Continuous Delivery to Kubernetes

Transcript

1. Continuous Delivery to Kubernetes DEPLOYMENT INTERFACES Lothar Schulz @lothar_schulz Continuous

   Lifecycle 2018-11-15

2. 2 WE ARE CONSTANTLY INNOVATING TECHNOLOGY HOME-BREWED, CUTTING-EDGE & SCALABLE

   technology solutions ~ 2,000 employees from tech locations (HQs in Berlin) 7 77 nations revenue 2017 ~ 4.5billion EUR

3. 3

4. 4 Me Engineering Lead at Zalando Code • https://github.com/zalando •

   https://github.com/lotharschulz @lothar_schulz lotharschulz.info

5. 5 CI/CD @ ZALANDO STUPS (toolset around AWS) Kubernetes Lizzy

   & CloudLobster Lizzy

6. 6 Deployment Format

7. 7 Dependency $ cat Dockerfile # "latest" will be used

   when --build-arg is omitted ARG BASE_IMAGE_VERSION=latest FROM registry.opensource.zalan.do/stups/python: ${BASE_IMAGE_VERSION} …

8. 8 Deployment & Integration descriptor ~/zalando/dev/ghe-backup-deploy on master $ filetree

   README.md delivery.yaml deploy |-deploy apply |---apply kube|secret.yaml statefulset.yaml

9. 9 Trigger

10. 10 SCM integration - ….

11. 11 Compliance In general, compliance means conforming to a rule,

    such as a specification, policy, standard or law. https://en.wikipedia.org/wiki/Regulatory_compliance

12. 12 Tests $ cat delivery.yaml version: "2017-09-20" ….. - desc:

    "run tests" cmd: | nosetests -w python

13. 13 Credentials $ cat delivery.yaml version: "2017-09-20" - desc: "build

    and push docker images" cmd: | PIERONE_NAMESPACE=pierone.stups.zalan.do/machinery BASE_IMAGE=$PIERONE_NAMESPACE/ghe-backup IMAGE=$BASE_IMAGE:cdp-${CDP_BUILD_VERSION} CACHE_IMAGE=$BASE_IMAGE:latest docker build --cache-from $CACHE_IMAGE -t $CACHE_IMAGE -t $IMAGE -f Dockerfile . if [ -z "$CDP_PULL_REQUEST_NUMBER" ]; then docker push $IMAGE echo "$IMAGE pushed" else ... fi

14. 14 Build AWS Credentials & Setup Continuous Delivery to Kubernetes

    at Zalando CICD-Meetup 20170920 source code management system Controller code change trigger Builder Proxy Docker Registry Worker VMs token injection schedules and monitors tasks source code checkout task execution image upload

15. 15 Build AWS Credentials & Setup Continuous Delivery to Kubernetes

    at Zalando CICD-Meetup 20170920 source code management system Controller code change trigger Builder Proxy Docker Registry Worker VMs token injection schedules and monitors tasks source code checkout task execution image upload

16. 16 Git Branches & Pull Requests Builds branch 1 branch

    2

17. 17 Git Branches & Pull Requests Builds branch 1 branch

    2 Poll PR until mergeable is true https://developer.github.com/v3/pulls/#response-1 https://developer.github.com/v3/git/#checking-mergeability-of-pull-requests

18. 18 Git Branches & Pull Requests Builds branch 1 branch

    2 reference is not a tree reference ?

19. 19 Git Branches & Pull Requests Builds branch 1 branch

    2 commits without reference can’t be accessed https://developer.github.com/v3/git/refs/#create-a-reference

20. 20 Git Branches & Pull Requests Builds branch 1 branch

    2 merge A & B in worker VMs/nodes A B

21. 21 Hands off operations $ zkubectl get po | grep

    cdp-controller cdp-controller-7985fd799f-4jpbz cdp-controller-7985fd799f-rgpf8

22. 22 Traffic https://github.com/zalando-incubator/stackset-controller

23. 23 polling must die Don’t call us, we notify you.

24. 24 AWS S3 control access via IAM roles provision roles

    in AWS accounts change request cache control headers object store

25. 25 • creates git repository • configures zappr • creates

    a deployment descriptor • can create K8s manifests • deploys app to test cluster • creates default monitoring repository creator

26. 26 Support round robin

27. 27 Culture Focus on single customer group Autonomy doesn’t work

    without a corresponding accountability model End to End Ownership Autonomy has to be learned and earned

28. 28 Culture

29. 29 - build https://github.com/zalando/ghe-backup - delivery.yaml - deploy to k8s

    with Github Enterprise feedback - delivery.yaml - I’m sure you have questions https://www.flickr.com/photos/eyecatcherfotosde/2539793798 @lothar_schulz lotharschulz.info