1 OpenShift GitOps - What’s New and What’s Next Christian Hernandez Senior Principal Technical Marketing Manager Red Hat Cloud Platforms BU

DevOps is the key to meet the insatiable demand for delivering quality applications rapidly 2

3 What is GitOps? An developer-centric approach to Continuous Delivery and infrastructure operation Treat everything as code Git is the single source of truth Operations through Git workflows

GitOps Principles 4 CNCF GitOps Principles by OpenGitOps I. DECLARATIVEL Y A system’s desired state must be declarative II. IMMUTABILITY Declarations must be stored as immutable version III. CONTINUOUS RECONCILIATION State reconciliation must be continuous IV. DECLARATIVE OPERATIONS Operations should be through versioned mutation of the declaration

5 GitOps Workflow a declarative approach to application delivery A A A What you want (desired state) What you have (current state) CD

Why GitOps? Reliably and consistently configure multiple Kubernetes clusters and deployment 6 Capturing and tracing any change to clusters through Git history Visibility and Audit Review changes beforehand, detect configuration drifts, and take action Enhanced Security Familiar tools and Git workflows from application development teams Standard Workflow Multi-cluster consistency

7 Source Git Repository Image Registry CI The GitOps Application Delivery Model

8 Source Git Repository Config Git Repository Image Registry Kubernetes CI CD The GitOps Application Delivery Model Pull Request Push Pull

Push Pull Pull Request 9 Source Git Repository Image Registry CI The GitOps Application Delivery Model Config Git Repository Kubernetes Deploy Monitor Detect drift Take action CD

10 OpenShift GitOps Declarative GitOps for multi-cluster continuous delivery

11 OpenShift GitOps Declaratively manage cluster and application configurations across multi-cluster OpenShift and Kubernetes infrastructure with Argo CD Automated install, configurations and upgrade of Argo CD through OperatorHub Visibility into application deployments across environments and the history of deployments in the OpenShift Console Automated Argo CD install and upgrade Multi-cluster config management Opinionated GitOps bootstrapping Deployments and environments insights OPENSHIFT GITOPS Bootstrap end-to-end GitOps workflows for application delivery using Argo CD and Tekton with GitOps Application Manager CLI Powered by

12 Sync Monitor Detect drift Take action Argo CD ● Cluster and application configuration versioned in Git ● Automatically syncs configuration from Git to clusters ● Drift detection, visualization and correction ● Granular control over sync order for complex rollouts ● Rollback and rollforward to any Git commit ● Manifest templating support (Helm, Kustomize, etc) ● Visual insight into sync status and history OPENSHIFT GITOPS

13 An application scoped Argo CD pulls application deployment and configurations into app namespaces Flexible Deployment Strategies Central Hub (Push) Application Scoped (Pull) Cluster Scoped (Pull) OpenShift OpenShift Auth Registry Networking Storage Install Operators Namespaces ... OpenShift App A NS NS NS App A App B NS NS NS App B A central Argo CD pushes Git repository content to remote OpenShift and Kubernetes clusters A cluster-scope Argo CD pulls cluster service configurations into into the OpenShift cluster OPENSHIFT GITOPS

14 GitOps Application Manager CLI ● Bootstraps Git repos for GitOps ● Configures deployment environments ● Configures webhooks for Tekton Pipelines for CI ● Configures Argo CD for deployment to environments ● Kustomize for environment-specific configs ● Integration with secret managers $ kam bootstrap $ kam environment add stage DEV PREVIEW

GitOps Application Manager CLI 15 Pull Tekton Pipelines Argo CD Push source code Webhook Image Registry Pull-request app manifests Pull Dev Environment Staging Environment Prod Environment Push Sync $ kam bootstrap DEV PREVIEW

What's new in OpenShift 4.8 OpenShift GitOps PM: Siamak Sadeghianfar ● OpenShift GitOps 1.2 GA on OCP 4.8 ● Argo CD auth integrated out-of-the-box with OpenShift via RH SSO ● Simplified Argo CD privilege configuration ● Enhanced environments view in Dev Console ● RHACM and Argo CD integrations ○ RHACM imports clusters to Argo CD’s ○ Argo CD application roll-up in RHACM ○ Argo CD application in RHACM Topology

OpenShift GitOps Roadmap 17 Q1 2021 OpenShift GitOps 1.0 - Tech Preview ◦ Pre-configured Argo CD for cluster configs ◦ Argo DD in air-gapped clusters ◦ Argo CD proxy config support ◦ Argo CD deployment guide ◦ Argo CD metrics in cluster Prometheus ◦ Out of sync alerts in cluster AlertManager OpenShift GitOps 1.1 - GA ◦ Argo CD logs aggregated in cluster logging stack ◦ Guidance on auth integrations with OpenShift ◦ Dynamic generation of Applications (ApplicationSets) Q2 2021 Q3 2021 OpenShift GitOps 1.2 ◦ Cluster Argo CD uses OpenShift auth ◦ kam - simplified Git repo layout ◦ Add custom Argo CD plugins and tools ◦ Secret management guidance ◦ Dev Console - application environments views OpenShift GitOps 1.3+ ◦ Namespaced Argo CD uses OpenShift auth ◦ Managed OpenShift GitOps on OSD ◦ ApplicationSets integration with RHACM ◦ Health status for OpenShift resources ◦ Multi-tenant Argo CD control plane ◦ Helm Charts in kam Q4 2021

linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHat 18 Red Hat is the world’s leading provider of enterprise open source software solutions. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. Thank you Optional section marker or title