Nico Meisenzahl, profile picture
Uploaded byNico Meisenzahl
PDF, PPTX584 views

Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline Your Infrastructure Deployments

The document discusses how containerized GitLab CI pipelines can help streamline infrastructure deployments. It recommends containerizing pipeline jobs so that each runs in a dedicated container with isolated dependencies. This avoids issues with dependency conflicts and allows scaling pipelines. The GitLab Runner Kubernetes executor can integrate pipelines with Kubernetes to create pods for each job based on a defined container image. Containerizing builds with Kaniko also avoids issues with Docker-in-Docker. Examples show containerized pipelines for building images, deploying to AKS, and provisioning infrastructure with Terraform.

Technology
Related topics:
CI/CD
Download as PDF, PPTX
1#GitLabCommit How Containerized GitLab CI Pipelines Can Help You Streamline Your Infrastructure Deployments
2#GitLabCommit Senior Consultant @ panagenda. Blogger, speaker. IBM Cloud Champion & Docker Community Leader. Loves K8s, containers & automation. His desk is a ping pong table. Nico Meisenzahl @nmeisenzahl https://meisenzahl.org nico@meisenzahl.org https://panagenda.com/modernization nico.meisenzahl@panagenda.com
3#GitLabCommit ● Infrastructure-as-Code recap ● where containerized pipelines can help ● how to get started Agenda
4#GitLabCommit ● everything is code ● Git as single source of truth ● reproducible & declarable ● version controlled and testable ● fully automated Infrastructure-as-Code principles
5#GitLabCommit ● immutable infrastructure ● no snowflake servers ● no configuration drift ● no fragile infrastructure ● everything is documented (by itself) Infrastructure-as-Code pros
6#GitLabCommit ● you shouldn’t build everything on your own ○ you’ll need tools that support you ● you shouldn’t run everything manually on your own machine ○ you’ll be the constraint that slows everything down ○ you’ll have tons of dependencies on your local machine ● automation is key! ○ prevent “Automation Fear” 😱 Infrastructure-as-Code pitfalls
7#GitLabCommit ● for the same reasons why you should use containers ○ isolation ○ dependencies ○ scalability ○ immutability ● example: Your new project needs Terraform 0.12, others only run with 0.11 ○ can cause dependency issues on build server and local machine ○ makes everything a lot more complex ● this example works with every tool 😉 ○ kubectl, Helm, Ansible... you name it Why should you containerize your pipeline?
8#GitLabCommit ● every pipeline job runs in a container ○ based on an image with all requirements for this single job ● GitLab Runner Kubernetes executor ○ integrates your CI/CD with Kubernetes ○ creates a pod per job based on the defined image ○ allows you to share your resources and scale your pipelines ● image builds in containers? Do I need Docker-in-Docker for that?! ○ Kaniko fixes this issue! How does it work?
9#GitLabCommit ● contains everything a single pipeline job needs ○ binaries, libraries, ... ● use a pipeline to build/rebuild it (security fixes!) ● you should define fix versions for your dependencies Pipeline job images
10#GitLabCommit Containerized pipeline example
11#GitLabCommit ● runs itself in a pod ● needs to be installed in your Kubernetes Cluster ○ automatable Helm deployment ● schedules job pods ● build steps of a pipeline job ○ prepare → creates pod with build and service containers ○ pre-build → clones repo, restore cache, download artifacts ○ build → user build steps ○ post-build → creates caches and upload artifacts GitLab Runner Kubernetes executor
12#GitLabCommit GitLab Runner Kubernetes executor
13#GitLabCommit ● Docker-in-Docker has security issues ○ exposing Docker daemon ○ mounting /var/lib/docker ○ privileged mode ● is part of “Knative build” ● image builds without the need of any privileges or dependencies ● runs in a container ○ http://gcr.io/kaniko-project/executor ● speed up your pipeline with build caching Kaniko - containerized image builds
14#GitLabCommit Kaniko pipeline example
15#GitLabCommit Kaniko pipeline example
16#GitLabCommit ● pipeline will provision/update an Azure Kubernetes Cluster (AKS) with all dependencies ○ Terraform is used to provision/update the cluster ○ kubectl is used to apply resources (namespaces, RBAC, pod security policy, …) ● pipeline steps ○ validate Terraform code ○ validate Kubernetes resources ○ provision/update cluster ○ apply/update Kubernetes resources Containerized Infrastructure pipeline example
17#GitLabCommit Containerized Infrastructure pipeline example
18#GitLabCommit Containerized Infrastructure pipeline example
19#GitLabCommit Containerized Infrastructure pipeline example
20#GitLabCommit Containerized Infrastructure pipeline example
21#GitLabCommit Containerized Infrastructure pipeline example
22#GitLabCommit Containerized Infrastructure pipeline example
23#GitLabCommit ● slides → https://www.slideshare.net/nmeisenzahl ● demo projects → https://gitlab.com/gitlab-commit-demo ○ build-job-images → job images pipeline using Kaniko ○ deploy-aks → AKS IaC project with Terraform and kubectl ○ deploy-aks-with-runner → used to setup the demo env (optional) Questions? Nico Meisenzahl Senior Consultant, panagenda @nmeisenzahl https://meisenzahl.org nico@meisenzahl.org https://panagenda.com/modernization nico.meisenzahl@panagenda.com

