Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GitOpsで実現するPull Request毎のプレビュー環境/Preview environment for each Pull Request by GitOps

Takuma Kume
September 28, 2021
Technology
0
1.1k

GitOpsで実現するPull Request毎のプレビュー環境/Preview environment for each Pull Request by GitOps

Takuma Kume

September 28, 2021
Tweet

More Decks by Takuma Kume

See All by Takuma Kume
ホモグラフドメインを検出してみた/detect homograph domain
takumakume
0
230
ソフトウェアの継続的アップデートをコンテナ化によって加速させる/Accelerate continuous software updates with containerization
takumakume
0
4k
KubernetesにおけるSBOMを利用した脆弱性管理/Vulnerability_Management_with_SBOM_in_Kubernetes
takumakume
0
1.2k
ホスティング事業におけるSREの取り組みとSREの面白さ/SRE Efforts in the Hosting Business and the Interest of SRE
takumakume
1
1.3k
Goでkubernetes operatorを実装してアプリのプレビュー環境を作る/go-kubernetes-operator
takumakume
0
130
クラウドネイティブな開発環境への移行/Move to the cloud native development environment
takumakume
1
500
200万ドメインを超えるレンタルサーバのコンテンツキャッシュ機能の裏側/2_million_more_than_the_domain_the_back_of_the_rental_server_content_cache
takumakume
10
2.6k
DDoS攻撃との終わりなき戦い/endless_battle_with_ddos_attack
takumakume
5
12k
toward_systematization_of_linux_trace_tool
takumakume
0
130

Other Decks in Technology

See All in Technology
On Your Data を超えていく!
hirotomotaguchi
2
680
プラットフォームってつくることより計測することが重要なんじゃないかという話 / Platform Engineering Meetup #8
taishin
1
360
ココがすごいぜ!Playwright Component Test
rakus_fe
0
130
サーバー間 GraphQL と webmock-graphql の話 / server-to-server graphql and webmock-graphql
qsona
2
190
[新卒向け研修資料] テスト文字列に「うんこ」と入れるな(2024年版)
infiniteloop_inc
4
14k
Building Dashboards as a Hobby
egmc
0
180
Vertex AI を中心に 生成AIのアップデートを共有します
kaz1437
0
310
JSON攻略法.pdf
miyakemito
8
5k
SIEMを用いて、セキュリティログ分析の可視化と分析を実現し、PDCAサイクルを回してみた
coconala_engineer
0
300
オーナーシップを持つ領域を明確にする
konifar
13
3.2k
20分で完全に理解するGrafanaダッシュボード
hamadakoji
3
600
エンジニアのキャリアをちょっと楽しくする3本の軸/Three Pillars to Make an Engineer's Career More Enjoyable
kwappa
0
2.7k

Featured

See All Featured
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k
GraphQLの誤解/rethinking-graphql
sonatard
50
9.2k
Designing for humans not robots
tammielis
248
25k
4 Signs Your Business is Dying
shpigford
175
21k
Robots, Beer and Maslow
schacon
PRO
155
7.9k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
6
1.5k
Design by the Numbers
sachag
274
18k
Building Effective Engineering Teams - LeadDev
addyosmani
28
1.8k
Building Flexible Design Systems
yeseniaperezcruz
319
37k
How STYLIGHT went responsive
nonsquared
92
4.8k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
14
1.5k
The Invisible Side of Design
smashingmag
294
49k

Transcript

  1. 1FQBCP5FDI$POGFSFODF (JU0QTͰ࣮ݱ͢Δ1VMM3FRVFTUຖͷ ϓϨϏϡʔ؀ڥ

  2. (.0ϖύϘגࣜձࣾ ϗεςΟϯάࣄۀ෦ 43&νʔϜ ࠷ۙ΍͍ͬͯΔ͜ͱ ΞϓϦͷίϯςφԽLTͷಋೖ $%։ൃମݧͷ޲্ ٱถ୓അ!UBLVNBLVNF

