Git based application deployment patterns for Kubernetes Git ❤ K8s 

Shahidh K Muhammed @shahidh_k 

Git ● Distributed version control system ● Manage source code ● Any text files can be tracked ● Collaboration 

Git - Source of Truth ● Infrastructure as Code ○ Terraform, CloudFormation ● System Configuration as Code ○ Ansible ○ Chef ○ Puppet ● Application Configuration as Code ○ Kubernetes ○ Hasura ● Application Source Code 

Ops ● Configure, build, test, deploy ● CI/CD ● Monitor, fix ● Upgrades ● Rollbacks ● Automation 

GitOps ● Stable surface (tooling abstraction) for developers ● Things change under this surface ● Git as the boundary ● Everything should be declarative ● Driving DevOps through Git ● Reduced toolset, Complete extensibility ● Everything as Code - Kuberentes 

Approach ● Stable surface (tooling abstraction) for developers ● Without restricting the ability of the operators to interface with infrastructure or to enforce controls and release processes. ● "Below" this stable surface operators change plumbing ● "Above" this surface developers use consistent tooling 

Git as the boundary ● For a developer, Git is the perfect tool for creating a "stable" boundary. ● Git-hooks on the client-side/server-side ● Webhook integrations offered by centralised git-hosting providers (github, bitbucket etc) ● Constraint: ○ git-hooks and webhooks can only make use of information inside the git repository ○ or the environment that the git-hook/webhook runs in ● Key constraint: Everything must become declarative. 

Everything must become declarative Declarative tools ❤ Git 

Git push to deploy ● Comfortable and known workflow for developers ● Given everything is declarative, Git is the only tool a developer need to drive DevOps tasks 

GitOps - particular way of driving DevOps with Git 

GitOps - Benefits ● Reduced toolset ○ Developers only need to use git for all DevOps tasks ● Complete extensibility ○ git-hooks and webhooks allow for infinite customisation and tooling to be implemented by operators without affecting the developer workflow in the slightest 

GitOps - a checklist Developers ● Declarative microservice runtime: Dockerfile ● Declarative environment configuration: Kubernetes PodSpec ● Declarative stateful actions: Jobs as containers, migration files 

GitOps - a checklist Operators ● Programmable git-remote/webhook listener on the cluster ● Declarative infrastructure requirements: CloudFormation, Terraform ● Declarative deployment: Kubernetes DeploymentSpec ● Declarative tests - run as jobs in a pipeline triggered by a webhook or git-hooks ● Implement CI/CD tasks automation in git-hooks ● Implement deployment of stateful tasks like database migrations ● Monorepo or a config repo - configuration, integration tests for the application are stored ● Store secrets/tokens as references to actual values on the Kubernetes cluster, or a vault 

Everything as Code 

GitOps on Kubernetes ● Setting up a git-remote that can receive git events or webhooks: Gitkube.sh: git push to your kubernetes cluster to build and deploy docker images ● Synchronising state in git repo with state on a kubernetes cluster: Flux: A controller running on a kubernetes cluster that synchronises the declarative spec in the git repo with the state of the kubernetes cluster ● Setting up git-hooks for running stateful migrations: Hasura: A CLI that sets up git-hooks on the local and remote git that can apply configuration, database migrations and can build/deploy docker images via git events. 

No content

Gitkube - Architecture 

Demo ● Gitkube ● GitOps at Hasura: ○ Deploying applications ○ Changing subdomain ○ Add a new domain ○ Database migrations 

Shahidh K Muhammed @shahidh_k Thanks for listening! Questions?