SlideShare uma empresa Scribd logo

Introduction to GitOps

HungWei Chiu
HungWei Chiu

In this slide, we introduce the concept of the GitOps and compare it with the common CI/CD pipeline we used so far. we also demonstrate two open-source projects, ArgoCD and Flux to show what are them and how they implemented GitOps.

Software
1 de 37
Baixar para ler offline
GitOps HungWei Chiu
About Me HungWei Chiu(Hwchiu) MTS @ Open Networking Foundation (ONF) Kubernetes/Container/Linux/Network...etc Online courses in Hiskio platform Blog: https://hwchiu.com
Users Groups CNTUG (Cloud Native Taiwan User Group) Facebook: https://fb.cloudnative.tw Telegram: https://t.me/cntug Meetup: https://www.meetup.com/CloudNative-Taiwan/
Agenda Introduction to GitOps ArgoCD Flux
Build/Push/Deploy... Pipeline System(Jenkins...etc) Kuberentes Git Repo Developer Commit Push Trigger Manually Trigger Pipeline Script 1. Prepare Kubeconfig 2. Deploy to Kubernetes Deploying steps
Common Issues
Build/Push/Deploy... Pipeline System(Jenkins...etc) Kuberentes Git Repo Developer Commit Push Trigger Manually Trigger Issues 1. Prepare Kubeconfig 2. Deploy to Kubernetes Deploying steps Developer Kubectl Patch/Edit
Common Issues Reinventing the wheel when you switch to different pipeline system. Jenkins/Drone/Cloud Tools...others Security Concern of kubeconfig Private Kubernetes Cluster (without WAN access) Running state is uncontrollable.
GitOps By Weaveworks in 2017 GitOps is a way of implementing CD for cloud native applications. By using Git and Continuous Deployment tools.
Core Idea Singe source of truth: Git Repository Contains declarative manifest. An automated process to make the environment match the described state in the Git repository. Running State(In K8S) == Debited State (In Git) Deploy/Update: Update manifest in Git repository, an automated process will deal with the rest of things.
An Automated Process Kuberentes Git Repo Developer Commit Push Trigger GitOps 1. Prepare Kubeconfig 2. Deploy to Kubernetes Deploying steps Polling
An Automated Process Kuberentes Git Repo Developer Commit Push Trigger GitOps 1. Prepare Kubeconfig 2. Deploy to Kubernetes Deploying steps Polling
How GitOps Works Environment Configurations as Git repository. Two repositories: Application code / Environment manifests. Push-based/Pull-based deployment. https://www.gitops.tech/
Deployment Pipeline Kuberentes Image Registry Build Pipeline Push-Based Environment Repo Application Repo Jenkins/... Trigger Push Image Update Yaml Trigger Deploy
Push-based Deployment Deployment pipeline only is triggered when the environment repo changes. Deployment pipeline still needs environment credential Deployment pipeline can't aware any change of the environment repo automatically. If someone modify the running state (via kubectl patch/edit).
Kuberentes An Automated Process Image Registry Build Pipeline Pull-Based Environment Repo Application Repo Jenkins/... Trigger Push Image Update Yaml Observe Update Yaml (Write Back)
Pull-based Deployment I called the automated process, operator. Operator is triggered by different events. Environment repo changes. Container image change. (Optional) Operator update the Environment Repo if someone change the running state. Ensures all changes are traceable in the Git log. Operator live in the environment, no need any access credentials.
Summary GitOps is concept, not implementations Not all open source projects implemented all above features. Can I use GitOps in other environment but Kubernetes. Yes if you can find any open source project implemented it :)
Implementing Projects ArgoCD Flux Pulumi
ArgoCD A declarative, GitOps continuous delivery tool for Kubernetes. Kubernetes manifests can be specified in several ways Helm Kustomize Plain Yaml/Json
ArgoCD ArgoCD is implement3ed as a Kubernetes controller. Pull-based Observation Git repo.
Installation
https://argoproj.github.io/argo-cd/
Demo Demo Application: Simple bash container with sleep Change the number of replicas Demo Process Init Git Repo Deploy application Modify it by Kubectl Rollback from ArgoCD portal Update in Git and then upgrade app by ArgoCD
Flux Powered by Weaveworks Pull-based Observation Git repo. Docker image tag
Flux Limitation Flux can only deal with one such repo at a time Flux will ignore directories which looks like Helm Charts, to avoid applying templated YAML manifests. Use HelmRelease instead. Flux watches the annotation for plain yaml
Flux Installation
Plain Yaml Annotations Watch docker image tags Glob Regex Semver
Demo Process Install flux and check application yaml List workloads and deployed applications. Update in Git (change the number of replica) List workloads and deployed applications. Update docker image (SemVer) List workloads and deployed applications. Check GitCommit
HelmRelease CRD object describe how to deploy the Helm Chart. Specify the helm location, helm values and flux related annotations.
HelmRelease Installation
Kuberentes Helm Chart (Chart Server/Git Repo) Flux CD Pull-Based HelmRelease CRD Application Repo Jenkins/... Helm Release Pull Helm-Operator Deployment/ ConfigMap/...etc Deploy Observe
Demo Process Install CRD and helm-operator Check HelmRelease yaml List workloads and deployed applications. Update in Git (change the number of replica) List workloads and deployed applications. Update docker image (SemVer) List workloads and deployed applications. Check GitCommit
Summary GitOps -> Concept Use git repo as the single source of truth of your application manifest Implementation -> Up to you Pull/Push
Q&A

