Download as PDF, PPTX
More Related Content
Similar to A Unified Process for Code and Configuration in Kubernetes
A Unified Process for Code and Configuration in Kubernetes
- 1. INFRASTRUCTURE CHANGES & DEPLOYMENTS INONE FLOW September 2020 With ArgoCD & Helm
- 2. ABOUT ME • Softwaredeveloper for 10+ years in various teams • 6 years at Riskified • 2 years as a cloud platform developer • Design of the developers experience • Leads the DevOps Culture • Argo community member
- 3. AGENDA Deployment vs Infrastructure ArgoCD- Change process Helm - Learning curve ArgoCD & Helm The unified process Knowledge sharing
- 4. DEPLOYMENT VS INFRASTRUCTURE DEPLOYINFRASTRUCTURE Owner Developers Operations DEPLOY INFRASTRUCTURE Owner Developers Operations Process GitOps ClickOps, ScriptOps Versions Supported - Rollback Supported ? DEPLOY INFRASTRUCTURE Owner Developers Operations Process GitOps ClickOps, ScriptOps Versions Supported - Rollback Supported ? Trusted process Untrusted process
- 5. FROM UNTRUSTED TO TRUSTED PROCESS Better Process ●Understand the changes ● Monitor ● Versioned ● Rollback Knowledge ● Reduce the learning curve ● Provide resources for advance learning ● A sharing process (training, paring)
- 6. Approved Customer places an order Payment gateway authorization Riskified’s fraudreview Capture funds & fulfill order Chargeback Declined Riskified develops powerful machine-learning algorithms that recognize legitimate customers
- 7. Recover Auth Rate Optimization Bank Relationships DecoAccount Protection Chargeback Guarantee Representment FraudReviewCheckout Authorization Capture/DeclineLogin END-TO-END SOLUTION
- 8. AGENDA Deployment vs Infrastructure ArgoCD- Change process Helm - Learning curve ArgoCD & Helm The unified process Knowledge sharing
- 9. ARGOCD • GitOps continuous deliverytool • CNCF Incubating Project • Controller / git watcher • Supports multiple templating tools User-declared desired state K8s clusterArgoCD Git repo $ helm template Templated yamls Compare $ kubectl apply Observe
- 10.
- 12. ARGOCD IN DEPTH ApplicationCRD Application metadata 01 02 Project CRD Group applications ArgoCD instances One / Multiple 03 04 App of Apps Design Pattern
- 13.
- 14. 02 PROJECT CRD • Groupapplications • RBAC • One per namesapce Application Project = Namespace
- 15. 02 PROJECT CRD • Groupapplications • RBAC • One per namesapce Application Project = Namespace
- 16. 03 ARGOCD INSTANCES Resource overhead Isolations -different environments One Per Cluster Different application per cluster Easier permissions management One For All / One Per Environment
- 17. 04 App of Apps •Declarative application and projects • GitOps to the whole cluster • One health status for the whole cluster
- 18. AGENDA Deployment vs Infrastructure ArgoCD- Change process Helm - Learning curve ArgoCD & Helm The unified process Knowledge sharing
- 19. LEARNING CURVE -THE PROBLEM
- 20. LEARNING CURVE - THE PROBLEM Deployment ●Liveness ● Readiness ● Strategy ● Node affinity Service Service account Secret Volume PDB HPA VPA Ingress ...
- 21. Helm is apackage manager ● Template yaml ● Manage applications CNCF graduated project helm.sh HELM
- 22.
- 23. HELM ABSTRACT CHART Internal helm charts ●Template the common use case ● Reduce the learning curve ● Clear extension point ● Platform API
- 24.
- 25.
- 26. HELM ABSTRACT CHART Mandatoryvalue Default value
- 27. HELM ABSTRACT CHART- USE CASE chart.yaml
- 28. HELM ABSTRACT CHART- USE CASE chart.yaml Require our chart
- 29. HELM ABSTRACT CHART- USE CASE values.yamlchart.yaml
- 30. HELM ABSTRACT CHART- USE CASE values.yaml Extensiblechart.yaml
- 31. A MORE COMPLICATED EXAMPLE Vault isa secrete manger ● Environment variables ● Files ● In-cluster service with admission webhook HashiCorp vaultproject.io
- 32. VAULT - AMORE COMPLICATED EXAMPLE
- 33. VAULT - AMORE COMPLICATED EXAMPLE
- 34. For The user- 2 lines VAULT - A MORE COMPLICATED EXAMPLE values.yaml
- 35. • Semantic versioning •Change Log 1 . 2 . 3 ● One every quarter ● Change Instructions ABSTRACT CHARTS IS THE PLATFORM API Major incompatible API changes Minor New features Patch Bug fix
- 36. • Semantic versioning •Change Log 01 New objects should be added only when absolutely necessary by more than one consumer 02 Variable name should be in camelCase ABSTRACT CHARTS IS THE PLATFORM API • Guidelines
- 37. AGENDA Deployment vs Infrastructure ArgoCD- Change process Helm - Learning curve ArgoCD & Helm The unified process Knowledge sharing
- 38. One application forall the application APP OF APPS
- 39. One application forall the application APPS OF APPS
- 40. GLOBAL PARAMETERS • Template cluster/ environment parameters • Examples: cluster name, security groups application.yaml values-staging.yamlIn the abstract Helm chart
- 41. AGENDA Deployment vs Infrastructure ArgoCD- Change process Helm - Learning curve ArgoCD & Helm The unified process Knowledge sharing
- 42. THE UNIFIED PROCESS CI Mergecode to main CI Trigger Build & Publish Force Sync02 Pull View Diff & Sync 02 Apply Unified Process 03 Update the tag value Infrastructure Change Merge code to main 01 01
- 43. AGENDA Deployment vs Infrastructure ArgoCD- Change process Helm - Learning curve ArgoCD & Helm The unified process Knowledge sharing
- 44. Knowledge sharing process Workshop Create anddeploy a new service 101 Sessions First training for all teams Communication New features and releases, and how developers can use them Paring 1X1 time. Answer questions, help make the application cloud native Slack Create community with dedicated channels
- 45. DEPLOYMENT VS INFRASTRUCTURE DEPLOYINFRASTRUCTURE Owner Developers Developers Process GitOps GitOps Versions Supported Supported Rollback Supported Supported Trusted process Trusted process
- 46. Thank you for yourtime! Omer Kahani Twitter: @OmerKahani Email: omer@riskified.com DevOps World (September 23) https://tinyurl.com/yxl2xwpx Find out more https://medium.com/@kahaniomer https://medium.com/riskified-technology