SlideShare uma empresa Scribd logo

Simplifying Hybrid EKS

Weaveworks
Weaveworks

simplifying Hybrid Kubernetes with Weaveworks and EKS

Software
1 de 23
Baixar para ler offline
1 Confidential do not distribute 1 April 2022 Simplifying Hybrid Kubernetes with Weaveworks and EKS Leonardo Murillo Principal Partner Solutions Architect, Weaveworks @murillodigital ⬝ leonardo@weave.works
2 Confidential do not distribute 2 Leo brings wide-ranging industry perspective, with over 20 years of experience building technology and leading teams all the way from Startups to Fortune 500s. He is passionate about cloud native technologies, organizational transformation and open source. As former CTO of Qwinix Technologies he lead worldwide teams building cloud native software for large enterprises. In his role as Principal Partner Solutions Architect at Weaveworks, he focuses on helping solve application and infrastructure delivery challenges on Kubernetes at scale. Leonardo Murillo Principal Partner Solutions Architect, Weaveworks @murillodigital ⬝ leonardo@weave.works
3 Confidential do not distribute 3 What we’ll talk about today ● The GitOps Principles ● How GitOps helps with ○ Increasing Kubernetes reliability ○ Recovering EKS clusters in case of disaster ○ Governance, risk and compliance ● Hybrid Kubernetes simplified by GitOps ● EKS as foundation for Hybrid Solutions ● GitOps, development and the SDLC of containerized workloads on Kubernetes
4 Confidential do not distribute 4 The GitOps Principles
5 Confidential do not distribute 5 The GitOps Principles Declarative configuration only describes, it does not provide instructions the way imperative systems do. 1
6 Confidential do not distribute 6 The GitOps Principles State does not change, it evolves. The only way to introduce changes to the description is creating a new version. 2
7 Confidential do not distribute 7 The GitOps Principles Declared state is automatically pulled, there is no external push into the target system. 3
8 Confidential do not distribute 8 The GitOps Principles State is maintained at all times, and all necessary actions are abstracted by the agents that interpret it. 4
9 Confidential do not distribute 9 How does Weave GitOps apply these principles Kubernetes manifests as declarative configuration Weave GitOps Watches the repository and agents continuously introspect the runtime state and reconcile it with the described configuration Stored in Git, every change producing a new unique version that is immutable
10 Confidential do not distribute 10 How does Weave GitOps apply these principles The same pattern applies for applications and infrastructure. You can create and operate many clusters from a management cluster using declarative configuration and Weave GitOps continuous reconciliation. “Leaf Clusters” can run EKS in AWS, or EKS Distro anywhere else!
11 Confidential do not distribute 11 Declarative EKS Provisioning Cluster Provider Describes the configuration of the cluster, not the actions or resources specific to satisfy that desired state within a specific infrastructure provider Interprets the cluster configuration and takes the necessary, infrastructure specific actions, required to materialize that desired state. Provisioning complexity is abstracted away. Cluster configuration is generically applicable. Declare once, apply everywhere (see the value to hybrid?)
12 Confidential do not distribute 12 Continuous Reconciliation towards Reliability Reliability: Probability that a system performs correctly during a specific time duration. Probability that a system performs correctly a user will receive the expected and acceptable experience during a specific time duration. (Think error budgets and site reliability engineering) What’s one of the easiest ways to guarantee low error budgets and satisfactory availability? Automate: deployment, scaling and recovery. An agent’s continuous reconciliation process does just that.
13 Confidential do not distribute 13 Continuous Reconciliation towards Reliability Update Kubernetes Objects Pods Services Watch Watch Update Controller System Resources Containers Volume iptables rules
14 Confidential do not distribute 14 GitOps and Disaster Recovery Your entire system is declared in a versioned and immutable source of truth. (Entire system = infrastructure, applications, cloud resources, everything) Using GitOps, disaster recovery means small configuration changes if necessary to apply the full desired state to a new provider or region. This may not even be necessary if disruption is not as vast that the recovery itself did not happen fully automatically by the GitOps Reconciliation Loop. 1 2
15 Confidential do not distribute 15 GitOps and Disaster Recovery Pull makes it easier Since the target environments are pulling configuration from a source of truth, access controls and network permissions are dramatically simplified, no need to punch holes into new environments or handle ad-hoc credentials What about data? You will still need to apply best practices in terms of data backups and replication! 3 4
16 Confidential do not distribute 16 Environment Consistency and HA The boundary between cluster and underlying provider allows you to create consistent environments in terms of configuration, while freely switching the underlying infrastructure provider. It also becomes simpler to establish redundancy and high availability, by applying the same configuration to multiple providers or across regions within the same infrastructure provider. Scalability becomes part of your described desired state, covering workloads (using Kubernetes native objects such as Deployments) as well as the clusters themselves (using Cluster Auto Scaler)
17 Confidential do not distribute 17 Immutability and traceability towards compliance By using Git, every change applied to a system can be uniquely identified. Each identifier is tied to a specific user, and it represents the unique and immutable state at a point in time. This has worked wonderfully in application development and with GitOps it applies to entire systems.
18 Confidential do not distribute 18 Immutability and traceability towards compliance What about compliance? Declarative policy will continuously inspect and validate runtime, and reject, notify or otherwise take actions to guarantee compliance.
19 Confidential do not distribute 19 How does this all tie together for simple Hybrid EKS?
20 Confidential do not distribute 20 The relevance of EKS (Managed, Distro, Anywhere) ● Observe ● Upgrade ● Patch ● Secure Kubernetes does around 3 releases a year, your chosen distro will need to track them. Picking a Kubernetes distribution is critical towards reducing complexity down the road. Once your cluster(s) are running, you will need to: EKS Distro gives you a common Kubernetes platform with secure opinions and built for scale, that you can run across any target environments
21 Confidential do not distribute 21 Delivering Workloads to Hybrid Environments Development Team Autonomy Release Promotion Environment Security Advanced Delivery Pattern
22 22 1. Whitepaper: Best Practices for Hybrid Cloud Kubernetes with EKS and Weave GitOps https://bit.ly/hybrid-EKS 2. Contact us for a demo: sales@weave.works 3. Join other events with us: www.weave.works/events Thank You
23 Confidential do not distribute 2 3 www.weave.works Thanks

