GitOps Survival Guide: Kubernetes Edition

Transcript

1. GitOps Survival Guide Kubernetes Edition Julio Faerman @faermanj

2. IMAGE HERE Continuous Delivery Fast feedback loops, agile innovation, evolutionary

   architectures and more. • Developers build with Git[Hub, Lab] • Git triggers events • Pipeline builds and tests artifacts • Resources are provisioned • Changes get deployed • Reliable rollout • Cleanup underutilized resources

3. IMAGE HERE Not so simple… • How many “Clouds” and

   when? • Where are the “lock-ins”? • How many clusters? • How to build it? • Is it well-architected? • How to manage the database? • How to keep it all safe? • … “Do what you can, with what you’ve got, where you are.” Squire Bill Widener

4. CONFIDENTIAL designator V0000000 Is this cloud computing?

5. CONFIDENTIAL designator V0000000 Is this cloud? 5 Source: https://i.redd.it/8v9fopt6wlx31.jpg Is

   this cloud too?

6. CONFIDENTIAL designator V0000000 Is this cloud? 6 Source: https://i.redd.it/8v9fopt6wlx31.jpg What

   about those?

7. IMAGE HERE Kubernetes “end to end”?

8. CONFIDENTIAL designator V0000000

9. IMAGE HERE Red Hat OpenShift on * https://caravana.cloud/projetos

10. IMAGE HERE Red Hat OpenShift on * https://caravana.cloud/projetos

11. IMAGE HERE Red Hat OpenShift on * https://caravana.cloud/projetos

12. https://learnk8s.io/research

13. IMAGE HERE Well-Architected? • Security • Reliability • Performance •

    Costs • Operational Visibility

14. CONFIDENTIAL designator V0000000 14 bV Evolutionary vs Well-Architected

15. IMAGE HERE The Usual Suspects Security is a shared responsibility

    Demonstrate reliability by testing Keep collaboration through Git “There is nothing new in the world except the history you do not know.” Harry S Truman

16. CONFIDENTIAL designator V0000000 / Evolutionary vs Well-Architected /

17. IMAGE HERE Auto-deployment vs. Auto-provisioning

18. IMAGE HERE Immutable Infrastructure • Reduced, authentication, authorization and auditing

    • As reliable as yesterday • Push to prod from day 1 • Simpler rollbacks • Agile innovation • Not necessarily more expensive • Brings “Infrastructure as Code”

19. Immutable > Blue/Green > Canary > Circle

20. Database Migrations

21. IMAGE HERE Tiered Ops Database -> Maintenance Window API ->

    On Release APP -> Weekly CDN -> Never

22. Multi-Cluster Design & Management Tier or Purpose DB, Network, Storage,

    Compute ... Grade or Data Development, Staging, Pre-prod, Prod, Decommissioned, ... Circle Employees, Beta, Premium, RC, GA, ... 1 2 3

23. CONFIDENTIAL designator V0000000 The Paradox of Choice

24. IMAGE HERE It starts with shell and yaml… https://caravana.cloud/coding-interviews

25. IMAGE HERE Infrastructure as Code & Terraform • Built on

    Git • Declarative • Repeatable • Extensible • Composable • Partially Managed • Fully Managed

26. IMAGE HERE Collaboration with Branches, PRs, Threads &+! https://caravana.cloud/projetos

27. IMAGE HERE Pipelines, Builders & GitHub Actions scheduled workflow_dispatch repository_dispatch

    check_run check_suite create delete deployment deployment_status discussion discussion_comment fork follum issue_comment issues label milestone page_build project project_card project_column public pull_request pull_request_review pull_request_review_comment pull_request_target push registry_package release status watch workflow_run

28. IMAGE HERE Managing Configuration Naming Conventions git checkout -b prod/env2020

    Environment Variables ENV_NAME=prod/env2020 Repository Content infra/prod/env2020.yaml Separate Repository https://github.com/acme/private-repo/blob/main/ infra/prod/env2020.yaml Secrets are Special GitHub Secrets Hashicorp Vault AWS Systems Manager

29. CONFIDENTIAL designator V0000000 Observability Metrics Logs Alarms Events Traces

30. CONFIDENTIAL designator V0000000 Fault Tolerance at Netflix

31. CONFIDENTIAL designator V0000000

32. IMAGE HERE Operator Maturity Model https://caravana.cloud/coding-interviews

33. So, GitOps... Infrastructure as Code Manage infrastructure operations as if

    it was code, using tools and process from software development. Collaborate through Git Use commands, tools and services from Git as a source of code and events. Continuous Delivery Separate deploy and release, releasing frequently and confidently, by deep automation and testing. 1 2 3

34. CONFIDENTIAL designator V0000000 learn.openshift.com

35. References Red Hacks https://dev.to/redhacks Awesome Kubernetes https://redhatspain.com Learn OpenShift GitOps

    https://learn.openshift.com/gitops/ Learn k8s https://learnk8s.io/

36. 🙏 ❤ Julio Faerman @faermanj

37. IMAGE HERE GitOps Blueprints https://caravana.cloud

38. CONFIDENTIAL designator V0000000

39. CONFIDENTIAL designator V0000000

40. IMAGE HERE Here, there and everywhere; Distributed teams, tools and

    culture

41. IMAGE HERE OKD https://caravana.cloud/projetos

42. IMAGE HERE Red Hat OpenShift Platform Plus