Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GitOps Survival Guide: Kubernetes Edition

Julio Faerman
January 28, 2022

GitOps Survival Guide: Kubernetes Edition

Julio Faerman

January 28, 2022


  1. IMAGE HERE Continuous Delivery Fast feedback loops, agile innovation, evolutionary

    architectures and more. • Developers build with Git[Hub, Lab] • Git triggers events • Pipeline builds and tests artifacts • Resources are provisioned • Changes get deployed • Reliable rollout • Cleanup underutilized resources
  2. IMAGE HERE Not so simple… • How many “Clouds” and

    when? • Where are the “lock-ins”? • How many clusters? • How to build it? • Is it well-architected? • How to manage the database? • How to keep it all safe? • … “Do what you can, with what you’ve got, where you are.” Squire Bill Widener
  3. IMAGE HERE The Usual Suspects Security is a shared responsibility

    Demonstrate reliability by testing Keep collaboration through Git “There is nothing new in the world except the history you do not know.” Harry S Truman
  4. IMAGE HERE Immutable Infrastructure • Reduced, authentication, authorization and auditing

    • As reliable as yesterday • Push to prod from day 1 • Simpler rollbacks • Agile innovation • Not necessarily more expensive • Brings “Infrastructure as Code”
  5. IMAGE HERE Tiered Ops Database -> Maintenance Window API ->

    On Release APP -> Weekly CDN -> Never
  6. Multi-Cluster Design & Management Tier or Purpose DB, Network, Storage,

    Compute ... Grade or Data Development, Staging, Pre-prod, Prod, Decommissioned, ... Circle Employees, Beta, Premium, RC, GA, ... 1 2 3
  7. IMAGE HERE Infrastructure as Code & Terraform • Built on

    Git • Declarative • Repeatable • Extensible • Composable • Partially Managed • Fully Managed
  8. IMAGE HERE Pipelines, Builders & GitHub Actions scheduled workflow_dispatch repository_dispatch

    check_run check_suite create delete deployment deployment_status discussion discussion_comment fork follum issue_comment issues label milestone page_build project project_card project_column public pull_request pull_request_review pull_request_review_comment pull_request_target push registry_package release status watch workflow_run
  9. IMAGE HERE Managing Configuration Naming Conventions git checkout -b prod/env2020

    Environment Variables ENV_NAME=prod/env2020 Repository Content infra/prod/env2020.yaml Separate Repository https://github.com/acme/private-repo/blob/main/ infra/prod/env2020.yaml Secrets are Special GitHub Secrets Hashicorp Vault AWS Systems Manager
  10. So, GitOps... Infrastructure as Code Manage infrastructure operations as if

    it was code, using tools and process from software development. Collaborate through Git Use commands, tools and services from Git as a source of code and events. Continuous Delivery Separate deploy and release, releasing frequently and confidently, by deep automation and testing. 1 2 3