Recomendados

DX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesDX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in Kubernetes
Weaveworks
 
GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...
Weaveworks
 
Whitepaper automating kuberneteswithgitops 1
Whitepaper automating kuberneteswithgitops 1Whitepaper automating kuberneteswithgitops 1
Whitepaper automating kuberneteswithgitops 1
Kenneth Nnadikwe
 
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
Weaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Weaveworks
 
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
Weaveworks
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Weaveworks
 
Continuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event KeynoteContinuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event Keynote
Weaveworks
 

Recomendados

DX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in KubernetesDX, Guardrails, Golden Paths & Policy in Kubernetes
DX, Guardrails, Golden Paths & Policy in Kubernetes
Weaveworks
 
GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...GitOps - Modern best practices for high velocity app dev using cloud native t...
GitOps - Modern best practices for high velocity app dev using cloud native t...
Weaveworks
 
Whitepaper automating kuberneteswithgitops 1
Whitepaper automating kuberneteswithgitops 1Whitepaper automating kuberneteswithgitops 1
Whitepaper automating kuberneteswithgitops 1
Kenneth Nnadikwe
 
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
Weaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Weaveworks
 
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
Weaveworks
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Weaveworks
 
Continuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event KeynoteContinuous Lifecycle London 2018 Event Keynote
Continuous Lifecycle London 2018 Event Keynote
Weaveworks
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
Weaveworks
 
GitOps for Consistent and Reliable Telco Operations 202209
GitOps for Consistent and Reliable Telco Operations 202209GitOps for Consistent and Reliable Telco Operations 202209
GitOps for Consistent and Reliable Telco Operations 202209
William Caban
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdf
amanmakwana3
 
