Tweet
Tweet

Slide 1

Slide 1 text

AKS LifeCycle withGitHub Action (Praparn Lueangphoonlap)

Slide 2

Slide 2 text

Agenda • Rising of cloud-manage for Kubernetes • GitHub Action for any XKS o Purpose of Project o Architecture Design • AKS Cluster o Credential as prerequisites o Feature on project • Demo session • Q&A

Slide 3

Slide 3 text

Git Resource • https://github.com/praparn/github-action-x-any-xks K8S Lifecycle with Github Action

Slide 4

Slide 4 text

Reference • Azure AKS Cluster • AWS EKS Cluster • Google GKE Cluster • Huawei Cloud Container Service • GitHub Action with Terraform • Terraform AKS • Etc. K8S Lifecycle with Github Action

Slide 5

Slide 5 text

Rising of cloud-manage for Kubernetes

Slide 6

Slide 6 text

K8S Lifecycle with Github Action Ref: https://www.datadoghq.com/container-report/

Slide 7

Slide 7 text

K8S Lifecycle with Github Action Ref: https://www.datadoghq.com/container-report/

Slide 8

Slide 8 text

K8S Lifecycle with Github Action Ref: https://www.datadoghq.com/container-report/

Slide 9

Slide 9 text

K8S Lifecycle with Github Action Ref: https://www.datadoghq.com/container-report/

Slide 10

Slide 10 text

GitHub Action for Any XKS

Slide 11

Slide 11 text

Purpose of Project • Kubernetes on cloud provider (Kubernetes as service) is on every where. • Each cloud provider have specific architecture and solution for manage their cloud provider • This make complicate for implementor /developer/ devops/etc for handle multiple skill-set and lifecycle… o Create/Destroy cluster on cloud environment o Hardening / Tuning cluster • Upgrade Kubernetes version • Network plugin/policy • Network range for pods/cluster • Sysctl o Integrated with facilities on cloud o Scaling workload (Increase/Decrease/Autoscale etc) o etc. K8S Lifecycle with Github Action

Slide 12

Slide 12 text

Purpose of Project • For our project have main purpose for reduce this complicate for each cloud provider and make all contribute to leverage any “XKS” with simple standard • Project is integrated with “Terraform” framework for operate IaC (infrastructure as code) and make same standard on project • For make it automation part. To make this project help for provision kubernetes cluster automatic. We choose “Github Action” as build-in on repository. So this will effort less for operation • All credential was keep in “GitHub Secret” and run via github action. So we not leak any credential to outside K8S Lifecycle with Github Action

Slide 13

Slide 13 text

Purpose of Project • Project will target for handle all Kubernetes platform in cloud provider K8S Lifecycle with Github Action

Slide 14

Slide 14 text

Purpose of Project • Contributor can clone repository (to private repository) and configure properties that need (include credential). After that just push code to your repository and tag “xxxx” and… done !!! K8S Lifecycle with Github Action

Slide 15

Slide 15 text

Purpose of Project K8S Lifecycle with Github Action Contributor https://github.com/praparn/github-action-x-any-xks Master Repo Step1: Git clone (private repository) AKS EKS GKE CCE etc. Step2: Configure properties and Credential Step3: Commit and Push with specific “Tags” Cloud Provider Step4: Github Action will run terraform to create K8S Step5: Cluster was created Developer/ Application Owner Step6: Access cluster and operate

Slide 16

Slide 16 text

Architecture Design K8S Lifecycle with Github Action AKS EKS GKE CCE etc. Step1: Create space for housing terraform “state file” Step2: Terraform was configure remote state file as create Step3: Run terraform for create/modify/delete cluster as design Developer/ Application Owner GitHub Secret …… Cloud Provider State File Runner will active with “Tag” ● “xxx-init-env**” (create state file location) ● “xxx-cluster-create**” (create cluster) ● “xxx-cluster-modify**” (modify cluster) ● “xxx-cluster-destroy**” (destroy cluster) ● “xxx-destroy-env**” (destroy state file location)

Slide 17

Slide 17 text

Architecture Design K8S Lifecycle with Github Action Ref:https://medium.com/devops-mojo/terraform-remote-states-overview-what-is-terraform-remote-state-storage-i ntroduction-936223a0e9d0

Slide 18

Slide 18 text

AKS Cluster

Slide 19

Slide 19 text

Credential as prerequisites • {AZURE_CREDENTIALS}: Store output in JSON format of your service principle. If you not yet to create service principal. Please follow this KB Azure Service Principal { "clientId": "", "clientSecret": "", "subscriptionId": "", "tenantId": "", (...) } • {AZURE_CLIENT_ID}: Input client id (You can check this from "{AZURE_CREDENTIALS}") • {AZURE_CLIENT_SECRET}: Input client secret id (You can check this from "{AZURE_CREDENTIALS}") K8S Lifecycle with Github Action

Slide 20

Slide 20 text

Credential as prerequisites • {AZURE_SUBSCRIPTION_ID}: Input subscription id (You can check this from "{AZURE_CREDENTIALS}") • {AZURE_TENANT_ID}: Input tanant id (You can check this from "{AZURE_CREDENTIALS}") • {AZURE_REGION}: Input your region on portal. Ex:"eastasia" Region code • {AZURE_RESOURCEGROUP}: Input your resource group name for create other elements • {AZURE_STORAGEACCOUNT}: Input your storage account name for keep terraform state on portal. Remark: Storage account name must be between 3 and 24 characters in length and use numbers and lower-case letters only K8S Lifecycle with Github Action

Slide 21

Slide 21 text

Credential as prerequisites • {AZURE_CLUSTERNAME}: Input your AKS cluster name K8S Lifecycle with Github Action

Slide 22

Slide 22 text

Feature on Project • Full life-cycle for AKS cluster with gitHub action • Init-Environment: o Create “resource group” for reference of all element in Azure portal o Create “storage account” for housing file o Create “tfstate” on storage account • Init-Cluster: o Create “Log analytic” o Create “Virtual network” and “Subnet” o Create “EKS” cluster with custom configuration o Create “Ingress Application Gateway” for application o Export credential of Kubernetes to file “aks-config” and commit back to git repository o o Deploy demo application for test cluster K8S Lifecycle with Github Action

Slide 23

Slide 23 text

Feature on Project • Modify-Cluster: o Upgrade Kubernetes version o Increase/Decrease worker node o Cluster autoscaling feature o Custom configuration o etc. • Destroy-Cluster: o Delete AKS and resource related • Destroy-Environment: o Delete tfstate and blob storage o Delete resource group K8S Lifecycle with Github Action

Slide 24

Slide 24 text

Feature on Project (Custom Config) K8S Lifecycle with Github Action

Slide 25

Slide 25 text

Feature on Project (Custom Config) K8S Lifecycle with Github Action

Slide 26

Slide 26 text

Feature on Project (Custom Config) K8S Lifecycle with Github Action

Slide 27

Slide 27 text

Feature on Project (Custom Config) K8S Lifecycle with Github Action

Slide 28

Slide 28 text

Demo Session K8S Lifecycle with Github Action

Slide 29

Slide 29 text

Init Environment K8S Lifecycle with Github Action

Slide 30

Slide 30 text

Create Cluster K8S Lifecycle with Github Action

Slide 31

Slide 31 text

Modify Cluster K8S Lifecycle with Github Action

Slide 32

Slide 32 text

Destroy Cluster K8S Lifecycle with Github Action

Slide 33

Slide 33 text

Destroy Environment K8S Lifecycle with Github Action

Slide 34

Slide 34 text

Q&A K8S Lifecycle with Github Action

Slide 35

Slide 35 text

Thanks You