Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Report
Share
•0 likes•156 views
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
•0 likes•156 views
Report
Share
Download to read offline
Working within a heavily regulated environment brings a special set of challenges, including increased difficulty in application scaling. In this session you will learn how you can enhance your Kubernetes CI/CD pipelines with GitLab and other open source projects. We will demonstrate practices for deployments using newer GitLab features like the Web Application Firewall for Kubernetes Ingress, and managing serverless functions with Knative. The techniques covered in this session will give you new options to streamline your Kubernetes pipelines reliably and consistently.
Recommended
More Related Content
What's hot
What's hot(20)
Similar to Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Similar to Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source(20)
![[20200720]cloud native develoment - Nelson Lin](https://cdn.slidesharecdn.com/ss_thumbnails/20200720cloudnativedeveloment-200824031228-thumbnail.jpg?width=768&fit=bounds)
More from Nico Meisenzahl
More from Nico Meisenzahl(15)
Recently uploaded
Recently uploaded(20)
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
- 1. 1#GitLabCommit Enhance Your Kubernetes CI/CD Pipelines with GitLab & Open Source
- 2. 2#GitLabCommit Nico Meisenzahl Senior Cloud & DevOps Consultant at white duck GitLab Hero & Docker Community Leader Loves Kubernetes, DevOps and Cloud @nmeisenzahl https://meisenzahl.org https://whiteduck.de nico.meisenzahl@whiteduck.de
- 3. 3#GitLabCommit How Gitlab and Open Source Can Help You Streamline Your Kubernetes CI/CD Pipelines ● move your pipeline workload into your cluster ● run container builds within your cluster ● secure your application ingress ● enhance your application deployments ● only care about your code Agenda
- 4. 4#GitLabCommit Gitlab Runner Kubernetes executor Move your pipeline workload into your cluster
- 5. 5#GitLabCommit ● allows you to ○ containerize your pipeline workload ○ share your compute and scale your pipelines ● runs inside your cluster ○ automatable Helm deployment ● runs a pod per job ○ prepare → creates pod with build and service containers ○ pre-build → clones repo, restore cache, download artifacts ○ build → user build steps ○ post-build → creates caches and upload artifacts Kubernetes executor
- 6. 6#GitLabCommit ● containerized pipeline configuration ● Kubernetes executor in action! ● https://gitlab.com/gitlab-commit-demo/containerized-appdeploy-sample Demo: Pipeline configuration
- 7. 7#GitLabCommit Kaniko Run container builds within your cluster
- 8. 8#GitLabCommit ● image builds without the need of any privileges or dependencies ● disadvantages of Docker-in-Docker ○ exposing Docker socket ○ mounting /var/lib/docker ○ privileged mode ● based on http://gcr.io/kaniko-project/executor ● use caching to speed up your pipeline Image builds with Kaniko
- 9. 9#GitLabCommit ● image build pipeline configuration ● containerized job container image ● Kaniko in action! ● https://gitlab.com/gitlab-commit-demo/containerized-jobimage-sample Demo: Image builds pipeline
- 10. 10#GitLabCommit GitLab Web Application Firewall Secure your application ingress
- 11. 11#GitLabCommit ● GitLab Web Application Firewall finds and tracks ○ SQL injection ○ cross-site scripting ● is based on Kubernetes Nginx Ingress with enabled modsecurity module ○ OWASP (Open Web Application Security Project) ModSecurity Core Ruleset ○ managed & customized by GitLab ○ defaults to detection-only mode Secure your application
- 12. 12#GitLabCommit ● GitLab Web Application Firewall in action! ● https://gitlab.com/gitlab-commit-demo/secure-ingress-sample Demo: Secure your application ingress
- 13. 13#GitLabCommit Kustomize Enhance your application deployments
- 14. 14#GitLabCommit ● do we need the advantages of Helm in a CI/CD application deployment? ○ packaging and sharing? ○ rollbacks? ○ templates? ● “Kustomize lets you customize raw, template-free YAML files for multiple purposes, leaving the original YAML untouched and usable as is” ○ no template overhead ○ no additional CLI needed ○ reduces complexity ○ just YAML ● kustomize vs kubectl apply -k Kustomize
- 16. 16#GitLabCommit Demo: How Kustomize works ● pipeline configuration with Kustomize ● Kustomize in action! ● https://gitlab.com/gitlab-commit-demo/enhanced-appdeploy-sample
- 17. 17#GitLabCommit GitLab Serverless Only care about your code
- 18. 18#GitLabCommit ● only care about your code ● Function-as-a-Service (FaaS) powered by GitLab and open source ○ based on Knative, Kaniko and Istio ○ alpha feature ● supports Go, NodeJS & Ruby ○ C#, PHP, Python via OpenFaaS integration ○ any other language via containerized serverless application ● multi-cloud support ● auto-scaling with scale to zero Only care on your business logic
- 19. 19#GitLabCommit ● configuration details ● GitLab Serverless in action! ● https://gitlab.com/gitlab-commit-demo/serverless-sample Demo: Only care about your code
- 20. 20#GitLabCommit Questions? @nmeisenzahl https://meisenzahl.org https://whiteduck.de nico.meisenzahl@whiteduck.de Slides → https://www.slideshare.net/nmeisenzahl Demos → https://gitlab.com/gitlab-commit-demo related articles/blogs: ● https://thenewstack.io/author/nico-meisenzahl/ ● https://medium.com/@nicomeisenzahl