Recomendados

Learn O11y from Grafana ecosystem.
Learn O11y from Grafana ecosystem.Learn O11y from Grafana ecosystem.
Learn O11y from Grafana ecosystem.
HungWei Chiu
 
Learned from KIND
Learned from KIND Learned from KIND
Learned from KIND
HungWei Chiu
 
Debug Your Kubernetes Network
Debug Your Kubernetes NetworkDebug Your Kubernetes Network
Debug Your Kubernetes Network
HungWei Chiu
 
以 eBPF 構建一個更為堅韌的 Kubernetes 叢集
以 eBPF 構建一個更為堅韌的 Kubernetes 叢集以 eBPF 構建一個更為堅韌的 Kubernetes 叢集
以 eBPF 構建一個更為堅韌的 Kubernetes 叢集
HungWei Chiu
 
Learning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNILearning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNI
HungWei Chiu
 
Jenkins & IaC
Jenkins & IaCJenkins & IaC
Jenkins & IaC
HungWei Chiu
 
The relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRIThe relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRI
HungWei Chiu
 
Life
LifeLife
Life
HungWei Chiu
 

Recomendados

Learn O11y from Grafana ecosystem.
Learn O11y from Grafana ecosystem.Learn O11y from Grafana ecosystem.
Learn O11y from Grafana ecosystem.
HungWei Chiu
 
Learned from KIND
Learned from KIND Learned from KIND
Learned from KIND
HungWei Chiu
 
Debug Your Kubernetes Network
Debug Your Kubernetes NetworkDebug Your Kubernetes Network
Debug Your Kubernetes Network
HungWei Chiu
 
以 eBPF 構建一個更為堅韌的 Kubernetes 叢集
以 eBPF 構建一個更為堅韌的 Kubernetes 叢集以 eBPF 構建一個更為堅韌的 Kubernetes 叢集
以 eBPF 構建一個更為堅韌的 Kubernetes 叢集
HungWei Chiu
 
Learning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNILearning how AWS implement AWS VPC CNI
Learning how AWS implement AWS VPC CNI
HungWei Chiu
 
Jenkins & IaC
Jenkins & IaCJenkins & IaC
Jenkins & IaC
HungWei Chiu
 
The relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRIThe relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRI
HungWei Chiu
 
Life
LifeLife
Life
HungWei Chiu
 
Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCI
HungWei Chiu
 
IP Virtual Server(IPVS) 101
IP Virtual Server(IPVS) 101IP Virtual Server(IPVS) 101
IP Virtual Server(IPVS) 101
HungWei Chiu
 
Opentracing 101
Opentracing 101Opentracing 101
Opentracing 101
HungWei Chiu
 
iptables and Kubernetes
iptables and Kubernetesiptables and Kubernetes
iptables and Kubernetes
HungWei Chiu
 
IPTABLES Introduction
IPTABLES IntroductionIPTABLES Introduction
IPTABLES Introduction
HungWei Chiu
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch Introduction
HungWei Chiu
 
Load Balancing 101
Load Balancing 101Load Balancing 101
Load Balancing 101
HungWei Chiu
 
How Networking works with Data Science
How Networking works with Data Science How Networking works with Data Science
How Networking works with Data Science
HungWei Chiu
 