More Related Content

PDF
Continuous Integration/Deployment with Gitlab CI
byDavid Hahn
 
PDF
GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...
byGITS Indonesia
 
PPTX
Gitlab CI/CD
byJEMLI Fathi
 
PDF
Devops Porto - CI/CD at Gitlab
byFilipa Lacerda
 
PDF
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
byNico Meisenzahl
 
PDF
Juc boston2014.pptx
byBrandon Mueller
 
PDF
FOSDEM 2017: GitLab CI
byOlinData
 
PDF
CI with Gitlab & Docker
byJoerg Henning
 
Continuous Integration/Deployment with Gitlab CI
byDavid Hahn
 
GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...
byGITS Indonesia
 
Gitlab CI/CD
byJEMLI Fathi
 
Devops Porto - CI/CD at Gitlab
byFilipa Lacerda
 
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
byNico Meisenzahl
 
Juc boston2014.pptx
byBrandon Mueller
 
FOSDEM 2017: GitLab CI
byOlinData
 
CI with Gitlab & Docker
byJoerg Henning
 

What's hot

PPTX
Up GitLab Presentation 2015
byKumaran Balachandran
 
PDF
Why you can't ignore GitLab
byPivorak MeetUp
 
PDF
Know the Science behind WorkFlows using Git & GitHhub
byEdureka!
 
PPTX
Quick workflow of a nodejs api
byPaolo Carrasco Mori
 
PDF
Webinar - Continuous Integration with GitLab
byOlinData
 
PPTX
Workflows using Git GitHub | Edureka
byEdureka!
 
PDF
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
byNico Meisenzahl
 
PDF
Using GitLab CI
byColCh
 
PPTX
Git'in in 15
byStacy Vicknair
 
ODP
Open Innovation Lab (OIL) - 20150227 - GIT Intro Workshop
byWong Hoi Sing Edison
 
PPTX
Git Lab Introduction
byKrunal Doshi
 
PPTX
Git kelvin
byKwong Wang Ho
 
PPTX
Git'in on Windows
byStacy Vicknair
 
PDF
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
byJulian Mazzitelli
 
PDF
Code Review with Git and Gerrit - Devoxx 2011 - Tools in Action - 2011-11-14
bymsohn
 
PPT
Flow
byEugen Martynov
 
PDF
Git Tutorial
byMoshe Kaplan
 
PDF
GitLab Frontend and VueJS at GitLab
byFatih Acet
 
PDF
Webinar - Unbox GitLab CI/CD
byAnnie Huang
 
PDF
How to use any static site generator with GitLab Pages.
byIvan Nemytchenko
 
Up GitLab Presentation 2015
byKumaran Balachandran
 
Why you can't ignore GitLab
byPivorak MeetUp
 
Know the Science behind WorkFlows using Git & GitHhub
byEdureka!
 
Quick workflow of a nodejs api
byPaolo Carrasco Mori
 
Webinar - Continuous Integration with GitLab
byOlinData
 
Workflows using Git GitHub | Edureka
byEdureka!
 
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
byNico Meisenzahl
 
Using GitLab CI
byColCh
 
Git'in in 15
byStacy Vicknair
 
Open Innovation Lab (OIL) - 20150227 - GIT Intro Workshop
byWong Hoi Sing Edison
 
Git Lab Introduction
byKrunal Doshi
 
Git kelvin
byKwong Wang Ho
 
Git'in on Windows
byStacy Vicknair
 
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
byJulian Mazzitelli
 
Code Review with Git and Gerrit - Devoxx 2011 - Tools in Action - 2011-11-14
bymsohn
 
Flow
byEugen Martynov
 
Git Tutorial
byMoshe Kaplan
 
GitLab Frontend and VueJS at GitLab
byFatih Acet
 
Webinar - Unbox GitLab CI/CD
byAnnie Huang
 
How to use any static site generator with GitLab Pages.
byIvan Nemytchenko
 

Similar to Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline Your Infrastructure Deployments

