Upgrade to Pro — share decks privately, control downloads, hide ads and more …

KubeCI - Cloud Native Continuous Delivery

Matthias Loibl
June 19, 2018
Programming
0
190

KubeCI - Cloud Native Continuous Delivery

Getting CI/CD pipelines to work on Kubernetes is a tricky endeavor, especially if you are looking for a Cloud Native CI/CD solution. KubeCI is an open source Continuous Delivery system built on Drone for Kubernetes. A simple YAML configuration file is used to the define and execute pipelines inside Kubernetes Pods. We will talk about why CI/CD pipelines are painful today. We will do some live coding, and show you how KubeCI can make a CI/CD deployment on Kubernetes simple. The audience will get insights about why we build KubeCI and how we want to extend it in the future.

Matthias Loibl

June 19, 2018
Tweet

More Decks by Matthias Loibl

See All by Matthias Loibl
KubeCon EU 2020 Virtual - Introduction to Thanos
metalmatze
0
160
Shipping Metrics from the Edge
metalmatze
0
340
Generating SLO rules for Prometheus
metalmatze
1
350
Berlin Prometheus Meetup - April 2019
metalmatze
0
37
Kubernetes' Metrics API
metalmatze
1
880
Containers - Docker and 12 Factor Apps
metalmatze
0
140
Prometheus - Styx
metalmatze
0
1.4k

Other Decks in Programming

See All in Programming
Honoの3+1のルーターとそこにつながるPRがプロジェクトにもたらしたもの
usualoma
1
580
prototype大全 / YAPC::Kyoto 2023
utgwkk
0
630
Neovimで好きなプラグイン5選 / my_5_favorite_neovim_plugins
uhooi
0
420
230307北海道オープンデータ推進セミナー
furukawayasuto
1
180
オンプレミスK8s基盤をまるごと VMで仮想化した検証環境とその活用
yamatcha
1
450
テキストエディタのブラウザ実装 / tokyo_study
oliver_diary
0
150
PHPerがGoに入門してみた/PHPer introduction to Go.
fendo181
0
2.7k
Flaky Tests - Fighting Nightmares
leichteckig
0
200
TokyoR#104_DataProcessing
kilometer
1
320
KMMのCI/CD
kubode
3
270
PHP8によるデザインパターン入門 / Introduction to Design Patterns with PHP8
fendo181
1
220
GitHub ActionsとDeployGateで始めるAndroidアプリのCICD
yuhei_fujita
2
130

Featured

See All Featured
The Invisible Side of Design
smashingmag
292
49k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
10
1.4k
What the flash - Photography Introduction
edds
64
10k
Principles of Awesome APIs and How to Build Them.
keavy
117
16k
How STYLIGHT went responsive
nonsquared
89
4.2k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
32
7.2k
jQuery: Nuts, Bolts and Bling
dougneiner
57
6.7k
Testing 201, or: Great Expectations
jmmastey
25
5.8k
Six Lessons from altMBA
skipperchong
15
2.4k
For a Future-Friendly Web
brad_frost
166
7.9k
Producing Creativity
orderedlist
PRO
335
38k
We Have a Design System, Now What?
morganepeng
37
6k

Transcript

  1. KubeCI
    Cloud Native Continuous Delivery
    Matthias Loibl - @metalmatze
    Loodse

    View Slide

  2. Drone

    View Slide

  3. Drone
    ● Continuous Delivery
    ● Automates your testing and releases
    ● Open Source
    ● Written in Go
    ● Built on Docker
    ○ Each step is a new container

    View Slide

  4. Version Control Support

    View Slide

  5. Declarative Configuration
    pipeline:
    frontend:
    image: node
    commands:
    - npm install
    - npm test
    backend:
    image: golang
    commands:
    - go test -v
    - go install
    services:
    database:
    image: mysql

    View Slide

  6. Plugins

    View Slide

  7. Languages
    Everything that can be executed in a Container

    View Slide

  8. Installation
    ● docker-compose.yml
    ● Uses SQLite by default
    ○ MySQL & Postgres are easy to enable
    server:
    image: drone/drone:0.8
    ports:
    - 80:8000
    - 9000
    volumes:
    - /var/lib/drone:/var/lib/drone/
    restart: always
    environment:
    - DRONE_OPEN=true
    - DRONE_HOST=${DRONE_HOST}
    - DRONE_GITHUB=true
    - DRONE_GITHUB_CLIENT=${DRONE_GITHUB_CLIENT}
    - DRONE_GITHUB_SECRET=${DRONE_GITHUB_SECRET}
    - DRONE_SECRET=${DRONE_SECRET}
    agent:
    image: drone/agent:0.8
    command: agent
    restart: always
    depends_on:
    - drone-server
    volumes:
    - /var/run/docker.sock:/var/run/docker.sock
    environment:
    - DRONE_SERVER=drone-server:9000
    - DRONE_SECRET=${DRONE_SECRET}

    View Slide

  9. Installation
    ● Can be deployed to Kubernetes
    ● Helm chart available
    $ helm install stable/drone
    Still uses the Docker socket...

