ArgoCD for Kubernetes clusters and applications management

Transcript

1. datadome.co Introduction to ArgoCD Xavier Krantz - SRE 2024-04-19 Kubernetes

   clusters and applications management

2. datadome.co 2 Agenda Kubernetes new paradigms How do we deploy

   Kubernetes applications today? Introduction to ArgoCD Q&A ? 3. 2. 1.

3. datadome.co datadome.co Kubernetes new paradigms 3 1

4. datadome.co 1 - Kubernetes new paradigms 4

5. datadome.co 1 - Kubernetes new paradigms 5

6. datadome.co 1 - Kubernetes new paradigms 6 https://kubernetes.io/docs/concepts/

7. datadome.co 1 - Kubernetes new paradigms https://kubernetes.io/docs/concepts/ 7

8. datadome.co 1 - Kubernetes new paradigms https://kubernetes.io/docs/concepts/ 8

9. datadome.co datadome.co How do we deploy Kubernetes applications today? 9

   2

10. datadome.co 2 - How do we deploy today? 10

11. datadome.co 2 - How do we deploy today? 11

12. datadome.co 2 - How do we deploy today? 12

13. datadome.co 2 - How do we deploy today? 13

14. datadome.co 2 - How do we deploy today? 14

15. datadome.co 2 - How do we deploy today? 15

16. datadome.co 2 - How do we deploy today? 16

17. datadome.co 2 - How do we deploy today? 17 Challenges

    and pain points • Deployment of Helm releases through Terraform’s Helm provider • 5 level of nested code 1. Terraform “stack” 2. DataDome Terraform Module 3. Upstream Terraform module 4. DataDome Helm charts 5. Upstream Helm charts • Change propagation flow seems complex and restrictive • Due to the nesting of the code-base • Terraform changes are driven by Atlantis Workflow (does not fit every team)

18. datadome.co datadome.co ArgoCD introduction 18 3

19. datadome.co 3 - ArgoCD 19

20. datadome.co 3 - ArgoCD 20

21. datadome.co https://argo-cd.readthedocs.io/en/stable/ 3 - ArgoCD 21

22. datadome.co https://argo-cd.readthedocs.io/en/stable/ A declarative, GitOps continuous delivery tool for Kubernetes.

    3 - ArgoCD 22

23. datadome.co https://argo-cd.readthedocs.io/en/stable/ Features 3 - ArgoCD 23 • Automated deployment

    of applications to specified target environments • Support for multiple config management/templating tools • Ability to manage and deploy to multiple clusters • SSO Integration (OIDC, OAuth2, LDAP, SAML 2.0, GitHub, …) • Multi-tenancy and RBAC policies for authorization • Rollback/Roll-anywhere to any application configuration committed in Git repository • Health status analysis of application resources • Automated configuration drift detection and visualization • Automated or manual syncing of applications to its desired state • Web UI which provides real-time view of application activity • CLI for automation and CI integration • Webhook integration (GitHub, BitBucket, GitLab) • Access tokens for automation • PreSync, Sync, PostSync hooks to support complex application rollouts (e.g.blue/green & canary upgrades) • Audit trails for application events and API calls • Prometheus metrics • Parameter overrides for overriding helm parameters in Git • …

24. datadome.co How it can help? • Provides a better “view”

    and control of Kubernetes-specific resources ◦ Using ArgoCD UI ◦ Using ArgoCD GitOps functionalities for Kubernetes applications deployment • Allows a clear separation of concerns between ◦ the infrastructure resources (AWS), ◦ the “platform components” (Kubernetes applications), ◦ and the business applications (Kubernetes applications) • Simplifies the Kubernetes Clusters management (from SRE point of view) • Simplifies the Kubernetes Applications deployment and management (from Non-SRE point of view) 3 - ArgoCD 24

25. datadome.co datadome.co Demo 25

26. datadome.co 26

27. datadome.co 27

28. datadome.co 28

29. datadome.co 29

30. datadome.co 30

31. datadome.co 31

32. datadome.co 32

33. datadome.co 33

34. datadome.co 34

35. datadome.co 35

36. datadome.co datadome.co Any questions? Thank you! 36

37. datadome.co Miscellaneous 37 ArgoCD topology

38. datadome.co Miscellaneous 38 ArgoCD topology (2)

39. datadome.co Miscellaneous 39 Kustomize.io

40. datadome.co Miscellaneous 40 Deployment promotion workflow