Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Paved Paths to Production – There and Back Again

Thomas Vitale
April 17, 2023
Technology
1
69

Paved Paths to Production – There and Back Again

There’s no place like production. Any idea, any code change will not deliver value until it reaches production. How can we go there fast and securely? A path to production includes all the activities to deliver a new idea to the software users.

The first challenge will be to provide application developers with a compelling experience that enhances the inner development loop, improves their productivity, and reduces their cognitive load. You’ll see how to design such an experience using Backstage, Buildpacks, and Knative.

The second challenge will be establishing secure and reusable CI/CD pipelines while ensuring a clear separation of concerns. You’ll see how to do that by building on top of the inner loop and adding Tekton, Trivy, and Argo CD. Application operators and security engineers will be responsible for those pipelines and the supply chain, taking care of all the activities for building, testing, securing, configuring, and ultimately deploying workloads.

The third challenge will be to offer paved paths to production as a coherent service via a platform based on different tools from the cloud native ecosystem. You’ll learn about the concept of golden paths enabled by Backstage and see how to implement them using Cartographer, a framework to build paths to production.

Thomas Vitale

April 17, 2023
Tweet

More Decks by Thomas Vitale

See All by Thomas Vitale
Next-Generation Cloud Native Apps with Spring Boot 3
thomasvitale
0
96
Developer Experience with Spring Boot on Kubernetes
thomasvitale
0
20
Multitenant Mystery - Only Rockers in the Building
thomasvitale
1
100
Developer Experience with Java on Kubernetes
thomasvitale
0
23
Observability and Efficiency with Spring Boot 3
thomasvitale
0
59
A Paved Path to Production on Kubernetes
thomasvitale
0
82
Spring Cloud Gateway: Resilience, Security, and Observability (Golden Path to SpringOne 2023)
thomasvitale
0
95
Kustomize
thomasvitale
0
19
Next-Generation Cloud Native Apps with Spring Boot 3
thomasvitale
2
74

Other Decks in Technology

See All in Technology
エンジニアからの情報発信の意義に関して、さまざまな方々が私に教えてくださったことのまとめ
m3hiro3
0
120
MySQL and Vitess (and Kubernetes) at HubSpot
jfg956
0
150
CloudWatch複合アラームでELBの5XXをいい感じに検知しようとしたらうまくいかなかった話 / cloudwatch alarm elb 5xx
gotok365
0
480
無理なく始めるGoでのユニットテストの並行化戦略
shohata
1
230
全AWSエンジニアに捧ぐ、CloudWatch 設計・運用 虎の巻 / CloudWatch design and operation bible
iselegant
27
9.9k
株式会社オプティム_採用会社紹介資料 / optim-recruit
optim
0
9.5k
Autonomous Database Cloud 技術詳細 / adb-s_technical_detail_jp
oracle4engineer
PRO
10
26k
Supporting a Sustainable Fast Flow of Change with Effective Enabling Teams
emgsilva
2
110
個人データの利用に対する許容度に関する社会調査
hiroshinakagawa
0
140
Turbinando Microsserviços com Distributed Cache
jordihofc
1
320
microCMSのエンジニア組織と文化
microcms
0
460
『AWSではじめるクラウドセキュリティ』の裏側を。
ryohatanmonolog
2
210

Featured

See All Featured
Mobile First: as difficult as doing things right
swwweet
213
8k
We Have a Design System, Now What?
morganepeng
38
6.1k
Into the Great Unknown - MozCon
thekraken
6
480
Six Lessons from altMBA
skipperchong
16
2.5k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
46
15k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
351
21k
Embracing the Ebb and Flow
colly
76
3.7k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
110
17k
The Pragmatic Product Professional
lauravandoore
22
3.8k
YesSQL, Process and Tooling at Scale
rocio
158
13k
Building Effective Engineering Teams - LeadDev
addyosmani
5
590
Code Review Best Practice
trishagee
53
12k

Transcript

  1. Thomas Vitale
    Cloud Native Rejekts
    Apr 16th, 2023
    Paved Paths to Production
    @vitalethomas
    There and Back Again

    View Slide

  2. Systematic
    • Software Engineer and Cloud
    Architect.

    • Author of “Cloud Native Spring
    in Action” (Manning).

    • OSS contributor (Java, Spring,
    Cloud Native Technologies)
    Thomas Vitale
    thomasvitale.com @vitalethomas

    View Slide

  3. Problem
    @vitalethomas

    View Slide

  4. Value
    @vitalethomas

    View Slide

  5. Delivering Value
    From idea to production
    Developer
    Production
    Idea
    @vitalethomas
    ?

    View Slide

  6. Goals
    2 Reduced cognitive load
    3 Clear and safe path to production
    1 Rapid and continuous feedback loop
    @vitalethomas

    View Slide

  7. Development Workflow
    @vitalethomas

    View Slide

  8. Cloud Native
    @vitalethomas

    View Slide

  9. @vitalethomas
    Runtime (Language)
    Application (Executable)
    Cloud Native Applications

    View Slide

  10. Containers
    @vitalethomas

    View Slide

  11. Moving to Containers
    @vitalethomas
    Runtime (Language)
    Application (Executable)
    Runtime (OCI)
    Application (Container)

    View Slide

  12. Cloud Native Buildpacks
    @vitalethomas

    View Slide

  13. Image
    pack build
    Cloud Native Buildpacks
    From source code to container image
    @vitalethomas

    View Slide

  14. Kubernetes
    @vitalethomas

    View Slide

  15. Moving to Kubernetes
    @vitalethomas
    Runtime (Language)
    Application (Executable)
    Runtime (OCI)
    Application (Container)
    Runtime (OCI)
    Middleware


    (Kubernetes)
    Application (Container)

    View Slide

  16. Tilt
    @vitalethomas

    View Slide

  17. Tilt
    Continuous development on Kubernetes
    @vitalethomas
    CODE
    BUILD
    RUN
    TEST

    View Slide

  18. Goals
    2 Reduced cognitive load
    3 Clear and safe path to production
    1 Rapid and continuous feedback loop
    @vitalethomas

    View Slide

  19. CI/CD Pipeline(s)
    @vitalethomas

    View Slide

  20. CI/CD Pipeline (Imperative)
    Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Orchestrator
    Tightly coupled
    Rigid system
    No clear separation of concerns
    Hard to maintain
    @vitalethomas

    View Slide

  21. Delivering Value
    From code to production
    Developer
    Production
    Application


    Operator
    Security


    Expert
    Platform


    Engineer
    @vitalethomas

    View Slide

  22. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    @vitalethomas

    View Slide

  23. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Kubernetes
    Manifests
    GitOps
    @vitalethomas

    View Slide

  24. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Kubernetes
    Manifests
    Container
    Image

    View Slide

  25. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Kubernetes
    Manifests
    Container
    Image
    Source
    Code
    CI/CD Pipeline (Reactive)
    Loosely coupled
    Separation of concerns
    Flexible
    Consistent path to production

    View Slide

  26. Check out


    source code
    Build


    container image
    Con
    fi
    gure


    workload
    Deploy


    workload
    Kubernetes
    Manifests
    Container
    Image
    Source
    Code
    CI/CD Pipeline (Reactive)
    Loosely coupled
    Separation of concerns
    Flexible
    Consistent path to production

    View Slide

  27. Cartographer
    @vitalethomas

    View Slide

  28. Kubernetes Native Choreographer
    Framework to build paved paths to production
    @vitalethomas

    View Slide

  29. Workload API
    Developer-friendly interface
    @vitalethomas
    apiVersion: carto.run/v1alpha1


    kind: Workload


    metadata:


    name: band-service


    labels:


    apps.kadras.io/workload-type: web


    spec:


    source:


    git:


    url: https://github.com/ThomasVitale/band-service


    ref:


    branch: main


    View Slide

  30. Watch


    Source Code
    Testing
    Build
    Con
    fi
    guration
    Deployment
    @vitalethomas

