Upgrade to Pro — share decks privately, control downloads, hide ads and more …

A Paved Path to Production on Kubernetes

Thomas Vitale
March 23, 2023
Technology
0
82

A Paved Path to Production on Kubernetes

Customers are looking forward to getting a new feature in our application. Developers implemented it and pushed the changes to Git. How can we go from code commit to feature available in production on Kubernetes? How can we do that in a productive and secure way?

Following the continuous delivery principles, I’ll show how to design a paved path to production with a superior experience for developers while giving operators enough flexibility and control. Using Cartographer, we’ll choreograph our way from code commit to deployment on Kubernetes and build a complete CI/CD pipeline.

We’ll then monitor Git repositories with Flux, containerize applications with Cloud Native Buildpacks, run automated tests with Tekton, scan images with Trivy, configure workloads with Carvel, and deploy them with Knative.

The presentation focuses on open source technologies and includes a hands-on demo you can run in your Kubernetes environments and use as a foundation for your real-world supply chains.

Thomas Vitale

March 23, 2023
Tweet

More Decks by Thomas Vitale

See All by Thomas Vitale
Next-Generation Cloud Native Apps with Spring Boot 3
thomasvitale
0
93
Developer Experience with Spring Boot on Kubernetes
thomasvitale
0
20
Multitenant Mystery - Only Rockers in the Building
thomasvitale
1
99
Developer Experience with Java on Kubernetes
thomasvitale
0
22
Observability and Efficiency with Spring Boot 3
thomasvitale
0
52
Paved Paths to Production – There and Back Again
thomasvitale
1
69
Spring Cloud Gateway: Resilience, Security, and Observability (Golden Path to SpringOne 2023)
thomasvitale
0
94
Kustomize
thomasvitale
0
19
Next-Generation Cloud Native Apps with Spring Boot 3
thomasvitale
2
74

Other Decks in Technology

See All in Technology
Spring I/O 2023 - Barcelona
bnasslahsen
0
130
ChatGPTをどう使うか?(JJUGナイトセミナー5/23)
shin_higuchi
0
520
社内でChatGPTを利用するためのガイドラインを整備した話
yoshikieguchi
0
960
食べログChatGPTプラグイン導入で見えてきた未来:データサイエンティストの向き合い方
moritama1515
PRO
2
360
点群SegmentationのためのTransformerサーベイ
takmin
1
500
問題解決の促進-New Relicの導入から全社活用までの道のり- / Facilitate problem solving
yayoi_dd
0
310
Антихрупкость в IT или как полюбить изменения
alexanderbyndyu
0
230
「時系列データ」を ChatGPT で活かすには?!
soracom
PRO
0
400
Save the state
keithyokoma
0
220
Mirror mirror... what am I typing next?
spinscale
0
150
Turbinando Microsserviços com Distributed Cache
jordihofc
1
300
ChatGPTがもたらす新しいチーム開発の現場
satoshirobatofujimoto
0
160

Featured

See All Featured
Typedesign – Prime Four
hannesfritz
34
1.6k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
7
990
A better future with KSS
kneath
230
16k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
0
1.4k
Mobile First: as difficult as doing things right
swwweet
213
8k
YesSQL, Process and Tooling at Scale
rocio
158
13k
Teambox: Starting and Learning
jrom
124
8k
Product Roadmaps are Hard
iamctodd
39
8.2k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
183
15k
GraphQLの誤解/rethinking-graphql
sonatard
41
8.2k
We Have a Design System, Now What?
morganepeng
38
6.1k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
16
5.8k

Transcript

  1. Thomas Vitale
    The Golden Path to SpringOne
    Mar 23rd, 2023
    A Paved Path to Production
    on Kubernetes
    @vitalethomas

    View Slide

  2. Systematic
    • Software Engineer and Cloud
    Architect.

    • Author of “Cloud Native Spring
    in Action” (Manning).