  3. ࠓճ঺հ͢Δ΋ͷ ΞϓϦέʔγϣϯ ϦϙδτϦ LVCFSOFUFT Ϋϥελ Branch-A Branch-B Branch-A Branch-B 13࡞੒

    13࡞੒ branch-a.example.com branch-b.example.com (JU0QTͰ࣮ݱ͢Δ1VMM3FRVFTUຖͷϓϨϏϡʔ؀ڥ

  4. ໨࣍ w։ൃܦҢ wϓϨϏϡʔ؀ڥͷղઆ wࠓޙͷ՝୊ w·ͱΊ

  5. ։ൃܦҢ

  6. ։ൃܦҢ wϦϦʔεલʹڞ༻ͷTUBHJOH؀ڥʹΞϓϦέʔγϣϯΛσϓϩΠ ͯ͠ಈ࡞֬ೝΛߦ͏։ൃϑϩʔʹ͓͚Δ՝୊ w౎౓σϓϩΠߦҝ͕ඞཁͰखؒͰ͋Δ w؀ڥ͸਺ʹݶΓ͕͋Γɺར༻଴͕ͪൃੜ͢Δ͜ͱ͕͋Δ wڞ༻Ώ͑ʹɺ؀ڥΛҰ࣌తʹઐ༗͢Δ͜ͱʹਫ਼ਆతϋʔυϧ͕ ͋Δ

  7. 1VMM3FRVFTUຖʹ؀ڥΛ ੜ੒͢Δ͜ͱͰ՝୊ղܾΛ͢Δ

  8. ΞϓϦέʔγϣϯ ϦϙδτϦ LVCFSOFUFT Ϋϥελ Branch-A Branch-B Branch-A Branch-B 13࡞੒ 13࡞੒

    branch-a.example.com branch-b.example.com ϓϨϏϡʔ؀ڥͷղઆ

  9. ϓϨϏϡʔ؀ڥͷղઆɿલఏ "QQ3FQP 4ZTUFN.BOJGFTUT3FQP $POUBJOFS3FHJTUSZ ,VCFSOFUFT$MVTUFS ιʔείʔυ LVCFSOFUFTNBOJGFTUT LVCFSOFUFTNBOJGFTUT "SHP$% ֤"QQ3FQPͷ"SHP$%$POpH

    *OHSFTT$POUSPMMFSʜ ArgoCD ΞϓϦͷίϯςφΠϝʔδ ArgoCD Image Updater "SHP$%ͰNBOJGFTUTͷ$%Λ͍ͯ͠Δ "SHP$%*NBHF6QEBUFSͰΠϝʔδͷ $%Λ͍ͯ͠Δ ϓϨϏϡʔ؀ڥͷղઆͷલʹɺϦϙδτϦͷߏ੒ͱ$%ʹ͍ͭͯ

  10. ϓϨϏϡʔ؀ڥͷղઆɿશମ૾ "QQ3FQP 4ZTUFN.BOJGFTUT3FQP $POUBJOFS3FHJTUSZ ,VCFSOFUFT$MVTUFS Github Actions branch-a Github Actions

    13࡞੒ App Image ίϯςφΠϝʔδͷ#VJME1VTI SFQPTJUPSZ@EJTQBUDI 13τϦΨʔͰΠϝʔδͷϏϧυͱ"SHP$%ͷઃఆΛੜ੒͢Δ CSBODIB༻ͷ"SHP$%ͷઃఆΛੜ੒ HJUDPNNJUQVTI

  11. ϓϨϏϡʔ؀ڥͷղઆɿશମ૾ "QQ3FQP 4ZTUFN.BOJGFTUT3FQP $POUBJOFS3FHJTUSZ ,VCFSOFUFT$MVTUFS Github Actions branch-a Github Actions