PDF
Containerized Build & Deployment Pipelines
byNico Meisenzahl
 
PDF
DevOpsCon London: How containerized Pipelines can boost your CI/CD
byNico Meisenzahl
 
PDF
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
byNico Meisenzahl
 
PDF
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
byNico Meisenzahl
 
PDF
Getting Started with DevOps on AWS [Mar 2020]
byDhaval Nagar
 
PDF
Gitlab ci e kubernetes, build test and deploy your projects like a pro
bysparkfabrik
 
PDF
OSO Confluent GitOps Demo
bySion Smith
 
PDF
gitopsthekubernetesway-201026090439.pdf
bysaraichiba2
 
PDF
Gitops: the kubernetes way
bysparkfabrik
 
PPTX
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
byVietnam Open Infrastructure User Group
 
PPTX
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
byWeaveworks
 
PDF
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
byCloud Native Rosenheim Meetup
 
PDF
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
byNico Meisenzahl
 
PDF
Continuous Lifecycle London 2018 Event Keynote
byWeaveworks
 
PDF
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
byNico Meisenzahl
 
PDF
Codefresh CICD New Features Launch! May 2019
byCodefresh
 
PDF
SFScon18 - Gerhard Sulzberger - Jason Tevnan - gitops with gitlab + terraform
bySouth Tyrol Free Software Conference
 
PDF
Git ops & Continuous Infrastructure with terra*
byHaggai Philip Zagury
 
PPTX
Iac d.damyanov 4.pptx
byDimitar Damyanov
 
PDF
Delivering Quality at Speed with GitOps
byWeaveworks
 
Containerized Build & Deployment Pipelines
byNico Meisenzahl
 
DevOpsCon London: How containerized Pipelines can boost your CI/CD
byNico Meisenzahl
 
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
byNico Meisenzahl
 
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
byNico Meisenzahl
 
Getting Started with DevOps on AWS [Mar 2020]
byDhaval Nagar
 
Gitlab ci e kubernetes, build test and deploy your projects like a pro
bysparkfabrik
 
OSO Confluent GitOps Demo
bySion Smith
 
gitopsthekubernetesway-201026090439.pdf
bysaraichiba2
 
Gitops: the kubernetes way
bysparkfabrik
 
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
byVietnam Open Infrastructure User Group
 
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
byWeaveworks
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
byCloud Native Rosenheim Meetup
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
byNico Meisenzahl
 
Continuous Lifecycle London 2018 Event Keynote
byWeaveworks
 
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
byNico Meisenzahl
 
Codefresh CICD New Features Launch! May 2019
byCodefresh
 
SFScon18 - Gerhard Sulzberger - Jason Tevnan - gitops with gitlab + terraform
bySouth Tyrol Free Software Conference
 
Git ops & Continuous Infrastructure with terra*
byHaggai Philip Zagury
 
Iac d.damyanov 4.pptx
byDimitar Damyanov
 
Delivering Quality at Speed with GitOps
byWeaveworks
 

More from Nico Meisenzahl

PDF
Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
byNico Meisenzahl
 
PDF
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
byNico Meisenzahl
 
PDF
Festive Tech Calendar: Festive time with AKS networking
byNico Meisenzahl
 
PDF
ContainerConf 2022: Hijack Kubernetes
byNico Meisenzahl
 
PDF
ContainerConf 2022: Kubernetes is awesome - but...
byNico Meisenzahl
 
PDF
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
byNico Meisenzahl
 
PDF
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
PDF
Cloud Love Conference: Kubernetes is awesome, but...
byNico Meisenzahl
 
PDF
How to Prevent Your Kubernetes Cluster From Being Hacked
byNico Meisenzahl
 
PDF
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
PPTX
Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
PDF
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
byNico Meisenzahl
 
PDF
Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
PDF
azdevcom - Hijack a Kubernetes Cluster
byNico Meisenzahl
 
PDF
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
byNico Meisenzahl
 
PDF
Continuous Lifecycle: Hijack Kubernetes
byNico Meisenzahl
 
PDF
Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
PDF
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
byNico Meisenzahl
 
PDF
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
byNico Meisenzahl
 
PDF
Microsoft DevOps Forum 2021 – DevOps & Security
byNico Meisenzahl
 
Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
byNico Meisenzahl
 
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
byNico Meisenzahl
 
Festive Tech Calendar: Festive time with AKS networking
byNico Meisenzahl
 
ContainerConf 2022: Hijack Kubernetes
byNico Meisenzahl
 
ContainerConf 2022: Kubernetes is awesome - but...
byNico Meisenzahl
 
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
byNico Meisenzahl
 
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
Cloud Love Conference: Kubernetes is awesome, but...
byNico Meisenzahl
 