    • OSS contributor (Java, Spring,
    Cloud Native Technologies)
    Thomas Vitale
    thomasvitale.com @vitalethomas

    View Slide

  3. Problem
    @vitalethomas

    View Slide

  4. Value
    @vitalethomas

    View Slide

  5. Delivering Value
    From idea to production
    Developer
    Production
    Idea
    @vitalethomas
    ?

    View Slide

  6. Goals
    2 Reduced cognitive load
    3 Clear and safe path to production
    1 Rapid and continuous feedback loop
    @vitalethomas

    View Slide

  7. Development Workflow
    @vitalethomas

    View Slide

  8. Cloud Native
    @vitalethomas

    View Slide

  9. From Traditional to Cloud Native
    Application Server, Embedded Server
    Runtime (JVM)
    Middleware (Application Server)
    Application (WAR/EAR)
    Runtime (JVM)
    Application (JAR)
    @vitalethomas

    View Slide

  10. Containers
    @vitalethomas

    View Slide

  11. Moving to Containers
    Application Server, Embedded Server, Container
    Runtime (OCI)
    Application (Container)
    Runtime (JVM)
    Middleware (Application Server)
    Application (WAR/EAR)
    Runtime (JVM)
    Application (JAR)
    @vitalethomas

    View Slide

  12. Cloud Native Buildpacks
    @vitalethomas

    View Slide

  13. Image
    pack build
    Cloud Native Buildpacks
    From source code to container image
    @vitalethomas

    View Slide

  14. Kubernetes
    @vitalethomas

    View Slide

  15. Moving to Kubernetes
    Application Server, Embedded Server, Container, Kubernetes
    Runtime (OCI)
    Middleware


    (Kubernetes)
    Application (Container)
    Runtime (JVM)
    Middleware


    (Application Server)
    Application (WAR/EAR)
    Runtime (JVM)
    Application (JAR)
    Runtime (OCI)
    Application (Container)
    @vitalethomas

    View Slide

  16. Tilt
    @vitalethomas

    View Slide

  17. Tilt
    Continuous development on Kubernetes
    @vitalethomas
    CODE
    BUILD
    RUN
    TEST

    View Slide

  18. Goals
    2 Reduced cognitive load
    3 Clear and safe path to production
    1 Rapid and continuous feedback loop
    @vitalethomas

    View Slide

  19. CI/CD Pipeline(s)
    @vitalethomas

    View Slide

  20. CI/CD Pipeline (Imperative)
    Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Orchestrator
    Tightly coupled
    Rigid system
    No clear separation of concerns
    Hard to maintain
    @vitalethomas

    View Slide

  21. Delivering Value
    From code to production
    Developer
    Production
    Application


    Operator
    Security


    Expert
    Platform


    Engineer
    @vitalethomas

    View Slide

  22. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    @vitalethomas

    View Slide

  23. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Kubernetes
    Manifests
    GitOps
    @vitalethomas

    View Slide

  24. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Kubernetes
    Manifests
    Container
    Image

    View Slide

  25. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Kubernetes
    Manifests
    Container
    Image
    Source
    Code
    CI/CD Pipeline (Reactive)
    Loosely coupled
    Separation of concerns
    Flexible
    Consistent path to production

    View Slide

  26. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Kubernetes
    Manifests
    Container
    Image
    Source
    Code
    CI/CD Pipeline (Reactive)
    Loosely coupled
    Separation of concerns
    Flexible
    Consistent path to production

