Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD

Denis Maggiorotto  Sunnyvale S.r.l. Kubernetes GitOps Featuring GitHub, ArgoCD and Kustomize @Home 05/11/2020 Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD

About me Denis Maggiorotto • CTO and shareholder @ Sunnyvale S.r.l. • 20 years of experience in IT consulting • Senior Software / Enterprise Architect @ Major companies in public utility, telco, TV broadcasting and banking sector • Oracle University Principal Instructor regarding Java technologies (Micro Edition, Standard Edition and Enterprise Edition) and Oracle's middleware products. • Cloud/DevOps Engineer • Independent IT professional trainer and public speaker

What is GitOps? GitOps is a standardised workﬂow for how to deploy, conﬁgure, monitor, update and manage infrastructure-as- code Core idea is having a Git repository that contains declarative descriptions of the infrastructure desired in the production environment and an automated process to make production environment match the described state in the repository

GitOps principales • The entire system is described declaratively • The canonical desired system state is versioned (Git) • Approved changes to the desired state are (automatically) applied to the system • Software agents ensure correctness, feedback and alert on synchronizations/divergences

java-hello-world sample app WEB server is up! http://localhost:8080/greet $ java -cp "./target/libs/*:target/*" it.sunnyvale.java.helloworld.Main {"message":" World v.snapshot from host MyPCName! I'm running in local!"} $ curl -s http://localhost:8080/greet • snapshot: the running application version (env. variable) • MyPCName: the host name where the app is running • local: the environment name (env. variable)

Code Pipeline Developer Code repo (GitHub) CI/CD (GitHub Action) Docker registry Conﬁg review / Merge

java-hello-world app release Total 0 (delta 0), reused 0 (delta 0) To https://github.com/sunnyvale-academy/java-hello-world.git * [new tag] 3.0 -> 3.0 $ export TAG=3.0 && git tag $TAG && git push origin $TAG 1) Build 2) Test 3) Jar 4) Docker build 5) Docker push

Delivery process automation We automated the release process, can we automate the delivery too? Yes, with GitOps practices!

Config pipeline DevOps Config repo (GitHub) K8S native CI/CD (ArgoCD) Kubernetes Docker Registry Push / Pull request Config review / Merge Pull config Sync Pull images Slack NotifyFeedback

Conﬁg branching strategy Pull request / Merge Pull request / Merge Pull request / Merge

Multi-environment K8S manifest service-dev.yaml service-test.yaml service-prod.yaml deployment-dev.yaml deployment-test.yaml deployment-prod.yaml ingress-dev.yaml ingress-test.yaml ingress-prod.yaml configmap—dev.yaml configmap-test.yaml configmap-prod.yaml $ ls -1 java-hello-world-config … replicas: 2 … apiVersion: apps/v1 kind: Deployment metadata: name: java-hello-world spec: replicas: 0 template: spec: containers: - image: dennydgl1/java-helloworld:1.0 … Base Overlay / Patch Avoid this The ’s way $ cat overlays/deployment/deployment.yaml $ cat base/deployment.yaml

Conﬁg repo content java-hello-world-config ├── base │ ├── configmap.yaml │ ├── deployment.yaml │ ├── kustomization.yaml │ └── service.yaml └── overlays ├── development │ ├── application.yaml │ ├── deployment-patch.yaml │ ├── env.properties │ ├── ingress.yaml │ ├── kustomization.yaml │ └── namespace.yaml ├── production │ ├── application.yaml │ ├── deployment-patch.yaml │ ├── env.properties │ ├── ingress.yaml │ ├── kustomization.yaml │ └── namespace.yaml └── staging ├── application.yaml ├── deployment-patch.yaml ├── env.properties ├── ingress.yaml ├── kustomization.yaml └── namespace.yaml $ tree java-hello-world-config Base Development overlay Production overlay Staging overlay Base dir contains the “base” manifests Each overlay contains the base manifests' specialisation for the environment (dev, staging, prod). Specialisation means only the differences against the one in base. Thanks to Kustomize we beneﬁt from manifest code reuse between environments!

Release 3.0 in development env $ git checkout master $ git branch feature-30 $ perl -p -i -e 's/newTag: "2.1"/newTag: "3.0"/g' overlay/developmnt/ kustomization.yaml $ git add . && git commit -m "Release 3.0" && git push $ git checkout master $ git merge feature-30 master branchdevelopment branch Pull request / Merge (1) Change the app release for dev env (2) Actuate changes on the environment

Desired state to actual state sync Argo CD follows the GitOps pattern of using Git repositories as the source of truth for deﬁning the desired application state on K8S. Kubernetes manifests can be speciﬁed in several ways, Kustomize is one of them! Argo CD pulls a Git branch and synchronise the app in K8S accordingly.

Release 3.0 in development env

Get feedbacks from the infrastructure Argo CD integrates with Slack and send you messages about synchronisations it makes

Release 3.0 in development env { "message":"Hello World v.3.0 from host development- java-hello-world-59dfb6b554-mz4qs! I'm running in development!” } $ curl -s http://development.app.127-0-0-1.nip.io/greet

Rollback 2.1 in development env

GitOps beneﬁts • Auditing and attribution • Separation of concerns • No crossing security boundary • Process & constraints enforcement • Great software human collaboration point • Easy to validate for correctness (policies) • System can self heal

https://github.com/sunnyvale-academy/java-hello-world https://github.com/sunnyvale-academy/java-hello-world-conﬁg Source code is available on GitHub

• https://www.gitops.tech • https://github.com/weaveworks/awesome-gitops • https://thenewstack.io/what-is-gitops-and-why-it-might-be-the-nextbig-thing-for-devops/ Resources

Thanks! github.com/denismaggior8 Denis Maggiorotto denis.maggiorotto@sunnyvale.it www.linkedin.com/in/denismaggiorotto twitter.com/denismaggior8 github.com/sunnyvale-academy github.com/sunnyvale-it

Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD

More Related Content

What's hot

Similar to Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD

More from Sunnyvale

Recently uploaded

In this document

Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD