Jerry Jalava, profile picture
Uploaded byJerry Jalava
190 views

Ci/CD - Stop wasting time, Automate your deployments

- Using CI/CD (continuous integration and continuous delivery) automates deployments and saves time and money while improving reliability. - There are multiple CI/CD tool options with different capabilities for source code management, target systems like Kubernetes, and deployment approaches. Consider your specific code, infrastructure, and deployment needs. - Google Cloud Build is demonstrated for automating builds, tests, and deployments to Cloud Run and Kubernetes Engine from source code in a Git repository with triggers on code changes.

Software
Related topics:
Google Cloud Platform CI/CD

Embed presentation

Download to read offline
Stop wasting time Automate your deployments Jerry Jalava Cloud GDE Helsinki @W_I
“Companies waste $300 Billion of developer productivity every year” “Developers spend 42% of their time on code maintenance” - Stripe (The Developer Coefficient study)
Using CI/CD Saves you time and money, brings reliability and trust
Essentially it means this Picture from "Setting up GitLab CI/CD for Android projects"
Multiple options Landscape of CI/CD tools The number of different CI/CD tools and solutions have grown rapidly in the past years
CNCF Product listing today
● Source code location(s) Github, Gitlab, Cloud Source ● Target systems Kubernetes, Cloud Run, VMs ● Target Environments Development, Testing, Staging, QA, Production Your solution needs may vary Not all projects are created equal ● Code structure Multiple repos, Monorepo ● Deployment tooling Helm charts, Chef, etc. ● And so on...
● Keep your Pipelines fast ● Run the Fastest Tests Early ● Run tests locally before committing ● Think about your branches ● Secure and Isolate your CI/CD environment ● Allow Production deployments only through CI/CD ● If the process is painful, you are doing it wrong! Some key things to consider Your solution needs may vary
Demo time Let’s start with Cloud Build
Tools we will be using Google Cloud Build Cloud Build lets you build software quickly across all languages. Get complete control over defining custom workflows for building, testing, and deploying across multiple environments such as VMs, serverless, Kubernetes, or Firebase. Pricing: 120 min/day free (10 concurrent builds), $0.003 per minute https://cloud.google.com/cloud-build https://github.com/GoogleCloudPlatform/cloud-builders-community
Performance tweaks Best practices for speeding up builds Build leaner containers https://cloud.google.com/cloud-build/docs/building-leaner-containers Use Kaniko cache (in demo) Use a cached Docker image (in demo) Use custom virtual machine sizes (Defaults to 2 high-CPU VMs) Avoid uploading of unnecessary files (.gcloudignore)
Architecture
# Create Build project and Enable Billing $ gcloud projects create $BUILD_PROJECT_ID $ gcloud --quiet beta billing projects link $BUILD_PROJECT_ID --billing-account $BILLING_ID # Enable APIs in the build project $ ENABLE_APIS=( "cloudresourcemanager.googleapis.com" "servicemanagement.googleapis.com" "sourcerepo.googleapis.com" "cloudbuild.googleapis.com" "run.googleapis.com" "containerregistry.googleapis.com" ) $ gcloud services enable --project=$BUILD_PROJECT_ID ${ENABLE_APIS[@]} Preparations
DEMO https://github.com/jerryjj/gdg-cicd-presentation demos/cloudbuild-std/README.md & demos/cb-trigger-demo/README.md
Deploy to environment Google Cloud Repository, Google Cloud Run - Prepare projects - Setup repository - Setup Cloud Trigger - Check the Magic
Architecture