    View Slide

  31. https://landscape.cncf.io

    View Slide

  32. SupplyChain API
    Describes the path to production
    @vitalethomas
    apiVersion: carto.run/v1alpha1


    kind: ClusterSupplyChain


    metadata:


    name: supply-chain


    spec:


    selector:


    apps.kadras.io/workload-type: web


    resources:


    - name: source-provider


    templateRef:


    kind: ClusterSourceTemplate


    name: source


    - name: image-builder


    templateRef:


    kind: ClusterImageTemplate


    name: image


    sources:


    - resource: source-provider


    name: source


    - name: deployer


    templateRef:


    kind: ClusterTemplate


    name: app-deploy


    images:


    - resource: image-builder


    name: image

    View Slide

  33. Watch


    Source Code
    Testing
    Build
    Con
    fi
    guration
    Deployment
    @vitalethomas

    View Slide

  34. @vitalethomas
    apiVersion: source.toolkit.fluxcd.io/v1


    kind: GitRepository


    metadata:


    name: band-service


    spec:


    interval: 1m0s


    url: https://github.com/ThomasVitale/band-service


    ref:


    branch: main


    View Slide

  35. @vitalethomas
    apiVersion: source.toolkit.fluxcd.io/v1


    kind: GitRepository


    metadata:


    name: $(workload.metadata.name)$


    spec:


    interval: 1m0s


    url: $(workload.spec.source.git.url)$


    ref: $(workload.spec.source.git.ref)$


    View Slide

  36. @vitalethomas
    apiVersion: carto.run/v1alpha1


    kind: ClusterSourceTemplate


    metadata:


    name: source


    spec:


    urlPath: .status.artifact.url


    revisionPath: .status.artifact.revision


    template:


    apiVersion: source.toolkit.fluxcd.io/v1


    kind: GitRepository


    metadata:


    name: $(workload.metadata.name)$


    spec:


    interval: 1m0s


    url: $(workload.spec.source.git.url)$


    ref: $(workload.spec.source.git.ref)$

    View Slide

  37. @vitalethomas
    apiVersion: carto.run/v1alpha1


    kind: ClusterSourceTemplate


    metadata:


    name: source


    spec:


    urlPath: .status.artifact.url


    revisionPath: .status.artifact.revision


    template:


    apiVersion: source.toolkit.fluxcd.io/v1


    kind: GitRepository


    metadata:


    name: $(workload.metadata.name)$


    spec:


    interval: 1m0s


    url: $(workload.spec.source.git.url)$


    ref: $(workload.spec.source.git.ref)$
    Template API
    Supply chain activities

    View Slide

  38. cartographer.sh

    View Slide

  39. Capabilities over responsibilities
    @vitalethomas

    View Slide

  40. Developer
    @vitalethomas

    View Slide

  41. Developer Platform
    @vitalethomas

    View Slide

  42. Developer Platform
    @vitalethomas

    View Slide

  43. Goals
    2 Reduced cognitive load
    3 Clear and safe path to production
    1 Rapid and continuous feedback loop
    @vitalethomas

    View Slide

  44. Resources
    @vitalethomas

    View Slide

  45. Resources
    Source code
    • Presentation source code

    • Kadras: Cloud Native Platforms Toolkit

    • Cloud Native Buildpacks for ARM64

    • Software Supply Chain Choreography

    • Cartographer

    • Cartographer CLI

    • Tanzu Application Platform
    @vitalethomas

    View Slide

  46. Thomas Vitale
    Cloud Native Rejekts
    Apr 16th, 2023
    Paved Paths to Production
    @vitalethomas
    There and Back Again

    View Slide