Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CI/CD with Kubernetes
Search
Bastian Hofmann
August 30, 2019
Programming
0
190
CI/CD with Kubernetes
Bastian Hofmann
August 30, 2019
Tweet
Share
More Decks by Bastian Hofmann
See All by Bastian Hofmann
Monitoring in Kubernetes with Prometheus and Grafana
bastianhofmann
0
330
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
120
Highly available cross-region deployments with Kubernetes
bastianhofmann
1
150
From source to Kubernetes in 30 minutes
bastianhofmann
0
160
Introduction to Kubernetes
bastianhofmann
1
140
Creating a fast Kubernetes Development Workflow
bastianhofmann
1
260
Deploying your first Micro-Service application to Kubernetes
bastianhofmann
2
180
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
230
Dive-In-Workshop: Kubernetes
bastianhofmann
0
430
Other Decks in Programming
See All in Programming
alien-signals と自作 OSS で実現する フレームワーク非依存な ロジック共通化の探求 / Exploring Framework-Agnostic Logic Sharing with alien-signals and Custom OSS
aoseyuu
2
760
CSC305 Lecture 10
javiergs
PRO
0
290
AI駆動で0→1をやって見えた光と伸びしろ
passion0102
1
880
Claude Agent SDK を使ってみよう
hyshu
0
1.4k
AIと人間の共創開発!OSSで試行錯誤した開発スタイル
mae616
2
820
ドメイン駆動設計のエッセンス
masuda220
PRO
14
5.5k
EMこそClaude Codeでコード調査しよう
shibayu36
0
460
One Enishi After Another
snoozer05
PRO
0
170
Leading Effective Engineering Teams in the AI Era
addyosmani
7
660
TransformerからMCPまで(現代AIを理解するための羅針盤)
mickey_kubo
7
5.6k
Vueのバリデーション、結局どれを選べばいい? ― 自作バリデーションの限界と、脱却までの道のり ― / Which Vue Validation Library Should We Really Use? The Limits of Self-Made Validation and How I Finally Moved On
neginasu
2
1.6k
Google Opalで使える37のライブラリ
mickey_kubo
3
150
Featured
See All Featured
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.5k
Writing Fast Ruby
sferik
630
62k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
130k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
9
930
Optimising Largest Contentful Paint
csswizardry
37
3.5k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
658
61k
KATA
mclloyd
PRO
32
15k
Designing for humans not robots
tammielis
254
26k
A designer walks into a library…
pauljervisheath
209
24k
The Power of CSS Pseudo Elements
geoffreycrofte
80
6k
RailsConf 2023
tenderlove
30
1.3k
Mobile First: as difficult as doing things right
swwweet
225
10k
Transcript
@BastianHofmann CI/CD with Kubernetes Bastian Hofmann
[email protected]
Continuous Integration
Continuous Delivery
None
Container orchestration platform
Deploy, run and scale your services in isolated containers
No vendor lock in
Standardized APIs
Runs on
Your laptop
None
Bare metal
Cloud Providers
And if you don't want to install and maintain Kubernetes
yourself
Managed Kubernetes
None
None
So we have code, how do we get this into
Kubernetes?
Lot's of tools
Example for this talk
None
Example application
https:/ /gitlab.com/bashofmann/ angular-test-app
https:/ /gitlab.com/bashofmann/ angular-test-app-finished
Pipeline with multiple stages, each stage can have multiple jobs
Stage 1: Preparing
Stage 2: Linters and Tests
Stage 3: Building an image
Stage 4: On master: Deploying to Kubernetes into a stage
namespace
Stage 5: On master: Testing if stage works
Stage 6: On tag: Tag the docker image
Stage 7: On tag: Deploying to Kubernetes into a prod
namespace
Stage 8: On tag: Testing if prod works
In detail
Stage 1: Preparing
Only do slow operations once and cache and re-use results
Stage 2: Linters and Tests
Add linters for everything
Unit tests
Integration tests
Browser tests
Stage 3: Building an image
Make the build as fast as possible
Make the image as small as possible
Stage 4: On master: Deploying to Kubernetes into a stage
namespace
Stage 5: On master: Testing if stage works
Stage 6: On tag: Tag the docker image
Stage 7: On tag: Deploying to Kubernetes into a prod
namespace
Stage 8: On tag: Testing if prod works
Use a versioning scheme
Never deploy "latest"
Use Kubernetes namespaces
Use Helm or similar tools
Make use of Kubernetes "magic"
Sealed Secrets
Secrets are stored encrypted in Git and encrypted inside of
the cluster
LoadBalancers
Automatically creates a highly available LoadBalancer with a public IP
address
Ingress controller
The ingress controller (nginx) listens on routing rules in Ingress
Resources and configures itself to route incoming traffic to the correct running and healthy pods
cert-manager
Cert-manager listens on Ingress Resources and if they need TLS,
requests a certificate from LetsEncrypt
external-dns
External-DNS listens on Ingress Resources and creates DNS entries
Prometheus
Kubernetes and Node metrics are automatically included
Kubernetes and Node alerts are automatically included
Kubernetes and Node dashboards are automatically included
Scraping targets can be automatically discovered
Service Meshes
None
Alternatives
Flux
None
Knative
Kubernetes-based platform to deploy and manage modern serverless workloads
Tekton CD
CI that runs completely within Kubernetes with Kubernetes Custom Resources
[email protected]
https:/ /twitter.com/BastianHofmann http:/ /speakerdeck.com/u/bastianhofmann