# Create Deploy project and Enable Billing $ gcloud projects create $DEPLOY_PROJECT_ID $ gcloud --quiet beta billing projects link $DEPLOY_PROJECT_ID --billing-account $BILLING_ID # Enable APIs in the build project $ ENABLE_APIS=( "cloudresourcemanager.googleapis.com" "compute.googleapis.com" "container.googleapis.com" "run.googleapis.com" "storage-api.googleapis.com" "servicenetworking.googleapis.com" ) $ gcloud services enable --project=$DEPLOY_PROJECT_ID ${ENABLE_APIS[@]} Preparations
# Create Cloud Repository $ gcloud source repos create cb-deploy-run --project $BUILD_PROJECT_ID # Allow Cloud Run to fetch containers from Build Project $ DEPLOY_PROJECT_NUMBER=$(gcloud projects describe $DEPLOY_PROJECT_ID --format='value(projectNumber)') $ RUN_SA_EMAIL="service-$DEPLOY_PROJECT_NUMBER@serverless-robot-prod.iam.gserviceaccount.com" $ BUCKET_PATH="gs://eu.artifacts.$BUILD_PROJECT_ID.appspot.com" $ gsutil iam ch serviceAccount:$RUN_SA_EMAIL:objectViewer $BUCKET_PATH # Allow Cloud Build to deploy to Cloud Run on Deploy Project $ BUILD_PROJECT_NUMBER=$(gcloud projects describe $BUILD_PROJECT_ID --format='value(projectNumber)') $ CB_SA_EMAIL="$BUILD_PROJECT_NUMBER@cloudbuild.gserviceaccount.com" $ COMPUTE_SA_EMAIL="$DEPLOY_PROJECT_NUMBER-compute@developer.gserviceaccount.com" $ gcloud projects add-iam-policy-binding $DEPLOY_PROJECT_ID --member=serviceAccount:$CB_SA_EMAIL --role roles/run.admin $ gcloud iam service-accounts add-iam-policy-binding $COMPUTE_SA_EMAIL --project $DEPLOY_PROJECT_ID --member="serviceAccount:$CB_SA_EMAIL" --role=roles/iam.serviceAccountUser Preparations
DEMO https://github.com/jerryjj/gdg-cicd-presentation demos/cb-deploy-run/README.md
Deploy to environment Google Cloud Repository, Google Kubernetes Engine - Prepare projects - Setup repository - Setup Cloud Trigger - Check the Magic
Architecture
# Create GKE Cluster $ gcloud beta container clusters create "demo-cluster" --project $DEPLOY_PROJECT_ID --zone $COMPUTE_ZONE... # Set yourself as the cluster admin $ export CONTEXT=`kubectl config view | awk '{print $2}' | grep "demo-cluster" | tail -n 1` $ ACCOUNT=$(gcloud info --format='value(config.account)') $ NAME=$(echo "${ACCOUNT%@*}") $ kubectl --context $CONTEXT create clusterrolebinding $NAME-cluster-admin-binding --clusterrole=cluster-admin --user=$ACCOUNT Preparations
# Create Cloud Repository $ gcloud source repos create cb-deploy-k8s --project $BUILD_PROJECT_ID # Allow GKE to fetch containers from Build Project $ DEPLOY_PROJECT_NUMBER=$(gcloud projects describe $DEPLOY_PROJECT_ID --format='value(projectNumber)') $ GKE_SA_EMAIL="$DEPLOY_PROJECT_NUMBER-compute@developer.gserviceaccount.com" $ BUCKET_PATH="gs://eu.artifacts.$BUILD_PROJECT_ID.appspot.com" $ gsutil iam ch serviceAccount:$GKE_SA_EMAIL:objectViewer $BUCKET_PATH # Allow Cloud Build to deploy to GKE on Deploy Project $ BUILD_PROJECT_NUMBER=$(gcloud projects describe $BUILD_PROJECT_ID --format='value(projectNumber)') $ CB_SA_EMAIL="$BUILD_PROJECT_NUMBER@cloudbuild.gserviceaccount.com" $ gcloud projects add-iam-policy-binding $DEPLOY_PROJECT_ID --member=serviceAccount:$CB_SA_EMAIL --role roles/container.developer Preparations
DEMO https://github.com/jerryjj/gdg-cicd-presentation demos/cb-deploy-k8s/README.md
There is a lot more you could do Eg. GitOps-style continuous delivery with Cloud Build https://cloud.google.com/kubernetes-engine/docs/tutorials/gitops-cloud-build
Github Triggers Using the new App Triggers
DEMO https://github.com/jerryjj/gdg-cicd-presentation demos/cb-deploy-k8s/GITHUP_APP.md
This is only the beginning We have just scratched the surface
Some of the solutions I suggest looking into - Tekton https://tekton.dev/ - Jenkins X https://jenkins-x.io/ - Gitlab Kubernetes Executor - Github Actions https://github.com/features/actions - Flux https://docs.fluxcd.io/en/latest/ - Flagger https://flagger.app/
Thank You! Jerry Jalava Cloud GDE Helsinki @W_I

More Related Content

PDF
Kubernetes - Security Journey
byJerry Jalava
 
PDF
User authentication and authorizarion in Kubernetes
byNeependra Khare
 
PDF
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security
byDevOpsDays Riga
 