    13࡞੒ App Image ίϯςφΠϝʔδͷ#VJME1VTI SFQPTJUPSZ@EJTQBUDI CSBODIB༻ͷ"SHP$%ͷઃఆΛੜ੒ "SHP$%͕ݕ஌͠ϒϥϯνͷ؀ڥΛσϓϩΠ͢Δ ArgoCD CSBODIBͷ؀ڥΛੜ੒ BQQCSBODIB CSBODIB༻ͷ"SHP$%ͷઃఆΛ"QQMZ CSBODIBͷNBOJGFTUTͷಉظΛ։࢝ %FQMPZNFOU 4FSWJDFʜ มߋΛݕ஌ HJUDPNNJUQVTI

  12. ϓϨϏϡʔ؀ڥͷղઆɿશମ૾ "QQ3FQP 4ZTUFN.BOJGFTUT3FQP $POUBJOFS3FHJTUSZ ,VCFSOFUFT$MVTUFS Github Actions branch-a Github Actions

    13࡞੒ App Image ίϯςφΠϝʔδͷ#VJME1VTI SFQPTJUPSZ@EJTQBUDI CSBODIB༻ͷ"SHP$%ͷઃఆΛੜ੒ "SHP$%*NBHF6QEBUFSͰ࠷৽ͷΠϝʔδΛద༻͢Δ ArgoCD มߋΛݕ஌ CSBODIBͷ؀ڥΛੜ੒ BQQCSBODIB CSBODIB༻ͷ"SHP$%ͷઃఆΛ"QQMZ CSBODIBͷNBOJGFTUTͷಉظΛ։࢝ %FQMPZNFOU 4FSWJDFʜ ArgoCD Image Updater ࠷৽ͷΠϝʔδΛద༻͢Δ มߋΛݕ஌ ίϯςφΠϝʔδͷ#VJME1VTI ϒϥϯν΁1VTI͢Δ౓ʹ࣮ߦ HJUDPNNJUQVTI

  13. ϓϨϏϡʔ؀ڥͷղઆɿશମ૾ "QQ3FQP 4ZTUFN.BOJGFTUT3FQP $POUBJOFS3FHJTUSZ ,VCFSOFUFT$MVTUFS Github Actions branch-a Github Actions

    13࡞੒ App Image ίϯςφΠϝʔδͷ#VJME1VTI SFQPTJUPSZ@EJTQBUDI CSBODIB༻ͷ"SHP$%ͷઃఆΛੜ੒ ArgoCD มߋΛݕ஌ CSBODIBͷ؀ڥΛੜ੒ BQQCSBODIB CSBODIB༻ͷ"SHP$%ͷઃఆΛ"QQMZ CSBODIBͷNBOJGFTUTͷಉظΛ։࢝ %FQMPZNFOU 4FSWJDFʜ ArgoCD Image Updater ࠷৽ͷΠϝʔδΛద༻͢Δ มߋΛݕ஌ ίϯςφΠϝʔδͷ#VJME1VTI HJUDPNNJUQVTI

  14. ϓϨϏϡʔ؀ڥͷղઆɿશମ૾ wҰݟෳࡶʹݟ͑Δ͕ʜ w13τϦΨʔͰ(JUIVC"DUJPOTΛ࢖ͬͯɺ"SHP$%ͷઃఆΛࣗಈ ੜ੒ͯ͠ϦϙδτϦʹ1VTI͍ͯ͠Δ wͦΕҎ֎͸ɺ"SHP$%΍*NBHF6QEBUFS͕΍ͬͯ͘ΕΔ

  15. "SHP$%ͷઃఆͷੜ੒ "QQ3FQP 4ZTUFN.BOJGFTUT3FQP $POUBJOFS3FHJTUSZ ,VCFSOFUFT$MVTUFS Github Actions branch-a Github Actions

    13࡞੒ App Image ίϯςφΠϝʔδͷ#VJME1VTI SFQPTJUPSZ@EJTQBUDI CSBODIB༻ͷ"SHP$%ͷઃఆΛੜ੒ ArgoCD มߋΛݕ஌ CSBODIBͷ؀ڥΛੜ੒ BQQCSBODIB CSBODIB༻ͷ"SHP$%ͷઃఆΛ"QQMZ CSBODIBͷNBOJGFTUTͷಉظΛ։࢝ %FQMPZNFOU 4FSWJDFʜ ArgoCD Image Updater ࠷৽ͷΠϝʔδΛద༻͢Δ มߋΛݕ஌ ίϯςφΠϝʔδͷ#VJME1VTI HJUDPNNJUQVTI

