24daa4?s=48 cocoeyes02
0
220
99d4c0ed3c8027ea1c37b53d6441d042?s=48 sullis
0
120
6ef7914944df6af99a2ca81e98087332?s=48 taoshotaro
1
370
E37b4344ef4bfd0fc4826c04971e54fb?s=48 nrslib
20
13k
7975b9fd58c8945ae1c6b38747de7f28?s=48 line_developers_tw2
0
720
1623dd1adf096ba35ba33727d933e14c?s=48 nbkouhou
0
910
22e056dcb79e14363e844f1e57986325?s=48 aratayokoyama
0
210
5d8df7ad959b5b34fd68d715974c4e46?s=48 chichou
1
840
F04982ad61107b5408ad139966596316?s=48 hanhan1978
0
290
347a1b64f3a6e38981bc99b53919e2b1?s=48 azdaroth
0
130
91b77d9a98b86e27838b183407270bc0?s=48 supikiti
3
1.3k
D76231a2114896dfcc7b79ac69558b79?s=48 yosuke_furukawa
PRO
14
3.8k

Featured

See All Featured
812e1705ff0f8bc1bcf18587bde687d5?s=48 62gerente
587
200k
5b6a2bd86ef643786a381a212e0ef2f1?s=48 geoffreycrofte
18
780
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
437
28k
44b54d2ffcb7857004071cc6795dde11?s=48 cassininazir
347
20k
Ef32e0b1ac5082450dc8c1fca3a26b5c?s=48 cherdarchuk
71
260k
4394ceb8b277f35ee3da7030384efb5d?s=48 davidbonilla
69
3.5k
A60068bce2e73de3a37ca9d2dbe36092?s=48 bryan
100
11k
15f2b8221f247985a27a627d2ece72f0?s=48 pauljervisheath
196
15k
F68cb25ae3e5c2106997454b13b7737d?s=48 brad_frost
156
6.4k
C0390e8b11079f8761c0cd3274ed61cb?s=48 productmarketing
5
660
9fa239b3154a0169d99ab7bf1422dd12?s=48 marcelosomers
220
15k
79acae287842acf29084005533a7fb3b?s=48 hursman
106
9.2k

Transcript

  1. @BastianHofmann CI/CD with Kubernetes Bastian Hofmann mail@bastianhofmann.de

  2. Continuous Integration

  3. Continuous Delivery

  4. None

  5. Container orchestration platform

  6. Deploy, run and scale your services in isolated containers

  7. No vendor lock in

  8. Standardized APIs

  9. Runs on

  10. Your laptop

  11. None

  12. Bare metal

  13. Cloud Providers

  14. And if you don't want to install and maintain Kubernetes

    yourself

  15. Managed Kubernetes

  16. None
  17. None

  18. So we have code, how do we get this into

    Kubernetes?

  19. Lot's of tools

  20. Example for this talk

  21. None

  22. Example application

  23. https:/ /gitlab.com/bashofmann/ angular-test-app

  24. https:/ /gitlab.com/bashofmann/ angular-test-app-finished

  25. Pipeline with multiple stages, each stage can have multiple jobs

  26. Stage 1: Preparing

  27. Stage 2: Linters and Tests

  28. Stage 3: Building an image

  29. Stage 4: On master: Deploying to Kubernetes into a stage

    namespace

  30. Stage 5: On master: Testing if stage works

  31. Stage 6: On tag: Tag the docker image

  32. Stage 7: On tag: Deploying to Kubernetes into a prod

    namespace

  33. Stage 8: On tag: Testing if prod works

  34. In detail

  35. Stage 1: Preparing

  36. Only do slow operations once and cache and re-use results

  37. Stage 2: Linters and Tests

  38. Add linters for everything

  39. Unit tests

  40. Integration tests

  41. Browser tests

  42. Stage 3: Building an image

  43. Make the build as fast as possible

  44. Make the image as small as possible

  45. Stage 4: On master: Deploying to Kubernetes into a stage

    namespace

  46. Stage 5: On master: Testing if stage works

  47. Stage 6: On tag: Tag the docker image

  48. Stage 7: On tag: Deploying to Kubernetes into a prod

    namespace

  49. Stage 8: On tag: Testing if prod works

  50. Use a versioning scheme

  51. Never deploy "latest"

  52. Use Kubernetes namespaces

  53. Use Helm or similar tools

  54. Make use of Kubernetes "magic"

  55. Sealed Secrets

  56. Secrets are stored encrypted in Git and encrypted inside of

    the cluster

  57. LoadBalancers

  58. Automatically creates a highly available LoadBalancer with a public IP

    address

  59. Ingress controller

  60. The ingress controller (nginx) listens on routing rules in Ingress

    Resources and configures itself to route incoming traffic to the correct running and healthy pods

  61. cert-manager

  62. Cert-manager listens on Ingress Resources and if they need TLS,

    requests a certificate from LetsEncrypt

  63. external-dns

  64. External-DNS listens on Ingress Resources and creates DNS entries

  65. Prometheus

  66. Kubernetes and Node metrics are automatically included

  67. Kubernetes and Node alerts are automatically included

  68. Kubernetes and Node dashboards are automatically included

  69. Scraping targets can be automatically discovered

  70. Service Meshes

  71. None

  72. Alternatives

  73. Flux

  74. None

  75. Knative

  76. Kubernetes-based platform to deploy and manage modern serverless workloads

  77. Tekton CD

  78. CI that runs completely within Kubernetes with Kubernetes Custom Resources

  79. mail@bastianhofmann.de https:/ /twitter.com/BastianHofmann http:/ /speakerdeck.com/u/bastianhofmann