Supercharge your Kubernetes Platform with Carvel

Transcript

1. Thomas Vitale Cloud Native Copenhagen Feb 21st, 2024 Supercharge Your

   Kubernetes Platform With Carvel @vitalethomas

2. Cloud Native Platform Enabling product teams to deliver software better,

   faster, safer @vitalethomas End-User PLATFORM API PLATFORM BACKEND Certi fi cate Management Continuous Deployment Serverless Runtime Supply Chain Choreographer Ingress and Load Balancing … Continuous Deployment

3. https://carvel.dev

4. https://carvel.dev

5. Systematic • Software Engineer and CNCF Ambassador. • Author of

   “Cloud Native Spring in Action” (Manning). • OSS contributor (Java, Spring, Cloud Native Technologies) Thomas Vitale thomasvitale.com @vitalethomas
6. None

7. @vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment

   5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

8. vendir Upstream dependencies Sync upstream dependencies Support various sources Lock

   dependencies for repeatability @vitalethomas

9. vendir Upstream dependencies @vitalethomas apiVersion: vendir.k14s.io/v1alpha1 kind: Config directories: -

   contents: - git: ref: v2.7.7 url: https://github.com/argoproj/argo-cd includePaths: - manifests/install.yaml newRootPath: manifests path: . path: config/upstream vendir.yml $ vendir sync

10. @vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment

    5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

11. kapp Deployments Group resources as “application” Predictable and safe deployments

    Wait for reconciliation @vitalethomas Order resources based on dependencies Record application deployment history

12. @vitalethomas apiVersion: kapp.k14s.io/v1alpha1 kind: Config rebaseRules: - path: [data] type:

    copy sources: [new, existing] resourceMatchers: - kindNamespaceNameMatcher: kind: Secret namespace: argocd name: argocd-secret kapp-con fi g.yml $ kapp deploy -a argo-cd -f install.yml -f kapp-config.yml kapp Deployments

13. @vitalethomas $ kapp deploy -a argo-cd -f install.yml -f kapp-config.yml

    kapp Deployments $ kapp list -A $ kapp inspect -a argo-cd $ kapp delete -a argo-cd

14. @vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment

    5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

15. ytt Con fi guration Con fi guration via templates Structure-oriented

    Con fi guration via overlays @vitalethomas Schema validation Any YAML

16. @vitalethomas $ ytt -f config ytt Con fi guration #@

    load("@ytt:data", "data") --- apiVersion: v1 kind: ConfigMap metadata: name: argo-demo-info namespace: argocd data: conference: #@ data.values.conference_name template.yml

17. @vitalethomas #@ load("@ytt:data", "data") #@ load("@ytt:overlay", "overlay") #@ def argo_service():

    kind: Service metadata: name: argocd-server #@ end #@overlay/match by=overlay.subset(argo_service()) --- spec: #@overlay/match missing_ok=True type: #@ data.values.service_type overlay.yml $ ytt -f config ytt Con fi guration

18. @vitalethomas $ ytt -f config ytt Con fi guration #@data/values-schema

    --- conference_name: “Cloud Native Aarhus” #@schema/desc "The service type for the ArgoCD Server." #@schema/validation one_of=["ClusterIP", "LoadBalancer", "NodePort"] service_type: ClusterIP schema.yml

19. @vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment

    5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

20. kbld Image resolution @vitalethomas Resolve image references Orchestrate OCI builds

    Lock references for repeatability

21. @vitalethomas apiVersion: kbld.k14s.io/v1alpha1 kind: Config overrides: - image: ghcr.io/dexidp/dex:v2.37.0 newImage:

    ghcr.io/dexidp/dex@sha256:f579d00721… preresolved: true - image: quay.io/argoproj/argocd:v2.7.7 newImage: quay.io/argoproj/argocd@sha256:6a5d0e909b… preresolved: true - image: redis:7.0.11-alpine newImage: index.docker.io/library/redis@sha256:121bac949f… preresolved: true kbld.lock.yml $ kbld -f config --lock-output kbld.lock.yml kbld Image resolution

22. @vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment

    5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

23. imgpkg Artifact bundles @vitalethomas Bundle con fi g as OCI

    artifacts Uni fi ed distribution for apps+con fi g Support air-gapped environments

