Supercharge Your Kubernetes Platform With Carvel (KCD Munich 2023)

Slide 1

Slide 1 text

Thomas Vitale KCD Munich July 18th, 2023 Supercharge Your Kubernetes Platform With Carvel @vitalethomas

Slide 2

Slide 2 text

Systematic • Software Engineer and Cloud Architect. • Author of “Cloud Native Spring in Action” (Manning). • OSS contributor (Java, Spring, Cloud Native Technologies) Thomas Vitale thomasvitale.com @vitalethomas

Slide 3

Slide 3 text

Cloud Native Platform Enabling product teams to deliver software better, faster, safer @vitalethomas End-User PLATFORM API PLATFORM BACKEND Certi fi cate Management Continuous Deployment Serverless Runtime Supply Chain Choreographer Ingress and Load Balancing … Continuous Deployment

Slide 4

Slide 4 text

https://carvel.dev

Slide 5

Slide 5 text

https://carvel.dev

Slide 6

Slide 6 text

1. Upstream Dependencies @vitalethomas

Slide 7

Slide 7 text

@vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment 5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

Slide 8

Slide 8 text

vendir Upstream dependencies Sync upstream dependencies Support various sources Lock dependencies for repeatability @vitalethomas

Slide 9

Slide 9 text

vendir Upstream dependencies @vitalethomas apiVersion: vendir.k14s.io/v1alpha1 kind: Config directories: - contents: - git: ref: v2.7.7 url: https://github.com/argoproj/argo-cd includePaths: - manifests/install.yaml newRootPath: manifests path: . path: config/upstream vendir.yml $ vendir sync

Slide 10

Slide 10 text

2. Deployment @vitalethomas

Slide 11

Slide 11 text

@vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment 5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

Slide 12

Slide 12 text

kapp Deployments Group resources as “application” Predictable and safe deployments Wait for reconciliation @vitalethomas Order resources based on dependencies Record application deployment history

Slide 13

Slide 13 text

@vitalethomas apiVersion: kapp.k14s.io/v1alpha1 kind: Config rebaseRules: - path: [data] type: copy sources: [new, existing] resourceMatchers: - kindNamespaceNameMatcher: kind: Secret namespace: argocd name: argocd-secret kapp-con fi g.yml $ kapp deploy -a argo-cd -f install.yml -f kapp-config.yml kapp Deployments

Slide 14

Slide 14 text

@vitalethomas $ kapp deploy -a argo-cd -f install.yml -f kapp-config.yml kapp Deployments $ kapp list -A $ kapp inspect -a argo-cd $ kapp delete -a argo-cd

Slide 15

Slide 15 text

3. Configuration @vitalethomas

Slide 16

Slide 16 text

@vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment 5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

Slide 17

Slide 17 text

ytt Con fi guration Con fi guration via templates Structure-oriented Con fi guration via overlays @vitalethomas Schema validation Any YAML

Slide 18

Slide 18 text

@vitalethomas $ ytt -f config ytt Con fi guration #@ load("@ytt:data", "data") --- apiVersion: v1 kind: ConfigMap metadata: name: argo-demo-info namespace: argocd data: conference: #@ data.values.conference_name template.yml

Slide 19

Slide 19 text

@vitalethomas #@ load("@ytt:data", "data") #@ load("@ytt:overlay", "overlay") #@ def argo_service(): kind: Service metadata: name: argocd-server #@ end #@overlay/match by=overlay.subset(argo_service()) --- spec: #@overlay/match missing_ok=True type: #@ data.values.service_type overlay.yml $ ytt -f config ytt Con fi guration

Slide 20

Slide 20 text

@vitalethomas $ ytt -f config ytt Con fi guration #@data/values-schema --- conference_name: “KCD Munich” #@schema/desc "The service type for the ArgoCD Server." #@schema/validation one_of=["ClusterIP", "LoadBalancer", "NodePort"] service_type: ClusterIP schema.yml

Slide 21

Slide 21 text

4. Image Resolution @vitalethomas

Slide 22

Slide 22 text

@vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment 5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

Slide 23

Slide 23 text

kbld Image resolution @vitalethomas Resolve image references Orchestrate OCI builds Lock references for repeatability

Slide 24

Slide 24 text

@vitalethomas apiVersion: kbld.k14s.io/v1alpha1 kind: Config overrides: - image: ghcr.io/dexidp/dex:v2.37.0 newImage: ghcr.io/dexidp/dex@sha256:f579d00721… preresolved: true - image: quay.io/argoproj/argocd:v2.7.7 newImage: quay.io/argoproj/argocd@sha256:6a5d0e909b… preresolved: true - image: redis:7.0.11-alpine newImage: index.docker.io/library/redis@sha256:121bac949f… preresolved: true kbld.lock.yml $ kbld -f config --lock-output kbld.lock.yml kbld Image resolution