  16. "SHP$%ͷઃఆͷੜ੒ wBSHPDEBENJOBQQHFOFSBUFTQFDίϚϯυͰઃఆΛੜ੒ͯ͠Ϧ ϙδτϦʹ1VTI͍ͯ͠Δ $ argocd admin app generate-spec sample-app-pr-1 \

    --dest-server https://kubernetes.default.svc \ --dest-namespace sample-app-pr-1 \ --path manifests/preview \ --repo https://github.com/takumakume/sample-app \ --revision branch-1 \ --sync-policy auto \ --sync-option Prune=true \ --sync-option CreateNamespace=true apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: sample-app-pr-1 spec: destination: namespace: sample-app-pr-1 server: https://kubernetes.default.svc source: path: manifests/preview repoURL: https://github.com/takumakume/sample-app targetRevision: branch-1 syncPolicy: … wੜ੒ʹඞཁͳύϥϝʔλΛ(JUIVC"DUJPOͰ౉͍ͯ͠Δ sample-app-pr-1.yaml

  17. "SHP$%ͷઃఆͷੜ੒ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: sample-app-pr-1 spec: source:

    path: manifests/preview repoURL: https://github.com/takumakume/sample-app targetRevision: branch-1 destination: namespace: sample-app-pr-1 server: https://kubernetes.default.svc syncPolicy: - CreateNamespace=true … ϓϨϏϡʔ؀ڥͷNBOJGFTUTͷσ ΟϨΫτϦΛ 13ຖͷ/BNFTQBDFʹల։ /BNFTQBDF͸ࣗಈੜ੒ w୯ҰͷNBOJGFTUTΛ࢖֤ͬͯ13ͷ؀ڥΛએݴతʹੜ੒Ͱ͖Δ sample-app-pr-1.yaml

  18. "QQ*NBHFͷߋ৽ "QQ3FQP 4ZTUFN.BOJGFTUT3FQP $POUBJOFS3FHJTUSZ ,VCFSOFUFT$MVTUFS Github Actions branch-a Github Actions

    13࡞੒ App Image ίϯςφΠϝʔδͷ#VJME1VTI SFQPTJUPSZ@EJTQBUDI CSBODIB༻ͷ"SHP$%ͷઃఆΛੜ੒ ArgoCD มߋΛݕ஌ CSBODIBͷ؀ڥΛੜ੒ BQQCSBODIB CSBODIB༻ͷ"SHP$%ͷઃఆΛ"QQMZ CSBODIBͷNBOJGFTUTͷಉظΛ։࢝ %FQMPZNFOU 4FSWJDFʜ ArgoCD Image Updater ࠷৽ͷΠϝʔδΛద༻͢Δ มߋΛݕ஌ ίϯςφΠϝʔδͷ#VJME1VTI HJUDPNNJUQVTI

  19. "QQ*NBHFͷߋ৽ wϒϥϯνʹHJUQVTI͢Δ౓ʹɺ13൪߸ͱίϛοτϋογϡͰߏ ੒͞ΕΔλάΛ෇༩ͯ͠ΠϝʔδΛQVTI͍ͯ͠Δ wTBNQMFBQQQSFDFE w"SHP$%ͷઃఆΛੜ੒͢Δஈ֊Ͱ*NBHF6QEBUFSͷઃఆΛ෇༩ apiVersion: argoproj.io/v1alpha1 kind: Application metadata:

    name: sample-app-pr-1 annotations: argocd-image-updater.argoproj.io/image-list: sample-app=takumakume/sample-app:^pr-1 argocd-image-updater.argoproj.io/sample-app.update-strategy: latest argocd-image-updater.argoproj.io/sample-app.ignore-tags: latest argocd-image-updater.argoproj.io/sample-app.allow-tags: regexp:^pr-1-[0-9a-f]{5,40}$ ... ࠷৽ͷlQSίϛοτϋογϡzͳΠϝʔδΛద༻͢Δ