24. @vitalethomas $ kbld -f config --imgpkg-lock-output .imgpkg/images.yml $ imgpkg push

    -b <registry-url>:argo-cd-bundle:v2.7.7 -f config imgpkg Artifact bundles $ imgpkg pull -b <registry-url>:argo-cd-bundle:v2.7.7 -o pulled-config $ imgpkg copy -b <registry-url>:argo-cd-bundle:v2.7.7 \ --to-repo <air-gapped-registry-url>:argo-cd-bundle

25. @vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment

    5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

26. Working with Packages Kubernetes-native implementation with Carvel @vitalethomas Transform Apply

    templates and overlays (ytt and kbld). 2 Deploy Deploy the resulting application (kapp). 3 Fetch Fetch con fi guration bundle and OCI images (vendir). 1

27. @vitalethomas apiVersion: data.packaging.carvel.dev/v1alpha1 kind: Package metadata: name: argo-cd.thomasvitale.dev.2.9.3 spec: refName:

    argo-cd.thomasvitale.dev template: spec: fetch: - imgpkgBundle: image: ghcr.io/thomasvitale/argo-cd-package-demo@sha256:600b566703… template: - ytt: paths: - config - kbld: paths: - '-' - .imgpkg/images.yml deploy: - kapp: {} version: 2.9.3 1 Fetch 2 Transform 3 Deploy

28. kapp-controller Package management @vitalethomas Continuous deployment via GitOps Automated work

    fl ow to build packages Kubernetes-native package management Package and distribute platforms Support multiple sources and con fi guration tools

29. Implement and release a package Kubernetes-native implementation with Carvel @vitalethomas

    $ kctrl package init $ kctrl package release Bootstrap package Release package Package Metadata Non version-speci fi c attributes describing a package. CRD Package Versioned combination of con fi guration and OCI images. CRD

30. Release a package repository Kubernetes-native implementation with Carvel @vitalethomas $

    kctrl package repo release Release package repository Package Repository A collection of packages and their metadata. CRD

31. Install a package in a cluster Kubernetes-native implementation with Carvel

    @vitalethomas $ kctrl package repo add Add package repository to cluster $ kctrl package install Install package in a cluster Package Install Installation of a package instance in a cluster. CRD

32. @vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment

    5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

33. https://github.com/kadras-io

34. Cloud Native Platform in 3 Steps Composable platform with Carvel

    @vitalethomas $ kapp deploy -a kapp-controller -y \ -f https://github.com/carvel-dev/kapp-controller/releases/latest/download/release.yml 1. Deploy kapp-controller $ kctrl package repository add -r kadras-packages \ --url ghcr.io/kadras-io/kadras-packages:0.14.2 \ -n kadras-packages --create-namespace 2. Add package repository $ kctrl package install -i engineering-platform \ -p engineering-platform.packages.kadras.io \ -v 0.12.2 \ -n kadras-packages \ --values-file values.yml 3. Install platform

35. Bonus. Secrets Management @vitalethomas

36. secretgen-controller Secrets management @vitalethomas Generate credentials and keys Automated distribution

    of image pull Secrets across namespaces Export and import Secrets across namespaces

37. @vitalethomas 1 Upstream Dependencies 3 Con fi guration 2 Deployment

    5 Artifact Bundles 4 Image Resolution 7 Platform 6 Package Management The Journey

38. CNCF TAG App Delivery @vitalethomas

39. thomasvitale.com @vitalethomas https://tag-app-delivery.cncf.io/whitepapers/platforms

40. https://tag-app-delivery.cncf.io/whitepapers/platform-eng-maturity-model

41. thomasvitale.com @vitalethomas https://tag-app-delivery.cncf.io/wgs/artifacts

42. Resources @vitalethomas

43. Resources Source code on GitHub • Carvel 101 - Streamline

    Your Kubernetes Work fl ows • Enlightning: Carvel Tools and kapp-controller • Stop forking Helm charts and use Carvel ytt • Carvel kapp: kubectl on steroids • Kubernetes package management with Carvel • Carvel as a uni fi ed package manager for Kubernetes • Kadras: Cloud Native Platforms Toolkit @vitalethomas

44. thomasvitale.com @vitalethomas

45. Thomas Vitale Cloud Native Copenhagen Feb 21st, 2024 Supercharge Your

    Kubernetes Platform With Carvel @vitalethomas