Slide 25

Slide 25 text

5. Artifact Bundles @vitalethomas

Slide 26

Slide 26 text

@vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment 5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

Slide 27

Slide 27 text

imgpkg Artifact bundles @vitalethomas Bundle con fi g as OCI artifacts Uni fi ed distribution for apps+con fi g Support air-gapped environments

Slide 28

Slide 28 text

@vitalethomas $ kbld -f config --imgpkg-lock-output .imgpkg/images.yml $ imgpkg push -b :argo-cd-bundle:v2.7.7 -f config imgpkg Artifact bundles $ imgpkg pull -b :argo-cd-bundle:v2.7.7 -o pulled-config $ imgpkg copy -b :argo-cd-bundle:v2.7.7 \ --to-repo :argo-cd-bundle

Slide 29

Slide 29 text

6. Package Management @vitalethomas

Slide 30

Slide 30 text

@vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment 5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

Slide 31

Slide 31 text

Working with Packages Kubernetes-native implementation with Carvel @vitalethomas Template/Patch Apply templates and overlays (ytt and kbld). 2 Deploy Deploy the resulting application (kapp). 3 Fetch Fetch con fi guration bundle and OCI images (vendir). 1

Slide 32

Slide 32 text

@vitalethomas apiVersion: data.packaging.carvel.dev/v1alpha1 kind: Package metadata: name: argo-cd.thomasvitale.dev.2.7.7 spec: refName: argo-cd.thomasvitale.dev template: spec: deploy: - kapp: {} fetch: - imgpkgBundle: image: ghcr.io/thomasvitale/argo-cd-package-demo@sha256:600b566703… template: - ytt: paths: - config - kbld: paths: - '-' - .imgpkg/images.yml version: 2.7.7 1 2 3

Slide 33

Slide 33 text

kapp-controller Package management @vitalethomas Continuous deployment via GitOps Automated work fl ow to build packages Kubernetes-native package management Package and distribute platforms Support multiple sources and con fi guration tools

Slide 34

Slide 34 text

Implement and release a package Kubernetes-native implementation with Carvel @vitalethomas $ kctrl package init $ kctrl package release Bootstrap package Release package Package Metadata Non version-speci fi c attributes describing a package. CRD Package Versioned combination of con fi guration and OCI images. CRD

Slide 35

Slide 35 text

Release a package repository Kubernetes-native implementation with Carvel @vitalethomas $ kctrl package repo release Release package repository Package Repository A collection of packages and their metadata. CRD

Slide 36

Slide 36 text

Install a package in a cluster Kubernetes-native implementation with Carvel @vitalethomas $ kctrl package repo add Add package repository to cluster $ kctrl package install Install package in a cluster Package Install Installation of a package instance in a cluster. CRD

Slide 37

Slide 37 text

7. Platform @vitalethomas

Slide 38

Slide 38 text

@vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment 5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

Slide 39

Slide 39 text

Cloud Native Platform in 3 Steps Composable platform with Carvel @vitalethomas $ kapp deploy -a kapp-controller -y \ -f https://github.com/carvel-dev/kapp-controller/releases/latest/download/release.yml 1. Deploy kapp-controller $ kctrl package repository add -r kadras-packages \ --url ghcr.io/kadras-io/kadras-packages:0.12.0 \ -n kadras-packages --create-namespace 2. Add package repository $ kctrl package install -i engineering-platform \ -p engineering-platform.packages.kadras.io \ -v 0.10.0 \ -n kadras-packages \ --values-file values.yml 3. Install platform

Slide 40

Slide 40 text

Bonus. Secrets Management @vitalethomas

Slide 41

Slide 41 text

secretgen-controller Secrets management @vitalethomas Generate credentials and keys Automated distribution of image pull Secrets across namespaces Export and import Secrets across namespaces

Slide 42

Slide 42 text

@vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment 5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

Slide 43

Slide 43 text

thomasvitale.com @vitalethomas https://tag-app-delivery.cncf.io/whitepapers/platforms @vitalethomas

Slide 44

Slide 44 text

Resources @vitalethomas

Slide 45

Slide 45 text

Resources Source code on GitHub • Carvel 101 - Streamline Your Kubernetes Work fl ows • Enlightning: Carvel Tools and kapp-controller • Stop forking Helm charts and use Carvel ytt • Carvel kapp: kubectl on steroids • Kubernetes package management with Carvel • Carvel as a uni fi ed package manager for Kubernetes • Kadras: Cloud Native Platforms Toolkit @vitalethomas

Slide 46

Slide 46 text

https://github.com/kadras-io

Slide 47

Slide 47 text

Thomas Vitale KCD Munich July 18th, 2023 Supercharge Your Kubernetes Platform With Carvel @vitalethomas