PDF
Kubernetes Security
byinovex GmbH
 
PPTX
Kubernetes security with AWS
byKasun Madura Rathnayaka
 
PDF
Kubernetes security and you
byKarthik Gaekwad
 
PDF
Kubernetes - security you need to know about it
byHaydn Johnson
 
PDF
Container Security Deep Dive & Kubernetes
byAqua Security
 
Kubernetes - Security Journey
byJerry Jalava
 
User authentication and authorizarion in Kubernetes
byNeependra Khare
 
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security
byDevOpsDays Riga
 
Kubernetes Security
byinovex GmbH
 
Kubernetes security with AWS
byKasun Madura Rathnayaka
 
Kubernetes security and you
byKarthik Gaekwad
 
Kubernetes - security you need to know about it
byHaydn Johnson
 
Container Security Deep Dive & Kubernetes
byAqua Security
 

What's hot

PDF
Secrets in Kubernetes
byJerry Jalava
 
PDF
Google Cloud Container Security Quick Overview
byKrishna-Kumar
 
PDF
Keeping your Kubernetes Cluster Secure
byGene Gotimer
 
PDF
Zombies in Kubernetes
byThomas Fricke
 
PDF
Cloud-native applications with Java and Kubernetes - Yehor Volkov
byKuberton
 
PDF
What is Google Cloud Good For at DevFestInspire 2021
byRobert John
 
PPTX
CloudStack vs OpenStack vs Eucalyptus: IaaS Private Cloud Brief Comparison
bybizalgo
 
PDF
Moving to Kubernetes - Tales from SoundCloud
byTobias Schmidt
 
PPTX
Kubernetes 101 VMworld 2019 workshop slides
bySimone Morellato
 
PPTX
Security best practices for kubernetes deployment
byMichael Cherny
 
PDF
How abusing the Docker API led to remote code execution same origin bypass an...
byAqua Security
 
PPTX
VMware Hybrid Cloud Service - Overview
byrajdeep
 
POTX
Jenkins, jclouds, CloudStack, and CentOS by David Nalley
bybuildacloud
 
PDF
Kubernetes Architecture and Introduction
byStefan Schimanski
 
PDF
Building an Angular 2 App
byFelix Gessert
 
PDF
New Features of Kubernetes v1.2.0 beta
byGiragadurai Vallirajan
 
PDF
Lessons learned and challenges faced while running Kubernetes at Scale
bySidhartha Mani
 
PPTX
Hypervisor Selection in Apache CloudStack 4.4
byTim Mackey
 
PDF
OpenStack Architecture
byMirantis
 
PPTX
Websockets: Pushing the web forward
byMark Roden
 
Secrets in Kubernetes
byJerry Jalava
 
Google Cloud Container Security Quick Overview
byKrishna-Kumar
 
Keeping your Kubernetes Cluster Secure
byGene Gotimer
 
Zombies in Kubernetes
byThomas Fricke
 
Cloud-native applications with Java and Kubernetes - Yehor Volkov
byKuberton
 
What is Google Cloud Good For at DevFestInspire 2021
byRobert John
 
CloudStack vs OpenStack vs Eucalyptus: IaaS Private Cloud Brief Comparison
bybizalgo
 
Moving to Kubernetes - Tales from SoundCloud
byTobias Schmidt
 
Kubernetes 101 VMworld 2019 workshop slides
bySimone Morellato
 
Security best practices for kubernetes deployment
byMichael Cherny
 
How abusing the Docker API led to remote code execution same origin bypass an...
byAqua Security
 
VMware Hybrid Cloud Service - Overview
byrajdeep
 
Jenkins, jclouds, CloudStack, and CentOS by David Nalley
bybuildacloud
 
Kubernetes Architecture and Introduction
byStefan Schimanski
 
Building an Angular 2 App
byFelix Gessert
 
New Features of Kubernetes v1.2.0 beta
byGiragadurai Vallirajan
 
Lessons learned and challenges faced while running Kubernetes at Scale
bySidhartha Mani
 
Hypervisor Selection in Apache CloudStack 4.4
byTim Mackey
 
OpenStack Architecture
byMirantis
 
Websockets: Pushing the web forward
byMark Roden
 

Similar to Ci/CD - Stop wasting time, Automate your deployments

PPTX
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
byOleg Shalygin
 
PDF
Microservices DevOps on Google Cloud Platform
bySunnyvale
 
PDF
GCP-DevOps-projectintroduxtionfir devopsproject.pdf
byMasar10
 
PDF
CI/CD on Google Cloud Platform
byDevOps Indonesia
 
ODP
Google Cloud Platform for DeVops, by Javier Ramirez @ teowaki
byjavier ramirez
 