  20. ϓϨϏϡʔ؀ڥͷղઆɿ؀ڥͷ࡟আ "QQ3FQP 4ZTUFN.BOJGFTUT3FQP ,VCFSOFUFT$MVTUFS Github Actions Pull Request Github Actions

    $MPTFPS.FSHF SFQPTJUPSZ@EJTQBUDI CSBODIB༻ͷ"SHP$%ͷઃఆΛ࡟আ ArgoCD ࡟আΛݕ஌ CSBODIBͷ؀ڥΛ࡟আ BQQCSBODIB CSBODIB༻ͷ"SHP$%ͷઃఆΛ࡟আ %FQMPZNFOU 4FSWJDFʜ HJUDPNNJUQVTI apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: sample-app-pr-1 finalizers: - resources-finalizer.argocd.argoproj.io … "QQMJDBUJPOϦιʔε࡟আ࣌ʹͦͷ؀ڥΛ࡟আ͢Δ

  21. ϓϨϏϡʔ؀ڥͷղઆɿ؀ڥ΁ͷΞΫηε ΞϓϦέʔγϣϯ ϦϙδτϦ LVCFSOFUFT Ϋϥελ Branch-A Branch-B Branch-A Branch-B 13࡞੒

    13࡞੒ branch-a.example.com branch-b.example.com *OHSFTTΛ࢖ͬͯެ։͍ͯ͠Δ

  22. ϓϨϏϡʔ؀ڥͷղઆɿ؀ڥ΁ͷΞΫηε apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: app-ingress namespace: app

    spec: rules: - host: staging-app.example.com http: paths: - backend: service: name: app-svc port: number: 8080 path: / pathType: Prefix tls: - hosts: - staging-app.example.com secretName: app-tls staging-app.example.com staging-app.example.com ίί ίί w*OHSFTTΛ࢖͏৔߹ͷ՝୊ w୯ҰͷNBOJGFTUTΛෳ਺ͷϓϨϏϡʔ ؀ڥʹར༻͢ΔͨΊɺ*OHSFTTIPTUͷ ॻ͖׵͕͑ඞཁ wNBOJGFTUTੜ੒࣌ʹεΫϦϓτ౳Ͱॻ ͖׵͑Δࣄ΋Ͱ͖Δ͕ɺ؅ཧ͕൥ࡶͱ ͳΔ

  23. ϓϨϏϡʔ؀ڥͷղઆɿ؀ڥ΁ͷΞΫηε wUBLVNBLVNFTFSWJDFFYQPTFPQFSBUPS wࢦఆͨ͠4FSWJDFΛެ։͢Δ*OHSFTTΛࣗಈੜ੒͢Δ0QFSBUPS w4&37*$&@/".&/".&41"$&FYBNQMFDPN wࣗಈͰ*OHSFTTIPTUΛׂΓ౰ͯΔ͜ͱ͕Ͱ͖Δ wLVCFSOFUFT4FSWJDF%JTDPWFSZͷ*OHSFTT൛ͷΑ͏ͳػೳ wએݴతʹಈతͳϗετ໊Ͱ*OHSFTTΛੜ੒Ͱ͖Δ

  24. apiVersion: service-expose.../v1alpha1 kind: ServiceExpose metadata: name: example namespace: ns1 spec:

    backend: service: name: example-svc port: number: 8080 domain: example.com path: / pathType: Prefix tlsEnable: true tlsSecretName: example-tls annotations: cert-manager.io/cluster-issuer: letsencrypt apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: example namespace: ns1 annotations: cert-manager.io/cluster-issuer: letsencrypt spec: rules: - host: example-svc.ns1.example.com http: paths: - backend: service: name: example-svc port: number: 8080 path: / pathType: Prefix tls: - hosts: - example-svc.ns1.example.com secretName: example-tls backend: service: name: example-svc port: number: 8080 example-svc ns1 example.com example-svc ns1 example.com example-svc ns1 example.com ެ։͢Δ4FSWJDF αʔϏεσΟεΧόϦతͳ ϗετ໊ΛࣗಈͰ෇༩ αʔϏε໊ namespace υϝΠϯ UBLVNBLVNFTFSWJDFFYQPTFPQFSBUPS