How to Prevent Your Kubernetes Cluster From Being Hacked
byNico Meisenzahl
 
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
byNico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
azdevcom - Hijack a Kubernetes Cluster
byNico Meisenzahl
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
byNico Meisenzahl
 
Continuous Lifecycle: Hijack Kubernetes
byNico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
byNico Meisenzahl
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
byNico Meisenzahl
 
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
byNico Meisenzahl
 
Microsoft DevOps Forum 2021 – DevOps & Security
byNico Meisenzahl
 

Recently uploaded

PDF
ZGC: A Decade of Innovation by Stefan Johansson
byScyllaDB
 
PDF
ClipsField AI - Transform Static Images Into Cinematic Videos in Minutes.pdf
bySOFTTECHHUB
 
PPTX
xCapture v3: Efficient, Always-On Thread Level Observability with eBPF by Tan...
byScyllaDB
 
PDF
AWS Community Day Indonesia 2025 - Attack the Cloud Before Attackers Do Build...
byMuhammad Yuga Nugraha
 
DOCX
Formula 3 - MACO using general limit.docx
byMarkus Janssen
 
PPTX
Artificial Intelligence lecture slides.pptx
bymaimelabernard6
 
PPTX
Enterprise Architecture for Microsoft 365: From Vision to Value
bySimon Denton
 
PDF
AI Enabled Task Automation Technology Trends in the IT Industry
byManish Chopra
 
PPTX
Taming Time in PHP: Best Practices and Gotchas at Longhorn PHP 2025
byScott Keck-Warren
 
PDF
Generation Data Sets - Unique, Useful... Understandable?.pdf
byPrecisely
 
PDF
n8n - Next Generation Workflow Automation with Open Source
byDaisuke Masuda
 
PPTX
Autonomous Convoy Routing via Drone Swarms and Multi-Modal Threat Detection
byIvan Ruchkin
 
PPTX
Stop Worrying, Start Wiring: Azure Serverless for the AI Era
byMuralidharan Deenathayalan
 
PPTX
ScalaF: Functional Refactoring and Automated Code Transformations
byhelloshrikha
 
PDF
Energia Nowa and byteLAKE Partner to Develop Intelligent Services for Energy ...
bybyteLAKE
 
PDF
BSides NYC 2025: Inside Cloud Attack Paths End-to-End Adversary Simulation
byMauricio Velazco
 
PDF
Session 7 Specialized AI Associate Series: UiPath Communications Mining Overview
byDianaGray10
 
PDF
Poster: Generalizable Image Repair for Robust Visual Control
byIvan Ruchkin
 
PDF
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
PDF
CymruSec 2025 - Wales' Inaugural Cyber Summit
byRay Bugg
 
ZGC: A Decade of Innovation by Stefan Johansson
byScyllaDB
 
ClipsField AI - Transform Static Images Into Cinematic Videos in Minutes.pdf
bySOFTTECHHUB
 
xCapture v3: Efficient, Always-On Thread Level Observability with eBPF by Tan...
byScyllaDB
 
AWS Community Day Indonesia 2025 - Attack the Cloud Before Attackers Do Build...
byMuhammad Yuga Nugraha
 
Formula 3 - MACO using general limit.docx
byMarkus Janssen
 
Artificial Intelligence lecture slides.pptx
bymaimelabernard6
 
Enterprise Architecture for Microsoft 365: From Vision to Value
bySimon Denton
 
AI Enabled Task Automation Technology Trends in the IT Industry
byManish Chopra
 
Taming Time in PHP: Best Practices and Gotchas at Longhorn PHP 2025
byScott Keck-Warren
 
Generation Data Sets - Unique, Useful... Understandable?.pdf
byPrecisely
 
n8n - Next Generation Workflow Automation with Open Source
byDaisuke Masuda
 
Autonomous Convoy Routing via Drone Swarms and Multi-Modal Threat Detection
byIvan Ruchkin
 
Stop Worrying, Start Wiring: Azure Serverless for the AI Era
byMuralidharan Deenathayalan
 
ScalaF: Functional Refactoring and Automated Code Transformations
byhelloshrikha
 
Energia Nowa and byteLAKE Partner to Develop Intelligent Services for Energy ...
bybyteLAKE
 
BSides NYC 2025: Inside Cloud Attack Paths End-to-End Adversary Simulation
byMauricio Velazco
 