    View Slide

  27. Cartographer
    @vitalethomas

    View Slide

  28. Kubernetes Native Choreographer
    Framework to build paved paths to production
    @vitalethomas

    View Slide

  29. Workload API
    Developer-friendly interface
    @vitalethomas
    apiVersion: carto.run/v1alpha1


    kind: Workload


    metadata:


    name: band-service


    labels:


    apps.kadras.io/workload-type: web


    spec:


    source:


    git:


    url: https://github.com/ThomasVitale/band-service


    ref:


    branch: main


    View Slide

  30. Watch


    Source Code
    Testing
    Build
    Con
    fi
    guration
    Deployment

    View Slide

  31. https://landscape.cncf.io

    View Slide

  32. SupplyChain API
    Describes the path to production
    @vitalethomas
    apiVersion: carto.run/v1alpha1


    kind: ClusterSupplyChain


    metadata:


    name: supply-chain


    spec:


    selector:


    apps.kadras.io/workload-type: web


    resources:


    - name: source-provider


    templateRef:


    kind: ClusterSourceTemplate


    name: source


    - name: image-builder


    templateRef:


    kind: ClusterImageTemplate


    name: image


    sources:


    - resource: source-provider


    name: source


    - name: deployer


    templateRef:


    kind: ClusterTemplate


    name: app-deploy


    images:


    - resource: image-builder


    name: image

    View Slide

  33. cartographer.sh

    View Slide

  34. Watch


    Source Code
    Testing
    Build
    Con
    fi
    guration
    Deployment

    View Slide

  35. @vitalethomas
    apiVersion: source.toolkit.fluxcd.io/v1


    kind: GitRepository


    metadata:


    name: band-service


    spec:


    interval: 1m0s


    url: https://github.com/ThomasVitale/band-service


    ref:


    branch: main


    View Slide

  36. @vitalethomas
    apiVersion: source.toolkit.fluxcd.io/v1


    kind: GitRepository


    metadata:


    name: $(workload.metadata.name)$


    spec:


    interval: 1m0s


    url: $(workload.spec.source.git.url)$


    ref: $(workload.spec.source.git.ref)$


    View Slide

  37. @vitalethomas
    apiVersion: carto.run/v1alpha1


    kind: ClusterSourceTemplate


    metadata:


    name: source


    spec:


    urlPath: .status.artifact.url


    revisionPath: .status.artifact.revision


    template:


    apiVersion: source.toolkit.fluxcd.io/v1


    kind: GitRepository


    metadata:


    name: $(workload.metadata.name)$


    spec:


    interval: 1m0s


    url: $(workload.spec.source.git.url)$


    ref: $(workload.spec.source.git.ref)$

    View Slide

  38. @vitalethomas
    apiVersion: carto.run/v1alpha1


    kind: ClusterSourceTemplate


    metadata:


    name: source


    spec:


    urlPath: .status.artifact.url


    revisionPath: .status.artifact.revision


    template:


    apiVersion: source.toolkit.fluxcd.io/v1


    kind: GitRepository


    metadata:


    name: $(workload.metadata.name)$


    spec:


    interval: 1m0s


    url: $(workload.spec.source.git.url)$


    ref: $(workload.spec.source.git.ref)$
    Template API
    Supply chain activities

    View Slide

  39. Capabilities over responsibilities
    @vitalethomas

    View Slide

  40. Developer
    @vitalethomas

    View Slide

  41. Developer Platform
    @vitalethomas

    View Slide

  42. Developer Platform
    @vitalethomas

    View Slide

  43. Goals
    2 Reduced cognitive load
    3 Clear and safe path to production
    1 Rapid and continuous feedback loop
    @vitalethomas

    View Slide

  44. Resources
    @vitalethomas

    View Slide

  45. Resources
    Source code
    • Presentation source code

    • Kadras: Cloud Native Platforms Toolkit

    • Cloud Native Buildpacks for ARM64

    • Software Supply Chain Choreography

    • Cartographer

    • Cartographer CLI

    • Tanzu Application Platform
    @vitalethomas

    View Slide

  46. Thomas Vitale
    The Golden Path to SpringOne
    Mar 23rd, 2023
    A Paved Path to Production
    on Kubernetes
    thomasvitale.com
    @vitalethomas
    @[email protected]

    View Slide