  25. IUUQTTQFBLFSEFDLDPNUBLVNBLVNFHPLVCFSOFUFTPQFSBUPS LVCFSOFUFTPQFSBUPSͷৄ͍࣮͠૷಺༰ʹ͍ͭͯ͸ҎԼ

  26. ϓϨϏϡʔ؀ڥͷղઆɿ؀ڥ΁ͷΞΫηε w4FSWJDF&YQPTFʹΑͬͯੜ੒͞Εͨ*OHSFTTͷϗετ໊ʹରͯ͠ wFYUFSOBMEOT"Ϩίʔυͷࣗಈઃఆ wDFSUNBOBHFS5-4ূ໌ॻͷࣗಈઃఆ

  27. ࠓޙͷ՝୊

  28. ࠓޙͷ՝୊ wίʔυ1VTI͔Β؀ڥ΁ͷ൓ө׬ྃͷ௨஌͕෼͔Γʹ͍͘ w"SHP$%/PUJpDBUJPOTͰεςʔλεΛ4MBDL௨஌͍ͯ͠Δ

  29. ࠓޙͷ՝୊ wίʔυ1VTI͔Β؀ڥ΁ͷ൓ө׬ྃͷ௨஌͕෼͔Γʹ͍͘ ɹʢଓ͖ʣ wͲͷίϛοτ·ͰϓϨϏϡʔ؀ڥͷίϯςφʹ൓ө͍ͯ͠Δ͔ ͕෼͔Γʹ͍͘ wݫີʹ͸࣮ߦதͷίϯςφͷΠϝʔδλάΛݟΔ͔͠ͳ͍ wར༻ऀ͸ॻ͍ͨίʔυ͕ѱ͍ͷ͔ɺ؀ڥʹ൓өͯ͠ͳ͍ͷ͔ ൑அʹ໎͏Մೳੑ͕͋Δ

  30. ࠓޙͷ՝୊ wίʔυ1VTI͔Β؀ڥ΁ͷ൓ө·ͰͷλΠϜϥά͕ͦͦ͋͜͜Δ wΞϓϦͷ$*Λ1BTT wίϯςφΠϝʔδͷ#VJMEˍ1VTI w"SHP$%*NBHF6QEBUFS͕ݕ஌࣮͠ߦதͷίϯςφͷΠϝʔδ Λߋ৽ wίϯςφΠϝʔδͷ1VMM wίϯςφͷϩʔϧΞ΢τ

  31. ·ͱΊ w13ͷ࡞੒ΛτϦΨʔʹಈ࡞֬ೝ༻ͷϓϨϏϡʔ؀ڥΛ LVCFSOFUFT্ʹࣗಈੜ੒͍ͯ͠Δ w"SHP$%ͷઃఆϑΝΠϧΛੜ੒ˍϦϙδτϦʹ1VTI͢Δ͚ͩͰ׬ ͍݁ͯ͠Δ wϒϥϯνʹΞϓϦͷίʔυΛ1VTI͢Δ౓ʹΠϝʔδΛ #VJME1VTIͯ͠"SHP$%*NBHF6QEBUFSͰ؀ڥΛߋ৽͍ͯ͠Δ wϗετ໊Λ4FSWJDF%JTDPWFSZతʹੜ੒͠ɺ*OHSFTTͰެ։͢Δ 0QFSBUPSΛ։ൃͯ͠࢖͍ͬͯΔ

  32. Ϋϥ΢υωΠςΟϒͳٕज़ʹڵຯ͕ ͋Δํ͸ੋඇҰॹʹಇ͖·͠ΐ͏ʂ