    View Slide

  10. Demo

    View Slide

  11. What’s next?

    View Slide

  12. Multi Machine Pipelines
    ● Chain together multiple pipelines
    ● Multi-machine fan-in and fan-out
    ● Multi-operating system and multi-architecture builds
    ● Replaces matrix builds

    View Slide

  13. Multi Machine Pipelines
    ---
    pipeline:
    name: backend
    steps:
    - name: build
    image: golang
    commands:
    - go build
    - go test
    ...
    ---
    depends_on: [ backend, frontend ]
    pipeline:
    name: notify
    steps:
    - name: slack
    image: plugins/slack
    ---
    pipeline:
    name: frontend
    steps:
    - name: build
    image: node
    commands:
    - npm install
    - npm test
    ...
    What does it look like?

    View Slide

  14. ● Generate config data (YAML)
    ● For really big pipelines
    ● Share config across projects with imports
    Jsonnet
    {
    pipeline: {
    local go = 'golang:1.10.3',
    'test': drone.step.new(go, group='build', commands=[
    'cd api',
    'make test',
    ]),
    'build': drone.step.new(go, group='build', commands=[
    'cd api',
    'make build',
    ]),
    ...
    }
    }
    pipeline:
    test:
    image: golang:1.10.3
    group: go
    commands:
    - cd api
    - make test
    build:
    image: golang:1.10.3
    group: go
    commands:
    - cd api
    - make build
    ...
    $ drone jsonnet
    .drone.jsonnet .drone.yml

    View Slide

  15. Kubernetes Runtime
    ● Needs Kubernetes 1.10+
    ● Implements the same interface as the Docker runtime
    ● Takes a kubeconfig to connect to Kubernetes
    ● Talks to the Kubernetes apiserver
    ● Schedules
    ○ Services
    ○ Pods
    ○ Persistent Volumes (local volume)
    DRONE_KUBERNETES=true
    DRONE_KUBERNETES_KUBECONFIG=/home/user/.kube/config
    DRONE_KUBERNETES_NAMESPACE=drone

    View Slide

  16. Kubernetes Runtime Improvements
    ● At the moment we pick a random machine
    ○ Use NodeAffinity
    ● Building Docker containers on Kubernetes
    ○ Needs privileges
    ● No way to reference secrets
    ● No way to reference configmaps
    Expect a lot of fixes and improvements!

    View Slide

  17. Demo

    View Slide

  18. KubeCI
    Cloud Native Continuous Delivery

    View Slide

  19. KubeCI
    ● We created a Drone Kubernetes Runtime
    ● We have a lot more ideas

    View Slide

  20. ● Wraps kubectl
    ● Decodes base64 secrets
    ● Some basic templating
    ○ {{ .DroneCommit }}
    ○ {{ .DroneBranch }}
    pipeline:
    kubectl:
    image: kubeciio/kubectl
    secrets: [ kubeconfig ]
    kubectl: apply
    files:
    - /path/to/folder/foo.yaml
    - /path/to/folder/bar.yaml
    - /path/to/folder/baz.yaml
    Plugins - kubectl

    View Slide

  21. ● Wraps helm
    ● Decodes base64 secrets
    ● Sets tiller namespace
    ● Iterates over charts array
    ● Fetches specific helm version
    pipeline:
    helm:
    image: kubeciio/helm
    secrets: [ kubeconfig ]
    helm: upgrade --install
    tiller_namespace: helm
    charts:
    - name: prometheus
    path: monitoring/prometheues/
    namespace: monitoring
    - name: nginx
    path: ingress/nginx/
    namespace: ingress-nginx
    - name: cert-manager
    path: cert-manager/
    namespace: cert-manager
    Plugins - helm

    View Slide

  22. ● Uses genuinetools/img
    ○ daemon-less
    ○ unprivileged Dockerfile
    ○ OCI compatible
    ● Drop-in replacement for Drone’s
    Docker plugin
    ○ Interesting for Kubernetes
    Plugins - img
    pipelines:
    img:
    image: kubeciio/img
    repo: prom/prometheus
    secrets: [ docker_username, docker_password ]
    tag: [ latest, 0.3, 0.3.1 ]
    when:
    event: tag
    WIP

    View Slide

  23. What are your needs?
    What CI/CD challenges for Kubernetes do you have?
    Tell us!
    Plugins

    View Slide

  24. How we scale DroneCI on demand
    - Patrick Jahns & Thomas Boerger
    Stage 3 - (MS Bleichen)
    Understanding GitLab CI
    - Kamil Trzcinksi
    Stage 3 - (MS Bleichen)
    Upcoming talk

    View Slide

  25. Brad Rydzewski - @bradrydzewski
    Creator of Drone
    Chris Bargmann - @chrisbargmann
    Support on KubeCI plugins
    Stefan Schimanski - @the_sttts
    Brainstorming at FOSDEM
    Jason Murray - @chaosaffe
    Initial hacking sessions
    Acknowledgements

    View Slide

  26. Thank you
    Matthias Loibl - @metalmatze
    Loodse

    View Slide