GitOps is the best modern practice for CD with Kubernetes
GitOps is the best modern practice for CD with KubernetesGitOps is the best modern practice for CD with Kubernetes
GitOps is the best modern practice for CD with Kubernetes
Volodymyr Shynkar
 
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityHardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Weaveworks
 
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
William Caban
 
Stop Caring About Kubernetes
Stop Caring About KubernetesStop Caring About Kubernetes
Stop Caring About Kubernetes
David Lewis
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang Nguyen
Trang Nguyen
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Weaveworks
 
GitOps 101 Presentation.pdf
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdf
ssuser31375f
 
Cloud Native Apps with GitOps
Cloud Native Apps with GitOps Cloud Native Apps with GitOps
Cloud Native Apps with GitOps
Weaveworks
 
Introduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud NativeIntroduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud Native
Terry Wang
 
Kubernetes Cheatsheet
Kubernetes CheatsheetKubernetes Cheatsheet
Kubernetes Cheatsheet
Alex Hisaka
 
GitOps and Kubernetes: a radical idea
GitOps and Kubernetes: a radical ideaGitOps and Kubernetes: a radical idea
GitOps and Kubernetes: a radical idea
Manning Publications
 
Speed & Agility of Innovation with Docker & Kubernetes
Speed & Agility of Innovation with Docker & KubernetesSpeed & Agility of Innovation with Docker & Kubernetes
Speed & Agility of Innovation with Docker & Kubernetes
ICS
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOps
Opsta
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Weaveworks
 
Weave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any KubernetesWeave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any Kubernetes
Weaveworks
 
Get started with gitops and flux
Get started with gitops and fluxGet started with gitops and flux
Get started with gitops and flux
LibbySchulze1
 
Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)
Weaveworks
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)
Weaveworks
 

Mais conteúdo relacionado

Semelhante a Simplifying Hybrid EKS

Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
Weaveworks
 
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityHardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Weaveworks
 
Stop Caring About Kubernetes
Stop Caring About KubernetesStop Caring About Kubernetes
Stop Caring About Kubernetes
David Lewis
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang Nguyen
Trang Nguyen
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Weaveworks
 
Cloud Native Apps with GitOps
Cloud Native Apps with GitOps Cloud Native Apps with GitOps
Cloud Native Apps with GitOps
Weaveworks
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Weaveworks
 
Weave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any KubernetesWeave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any Kubernetes
Weaveworks
 

Semelhante a Simplifying Hybrid EKS (20)

Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
 
GitOps for Consistent and Reliable Telco Operations 202209
GitOps for Consistent and Reliable Telco Operations 202209GitOps for Consistent and Reliable Telco Operations 202209
GitOps for Consistent and Reliable Telco Operations 202209
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdf
 
GitOps is the best modern practice for CD with Kubernetes
GitOps is the best modern practice for CD with KubernetesGitOps is the best modern practice for CD with Kubernetes
GitOps is the best modern practice for CD with Kubernetes
 
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityHardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
 
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
 
Stop Caring About Kubernetes
Stop Caring About KubernetesStop Caring About Kubernetes
Stop Caring About Kubernetes
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang Nguyen
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
 
GitOps 101 Presentation.pdf
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdf
 
Cloud Native Apps with GitOps
Cloud Native Apps with GitOps Cloud Native Apps with GitOps
Cloud Native Apps with GitOps
 
Introduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud NativeIntroduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud Native
 
Kubernetes Cheatsheet
Kubernetes CheatsheetKubernetes Cheatsheet
Kubernetes Cheatsheet
 
GitOps and Kubernetes: a radical idea
GitOps and Kubernetes: a radical ideaGitOps and Kubernetes: a radical idea
GitOps and Kubernetes: a radical idea
 