Session 7 Specialized AI Associate Series: UiPath Communications Mining Overview
byDianaGray10
 
Poster: Generalizable Image Repair for Robust Visual Control
byIvan Ruchkin
 
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
CymruSec 2025 - Wales' Inaugural Cyber Summit
byRay Bugg
 

Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline Your Infrastructure Deployments

  • 1.
    1#GitLabCommit How Containerized GitLabCI Pipelines Can Help You Streamline Your Infrastructure Deployments
  • 2.
    2#GitLabCommit Senior Consultant @panagenda. Blogger, speaker. IBM Cloud Champion & Docker Community Leader. Loves K8s, containers & automation. His desk is a ping pong table. Nico Meisenzahl @nmeisenzahl https://meisenzahl.org nico@meisenzahl.org https://panagenda.com/modernization nico.meisenzahl@panagenda.com
  • 3.
    3#GitLabCommit ● Infrastructure-as-Code recap ●where containerized pipelines can help ● how to get started Agenda
  • 4.
    4#GitLabCommit ● everything iscode ● Git as single source of truth ● reproducible & declarable ● version controlled and testable ● fully automated Infrastructure-as-Code principles
  • 5.
    5#GitLabCommit ● immutable infrastructure ●no snowflake servers ● no configuration drift ● no fragile infrastructure ● everything is documented (by itself) Infrastructure-as-Code pros
  • 6.
    6#GitLabCommit ● you shouldn’tbuild everything on your own ○ you’ll need tools that support you ● you shouldn’t run everything manually on your own machine ○ you’ll be the constraint that slows everything down ○ you’ll have tons of dependencies on your local machine ● automation is key! ○ prevent “Automation Fear” 😱 Infrastructure-as-Code pitfalls
  • 7.
    7#GitLabCommit ● for thesame reasons why you should use containers ○ isolation ○ dependencies ○ scalability ○ immutability ● example: Your new project needs Terraform 0.12, others only run with 0.11 ○ can cause dependency issues on build server and local machine ○ makes everything a lot more complex ● this example works with every tool 😉 ○ kubectl, Helm, Ansible... you name it Why should you containerize your pipeline?
  • 8.
    8#GitLabCommit ● every pipelinejob runs in a container ○ based on an image with all requirements for this single job ● GitLab Runner Kubernetes executor ○ integrates your CI/CD with Kubernetes ○ creates a pod per job based on the defined image ○ allows you to share your resources and scale your pipelines ● image builds in containers? Do I need Docker-in-Docker for that?! ○ Kaniko fixes this issue! How does it work?
  • 9.
    9#GitLabCommit ● contains everythinga single pipeline job needs ○ binaries, libraries, ... ● use a pipeline to build/rebuild it (security fixes!) ● you should define fix versions for your dependencies Pipeline job images
  • 10.
  • 11.
    11#GitLabCommit ● runs itselfin a pod ● needs to be installed in your Kubernetes Cluster ○ automatable Helm deployment ● schedules job pods ● build steps of a pipeline job ○ prepare → creates pod with build and service containers ○ pre-build → clones repo, restore cache, download artifacts ○ build → user build steps ○ post-build → creates caches and upload artifacts GitLab Runner Kubernetes executor
  • 12.
  • 13.
    13#GitLabCommit ● Docker-in-Docker hassecurity issues ○ exposing Docker daemon ○ mounting /var/lib/docker ○ privileged mode ● is part of “Knative build” ● image builds without the need of any privileges or dependencies ● runs in a container ○ http://gcr.io/kaniko-project/executor ● speed up your pipeline with build caching Kaniko - containerized image builds
  • 14.
  • 15.
  • 16.
    16#GitLabCommit ● pipeline willprovision/update an Azure Kubernetes Cluster (AKS) with all dependencies ○ Terraform is used to provision/update the cluster ○ kubectl is used to apply resources (namespaces, RBAC, pod security policy, …) ● pipeline steps ○ validate Terraform code ○ validate Kubernetes resources ○ provision/update cluster ○ apply/update Kubernetes resources Containerized Infrastructure pipeline example
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
    23#GitLabCommit ● slides →https://www.slideshare.net/nmeisenzahl ● demo projects → https://gitlab.com/gitlab-commit-demo ○ build-job-images → job images pipeline using Kaniko ○ deploy-aks → AKS IaC project with Terraform and kubectl ○ deploy-aks-with-runner → used to setup the demo env (optional) Questions? Nico Meisenzahl Senior Consultant, panagenda @nmeisenzahl https://meisenzahl.org nico@meisenzahl.org https://panagenda.com/modernization nico.meisenzahl@panagenda.com