Slide 1

Slide 1 text

Continuous Delivery to Kubernetes DEPLOYMENT INTERFACES Lothar Schulz @lothar_schulz Continuous Lifecycle 2018-11-15

Slide 2

Slide 2 text

2 WE ARE CONSTANTLY INNOVATING TECHNOLOGY HOME-BREWED, CUTTING-EDGE & SCALABLE technology solutions ~ 2,000 employees from tech locations (HQs in Berlin) 7 77 nations revenue 2017 ~ 4.5billion EUR

Slide 3

Slide 3 text

3

Slide 4

Slide 4 text

4 Me Engineering Lead at Zalando Code ● https://github.com/zalando ● https://github.com/lotharschulz @lothar_schulz lotharschulz.info

Slide 5

Slide 5 text

5 CI/CD @ ZALANDO STUPS (toolset around AWS) Kubernetes Lizzy & CloudLobster Lizzy

Slide 6

Slide 6 text

6 Deployment Format

Slide 7

Slide 7 text

7 Dependency $ cat Dockerfile # "latest" will be used when --build-arg is omitted ARG BASE_IMAGE_VERSION=latest FROM registry.opensource.zalan.do/stups/python: ${BASE_IMAGE_VERSION} …

Slide 8

Slide 8 text

8 Deployment & Integration descriptor ~/zalando/dev/ghe-backup-deploy on master $ filetree README.md delivery.yaml deploy |-deploy apply |---apply kube|secret.yaml statefulset.yaml

Slide 9

Slide 9 text

9 Trigger

Slide 10

Slide 10 text

10 SCM integration - ….

Slide 11

Slide 11 text

11 Compliance In general, compliance means conforming to a rule, such as a specification, policy, standard or law. https://en.wikipedia.org/wiki/Regulatory_compliance

Slide 12

Slide 12 text

12 Tests $ cat delivery.yaml version: "2017-09-20" ….. - desc: "run tests" cmd: | nosetests -w python

Slide 13

Slide 13 text

13 Credentials $ cat delivery.yaml version: "2017-09-20" - desc: "build and push docker images" cmd: | PIERONE_NAMESPACE=pierone.stups.zalan.do/machinery BASE_IMAGE=$PIERONE_NAMESPACE/ghe-backup IMAGE=$BASE_IMAGE:cdp-${CDP_BUILD_VERSION} CACHE_IMAGE=$BASE_IMAGE:latest docker build --cache-from $CACHE_IMAGE -t $CACHE_IMAGE -t $IMAGE -f Dockerfile . if [ -z "$CDP_PULL_REQUEST_NUMBER" ]; then docker push $IMAGE echo "$IMAGE pushed" else ... fi

Slide 14

Slide 14 text

14 Build AWS Credentials & Setup Continuous Delivery to Kubernetes at Zalando CICD-Meetup 20170920 source code management system Controller code change trigger Builder Proxy Docker Registry Worker VMs token injection schedules and monitors tasks source code checkout task execution image upload

Slide 15

Slide 15 text

15 Build AWS Credentials & Setup Continuous Delivery to Kubernetes at Zalando CICD-Meetup 20170920 source code management system Controller code change trigger Builder Proxy Docker Registry Worker VMs token injection schedules and monitors tasks source code checkout task execution image upload

Slide 16

Slide 16 text

16 Git Branches & Pull Requests Builds branch 1 branch 2

Slide 17

Slide 17 text

17 Git Branches & Pull Requests Builds branch 1 branch 2 Poll PR until mergeable is true https://developer.github.com/v3/pulls/#response-1 https://developer.github.com/v3/git/#checking-mergeability-of-pull-requests

Slide 18

Slide 18 text

18 Git Branches & Pull Requests Builds branch 1 branch 2 reference is not a tree reference ?

Slide 19

Slide 19 text

19 Git Branches & Pull Requests Builds branch 1 branch 2 commits without reference can’t be accessed https://developer.github.com/v3/git/refs/#create-a-reference

Slide 20

Slide 20 text

20 Git Branches & Pull Requests Builds branch 1 branch 2 merge A & B in worker VMs/nodes A B

Slide 21

Slide 21 text

21 Hands off operations $ zkubectl get po | grep cdp-controller cdp-controller-7985fd799f-4jpbz cdp-controller-7985fd799f-rgpf8

Slide 22

Slide 22 text

22 Traffic https://github.com/zalando-incubator/stackset-controller

Slide 23

Slide 23 text

23 polling must die Don’t call us, we notify you.

Slide 24

Slide 24 text

24 AWS S3 control access via IAM roles provision roles in AWS accounts change request cache control headers object store

Slide 25

Slide 25 text

25 • creates git repository • configures zappr • creates a deployment descriptor • can create K8s manifests • deploys app to test cluster • creates default monitoring repository creator

Slide 26

Slide 26 text

26 Support round robin

Slide 27

Slide 27 text

27 Culture Focus on single customer group Autonomy doesn’t work without a corresponding accountability model End to End Ownership Autonomy has to be learned and earned

Slide 28

Slide 28 text

28 Culture

Slide 29

Slide 29 text

29 - build https://github.com/zalando/ghe-backup - delivery.yaml - deploy to k8s with Github Enterprise feedback - delivery.yaml - I’m sure you have questions https://www.flickr.com/photos/eyecatcherfotosde/2539793798 @lothar_schulz lotharschulz.info