Slide 1

Slide 1 text

GitOps Survival Guide Kubernetes Edition Julio Faerman @faermanj

Slide 2

Slide 2 text

IMAGE HERE Continuous Delivery Fast feedback loops, agile innovation, evolutionary architectures and more. ● Developers build with Git[Hub, Lab] ● Git triggers events ● Pipeline builds and tests artifacts ● Resources are provisioned ● Changes get deployed ● Reliable rollout ● Cleanup underutilized resources

Slide 3

Slide 3 text

IMAGE HERE Not so simple… ● How many “Clouds” and when? ● Where are the “lock-ins”? ● How many clusters? ● How to build it? ● Is it well-architected? ● How to manage the database? ● How to keep it all safe? ● … “Do what you can, with what you’ve got, where you are.” Squire Bill Widener

Slide 4

Slide 4 text

CONFIDENTIAL designator V0000000 Is this cloud computing?

Slide 5

Slide 5 text

CONFIDENTIAL designator V0000000 Is this cloud? 5 Source: https://i.redd.it/8v9fopt6wlx31.jpg Is this cloud too?

Slide 6

Slide 6 text

CONFIDENTIAL designator V0000000 Is this cloud? 6 Source: https://i.redd.it/8v9fopt6wlx31.jpg What about those?

Slide 7

Slide 7 text

IMAGE HERE Kubernetes “end to end”?

Slide 8

Slide 8 text

CONFIDENTIAL designator V0000000

Slide 9

Slide 9 text

IMAGE HERE Red Hat OpenShift on * https://caravana.cloud/projetos

Slide 10

Slide 10 text

IMAGE HERE Red Hat OpenShift on * https://caravana.cloud/projetos

Slide 11

Slide 11 text

IMAGE HERE Red Hat OpenShift on * https://caravana.cloud/projetos

Slide 12

Slide 12 text

https://learnk8s.io/research

Slide 13

Slide 13 text

IMAGE HERE Well-Architected? ● Security ● Reliability ● Performance ● Costs ● Operational Visibility

Slide 14

Slide 14 text

CONFIDENTIAL designator V0000000 14 bV Evolutionary vs Well-Architected

Slide 15

Slide 15 text

IMAGE HERE The Usual Suspects Security is a shared responsibility Demonstrate reliability by testing Keep collaboration through Git “There is nothing new in the world except the history you do not know.” Harry S Truman

Slide 16

Slide 16 text

CONFIDENTIAL designator V0000000 / Evolutionary vs Well-Architected /

Slide 17

Slide 17 text

IMAGE HERE Auto-deployment vs. Auto-provisioning

Slide 18

Slide 18 text

IMAGE HERE Immutable Infrastructure ● Reduced, authentication, authorization and auditing ● As reliable as yesterday ● Push to prod from day 1 ● Simpler rollbacks ● Agile innovation ● Not necessarily more expensive ● Brings “Infrastructure as Code”

Slide 19

Slide 19 text

Immutable > Blue/Green > Canary > Circle

Slide 20

Slide 20 text

Database Migrations

Slide 21

Slide 21 text

IMAGE HERE Tiered Ops Database -> Maintenance Window API -> On Release APP -> Weekly CDN -> Never

Slide 22

Slide 22 text

Multi-Cluster Design & Management Tier or Purpose DB, Network, Storage, Compute ... Grade or Data Development, Staging, Pre-prod, Prod, Decommissioned, ... Circle Employees, Beta, Premium, RC, GA, ... 1 2 3

Slide 23

Slide 23 text

CONFIDENTIAL designator V0000000 The Paradox of Choice

Slide 24

Slide 24 text

IMAGE HERE It starts with shell and yaml… https://caravana.cloud/coding-interviews

Slide 25

Slide 25 text

IMAGE HERE Infrastructure as Code & Terraform ● Built on Git ● Declarative ● Repeatable ● Extensible ● Composable ● Partially Managed ● Fully Managed

Slide 26

Slide 26 text

IMAGE HERE Collaboration with Branches, PRs, Threads &+! https://caravana.cloud/projetos

Slide 27

Slide 27 text

IMAGE HERE Pipelines, Builders & GitHub Actions scheduled workflow_dispatch repository_dispatch check_run check_suite create delete deployment deployment_status discussion discussion_comment fork follum issue_comment issues label milestone page_build project project_card project_column public pull_request pull_request_review pull_request_review_comment pull_request_target push registry_package release status watch workflow_run

Slide 28

Slide 28 text

IMAGE HERE Managing Configuration Naming Conventions git checkout -b prod/env2020 Environment Variables ENV_NAME=prod/env2020 Repository Content infra/prod/env2020.yaml Separate Repository https://github.com/acme/private-repo/blob/main/ infra/prod/env2020.yaml Secrets are Special GitHub Secrets Hashicorp Vault AWS Systems Manager

Slide 29

Slide 29 text

CONFIDENTIAL designator V0000000 Observability Metrics Logs Alarms Events Traces

Slide 30

Slide 30 text

CONFIDENTIAL designator V0000000 Fault Tolerance at Netflix

Slide 31

Slide 31 text

CONFIDENTIAL designator V0000000

Slide 32

Slide 32 text

IMAGE HERE Operator Maturity Model https://caravana.cloud/coding-interviews

Slide 33

Slide 33 text

So, GitOps... Infrastructure as Code Manage infrastructure operations as if it was code, using tools and process from software development. Collaborate through Git Use commands, tools and services from Git as a source of code and events. Continuous Delivery Separate deploy and release, releasing frequently and confidently, by deep automation and testing. 1 2 3

Slide 34

Slide 34 text

CONFIDENTIAL designator V0000000 learn.openshift.com

Slide 35

Slide 35 text

References Red Hacks https://dev.to/redhacks Awesome Kubernetes https://redhatspain.com Learn OpenShift GitOps https://learn.openshift.com/gitops/ Learn k8s https://learnk8s.io/

Slide 36

Slide 36 text

🙏 ❤ Julio Faerman @faermanj

Slide 37

Slide 37 text

IMAGE HERE GitOps Blueprints https://caravana.cloud

Slide 38

Slide 38 text

CONFIDENTIAL designator V0000000

Slide 39

Slide 39 text

CONFIDENTIAL designator V0000000

Slide 40

Slide 40 text

IMAGE HERE Here, there and everywhere; Distributed teams, tools and culture

Slide 41

Slide 41 text

IMAGE HERE OKD https://caravana.cloud/projetos

Slide 42

Slide 42 text

IMAGE HERE Red Hat OpenShift Platform Plus