Speed & Agility of Innovation with Docker & Kubernetes
Speed & Agility of Innovation with Docker & KubernetesSpeed & Agility of Innovation with Docker & Kubernetes
Speed & Agility of Innovation with Docker & Kubernetes
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOps
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and Linkerd
 
Weave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any KubernetesWeave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any Kubernetes
 
Get started with gitops and flux
Get started with gitops and fluxGet started with gitops and flux
Get started with gitops and flux
 

Mais de Weaveworks

Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)
Weaveworks
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Weaveworks
 
Six Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform Engineering
Weaveworks
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
Weaveworks
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Weaveworks
 
Flux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIFlux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCI
Weaveworks
 
How to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy CatastrophesHow to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy Catastrophes
Weaveworks
 
Building internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsBuilding internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOps
Weaveworks
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdf
Weaveworks
 
Implementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancy
Weaveworks
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Weaveworks
 
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Weaveworks
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and Cilium
Weaveworks
 

Mais de Weaveworks (20)

Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
 
Six Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform Engineering
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
 
Flux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIFlux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCI
 
How to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy CatastrophesHow to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy Catastrophes
 
Building internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsBuilding internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOps
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdf
 
Implementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancy
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSAccelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
 
The Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCFThe Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCF
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdfFlux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdf
 
Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension
 
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and Cilium
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdf
 
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdfSimplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
 

Último

Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
VictorSzoltysek
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 

Último (20)

WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 

Simplifying Hybrid EKS

  • 1. 1 Confidential do not distribute 1 April 2022 Simplifying Hybrid Kubernetes with Weaveworks and EKS Leonardo Murillo Principal Partner Solutions Architect, Weaveworks @murillodigital ⬝ leonardo@weave.works
  • 2. 2 Confidential do not distribute 2 Leo brings wide-ranging industry perspective, with over 20 years of experience building technology and leading teams all the way from Startups to Fortune 500s. He is passionate about cloud native technologies, organizational transformation and open source. As former CTO of Qwinix Technologies he lead worldwide teams building cloud native software for large enterprises. In his role as Principal Partner Solutions Architect at Weaveworks, he focuses on helping solve application and infrastructure delivery challenges on Kubernetes at scale. Leonardo Murillo Principal Partner Solutions Architect, Weaveworks @murillodigital ⬝ leonardo@weave.works
  • 3. 3 Confidential do not distribute 3 What we’ll talk about today ● The GitOps Principles ● How GitOps helps with ○ Increasing Kubernetes reliability ○ Recovering EKS clusters in case of disaster ○ Governance, risk and compliance ● Hybrid Kubernetes simplified by GitOps ● EKS as foundation for Hybrid Solutions ● GitOps, development and the SDLC of containerized workloads on Kubernetes
  • 4. 4 Confidential do not distribute 4 The GitOps Principles
  • 5. 5 Confidential do not distribute 5 The GitOps Principles Declarative configuration only describes, it does not provide instructions the way imperative systems do. 1
  • 6. 6 Confidential do not distribute 6 The GitOps Principles State does not change, it evolves. The only way to introduce changes to the description is creating a new version. 2
  • 7. 7 Confidential do not distribute 7 The GitOps Principles Declared state is automatically pulled, there is no external push into the target system. 3
  • 8. 8 Confidential do not distribute 8 The GitOps Principles State is maintained at all times, and all necessary actions are abstracted by the agents that interpret it. 4
  • 9. 9 Confidential do not distribute 9 How does Weave GitOps apply these principles Kubernetes manifests as declarative configuration Weave GitOps Watches the repository and agents continuously introspect the runtime state and reconcile it with the described configuration Stored in Git, every change producing a new unique version that is immutable
  • 10. 10 Confidential do not distribute 10 How does Weave GitOps apply these principles The same pattern applies for applications and infrastructure. You can create and operate many clusters from a management cluster using declarative configuration and Weave GitOps continuous reconciliation. “Leaf Clusters” can run EKS in AWS, or EKS Distro anywhere else!
  • 11. 11 Confidential do not distribute 11 Declarative EKS Provisioning Cluster Provider Describes the configuration of the cluster, not the actions or resources specific to satisfy that desired state within a specific infrastructure provider Interprets the cluster configuration and takes the necessary, infrastructure specific actions, required to materialize that desired state. Provisioning complexity is abstracted away. Cluster configuration is generically applicable. Declare once, apply everywhere (see the value to hybrid?)
  • 12. 12 Confidential do not distribute 12 Continuous Reconciliation towards Reliability Reliability: Probability that a system performs correctly during a specific time duration. Probability that a system performs correctly a user will receive the expected and acceptable experience during a specific time duration. (Think error budgets and site reliability engineering) What’s one of the easiest ways to guarantee low error budgets and satisfactory availability? Automate: deployment, scaling and recovery. An agent’s continuous reconciliation process does just that.
  • 13. 13 Confidential do not distribute 13 Continuous Reconciliation towards Reliability Update Kubernetes Objects Pods Services Watch Watch Update Controller System Resources Containers Volume iptables rules
  • 14. 14 Confidential do not distribute 14 GitOps and Disaster Recovery Your entire system is declared in a versioned and immutable source of truth. (Entire system = infrastructure, applications, cloud resources, everything) Using GitOps, disaster recovery means small configuration changes if necessary to apply the full desired state to a new provider or region. This may not even be necessary if disruption is not as vast that the recovery itself did not happen fully automatically by the GitOps Reconciliation Loop. 1 2
  • 15. 15 Confidential do not distribute 15 GitOps and Disaster Recovery Pull makes it easier Since the target environments are pulling configuration from a source of truth, access controls and network permissions are dramatically simplified, no need to punch holes into new environments or handle ad-hoc credentials What about data? You will still need to apply best practices in terms of data backups and replication! 3 4
  • 16. 16 Confidential do not distribute 16 Environment Consistency and HA The boundary between cluster and underlying provider allows you to create consistent environments in terms of configuration, while freely switching the underlying infrastructure provider. It also becomes simpler to establish redundancy and high availability, by applying the same configuration to multiple providers or across regions within the same infrastructure provider. Scalability becomes part of your described desired state, covering workloads (using Kubernetes native objects such as Deployments) as well as the clusters themselves (using Cluster Auto Scaler)
  • 17. 17 Confidential do not distribute 17 Immutability and traceability towards compliance By using Git, every change applied to a system can be uniquely identified. Each identifier is tied to a specific user, and it represents the unique and immutable state at a point in time. This has worked wonderfully in application development and with GitOps it applies to entire systems.
  • 18. 18 Confidential do not distribute 18 Immutability and traceability towards compliance What about compliance? Declarative policy will continuously inspect and validate runtime, and reject, notify or otherwise take actions to guarantee compliance.
  • 19. 19 Confidential do not distribute 19 How does this all tie together for simple Hybrid EKS?
  • 20. 20 Confidential do not distribute 20 The relevance of EKS (Managed, Distro, Anywhere) ● Observe ● Upgrade ● Patch ● Secure Kubernetes does around 3 releases a year, your chosen distro will need to track them. Picking a Kubernetes distribution is critical towards reducing complexity down the road. Once your cluster(s) are running, you will need to: EKS Distro gives you a common Kubernetes platform with secure opinions and built for scale, that you can run across any target environments
  • 21. 21 Confidential do not distribute 21 Delivering Workloads to Hybrid Environments Development Team Autonomy Release Promotion Environment Security Advanced Delivery Pattern
  • 22. 22 22 1. Whitepaper: Best Practices for Hybrid Cloud Kubernetes with EKS and Weave GitOps https://bit.ly/hybrid-EKS 2. Contact us for a demo: sales@weave.works 3. Join other events with us: www.weave.works/events Thank You
  • 23. 23 Confidential do not distribute 2 3 www.weave.works Thanks