Introduction to CircleCI
Introduction to CircleCIIntroduction to CircleCI
Introduction to CircleCI
HungWei Chiu
 
Head First to Container&Kubernetes
Head First to Container&KubernetesHead First to Container&Kubernetes
Head First to Container&Kubernetes
HungWei Chiu
 
Kubernetes 1001
Kubernetes 1001Kubernetes 1001
Kubernetes 1001
HungWei Chiu
 
Application-Based Routing
Application-Based RoutingApplication-Based Routing
Application-Based Routing
HungWei Chiu
 
Build Your Own CaaS (Container as a Service)
Build Your Own CaaS (Container as a Service)Build Your Own CaaS (Container as a Service)
Build Your Own CaaS (Container as a Service)
HungWei Chiu
 
Control Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsControl Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring Us
HungWei Chiu
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes Cluster
HungWei Chiu
 
iptables 101- bottom-up
iptables 101- bottom-upiptables 101- bottom-up
iptables 101- bottom-up
HungWei Chiu
 
Overview of kubernetes network functions
Overview of kubernetes network functionsOverview of kubernetes network functions
Overview of kubernetes network functions
HungWei Chiu
 
Understand the iptables step by step
Understand the iptables step by stepUnderstand the iptables step by step
Understand the iptables step by step
HungWei Chiu
 
The basic concept of Linux FIleSystem
The basic concept of Linux FIleSystemThe basic concept of Linux FIleSystem
The basic concept of Linux FIleSystem
HungWei Chiu
 
Integration kubernetes with docker private registry
Integration kubernetes with docker private registryIntegration kubernetes with docker private registry
Integration kubernetes with docker private registry
HungWei Chiu
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
masabamasaba
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
masabamasaba
 

Mais conteúdo relacionado

Mais de HungWei Chiu

Control Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsControl Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring Us
HungWei Chiu
 

Mais de HungWei Chiu (20)

Introduction to CRI and OCI
Introduction to CRI and OCIIntroduction to CRI and OCI
Introduction to CRI and OCI
 
IP Virtual Server(IPVS) 101
IP Virtual Server(IPVS) 101IP Virtual Server(IPVS) 101
IP Virtual Server(IPVS) 101
 
Opentracing 101
Opentracing 101Opentracing 101
Opentracing 101
 
iptables and Kubernetes
iptables and Kubernetesiptables and Kubernetes
iptables and Kubernetes
 
IPTABLES Introduction
IPTABLES IntroductionIPTABLES Introduction
IPTABLES Introduction
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch Introduction
 
Load Balancing 101
Load Balancing 101Load Balancing 101
Load Balancing 101
 
How Networking works with Data Science
How Networking works with Data Science How Networking works with Data Science
How Networking works with Data Science
 
Introduction to CircleCI
Introduction to CircleCIIntroduction to CircleCI
Introduction to CircleCI
 
Head First to Container&Kubernetes
Head First to Container&KubernetesHead First to Container&Kubernetes
Head First to Container&Kubernetes
 
Kubernetes 1001
Kubernetes 1001Kubernetes 1001
Kubernetes 1001
 
Application-Based Routing
Application-Based RoutingApplication-Based Routing
Application-Based Routing
 
Build Your Own CaaS (Container as a Service)
Build Your Own CaaS (Container as a Service)Build Your Own CaaS (Container as a Service)
Build Your Own CaaS (Container as a Service)
 
Control Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsControl Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring Us
 
Automatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes ClusterAutomatically Renew Certificated In Your Kubernetes Cluster
Automatically Renew Certificated In Your Kubernetes Cluster
 
iptables 101- bottom-up
iptables 101- bottom-upiptables 101- bottom-up
iptables 101- bottom-up
 
Overview of kubernetes network functions
Overview of kubernetes network functionsOverview of kubernetes network functions
Overview of kubernetes network functions
 
Understand the iptables step by step
Understand the iptables step by stepUnderstand the iptables step by step
Understand the iptables step by step
 
The basic concept of Linux FIleSystem
The basic concept of Linux FIleSystemThe basic concept of Linux FIleSystem
The basic concept of Linux FIleSystem
 
Integration kubernetes with docker private registry
Integration kubernetes with docker private registryIntegration kubernetes with docker private registry
Integration kubernetes with docker private registry
 

Último

What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
chiefasafspells
 

Último (20)

%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 

Introduction to GitOps