PPTX
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
bydevopsdaysaustin
 
PPTX
Introduction to GCCP - 2022.pptx
byRamSamarthBB
 
PDF
Kubernetes best practices
byBill Liu
 
PPTX
Cloud computing which explians about cloud topics
byswamysaranam06
 
PDF
Kubernetes Boulder - Kit Merker - Cloud Native Deployment
byKit Merker
 
PDF
The Self-Service Developer - GOTOCon CPH
byLaszlo Fogas
 
PPTX
TIAD : Automate everything with Google Cloud
byThe Incredible Automation Day
 
PDF
Powerful Google Cloud tools for your hack
bywesley chun
 
PDF
Docker, Kubernetes, and Google Cloud
bySamuel Chow
 
PDF
Dipping Your Toes Into Cloud Native Application Development
byMatthew Farina
 
PDF
Infrastructure Management in GCP
byDana Hoffman
 
PDF
GCP Meetup #3 - Approaches to Cloud Native Architectures
bynine
 
PDF
Serverless Computing with Google Cloud
bywesley chun
 
PDF
Gitlab ci e kubernetes, build test and deploy your projects like a pro
bysparkfabrik
 
PPTX
How google cloud platform can benefit devops?
byVishnuAnji
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
byOleg Shalygin
 
Microservices DevOps on Google Cloud Platform
bySunnyvale
 
GCP-DevOps-projectintroduxtionfir devopsproject.pdf
byMasar10
 
CI/CD on Google Cloud Platform
byDevOps Indonesia
 
Google Cloud Platform for DeVops, by Javier Ramirez @ teowaki
byjavier ramirez
 
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
bydevopsdaysaustin
 
Introduction to GCCP - 2022.pptx
byRamSamarthBB
 
Kubernetes best practices
byBill Liu
 
Cloud computing which explians about cloud topics
byswamysaranam06
 
Kubernetes Boulder - Kit Merker - Cloud Native Deployment
byKit Merker
 
The Self-Service Developer - GOTOCon CPH
byLaszlo Fogas
 
TIAD : Automate everything with Google Cloud
byThe Incredible Automation Day
 
Powerful Google Cloud tools for your hack
bywesley chun
 
Docker, Kubernetes, and Google Cloud
bySamuel Chow
 
Dipping Your Toes Into Cloud Native Application Development
byMatthew Farina
 
Infrastructure Management in GCP
byDana Hoffman
 
GCP Meetup #3 - Approaches to Cloud Native Architectures
bynine
 
Serverless Computing with Google Cloud
bywesley chun
 
Gitlab ci e kubernetes, build test and deploy your projects like a pro
bysparkfabrik
 
How google cloud platform can benefit devops?
byVishnuAnji
 

Recently uploaded

PDF
DSD-INT 2025 Climate and impact attribution of compound flooding induced by t...
byDeltares
 
PDF
Everything You Ever Wanted to Know About Quarkus and LangChain4j
byMarkus Eisele
 
PDF
DSD-INT 2025 DevOps - Automated testing and delivery of Delft3D FM - van West...
byDeltares
 
PDF
DSD-INT 2025 Modelling Non-Newtonian Slurry Beaching with Delft3D-Slurry - Bi
byDeltares
 
PDF
inSis suite - Laboratory Information Management System
byKondapi V Siva Rama Brahmam
 
PDF
Breaking the Vulnerability Management Cycle with Anchore and Echo
byAnchore
 
PPTX
Presentation on AWS Cloud RDS Deep dive
byBimal Jain
 
PPTX
operating sys about shells and terminals commands .pptx
byYazeedAbdullah6
 
PDF
Custom Software Development Presentation.pdf
byssuser9c7131
 
PDF
DSD-INT 2025 Building-Aware Flood and Lifeline Scour Modeling with Delft3D FM...
byDeltares
 
PDF
DSD-INT 2025 Timor-Leste Flood exposure and Climate Change assessment - Ogunwumi
byDeltares
 
PDF
Fundamental of Information Systems introduction.pdf
byYeabsraLakew
 
PPTX
The Sync Strikes Back: Tales from the MOPs Trenches
bybbedford2
 
PDF
Data Integration with Salesforce Bootcamp
byDele Amefo
 
PDF
DSD-INT 2025 3D-modelling of salt intrusion into Germany’s busiest waterway -...
byDeltares
 
PPTX
Zotero Software Demonstration. Biomedical Perspective
byDr Snehashis Singha
 
PPTX
Future of Software Testing: AI-Powered Open Source Testing Tools
bySophie Lane
 
PDF
SCORM Cloud: The 5 categories of content distribution
byRustici Software
 
PDF
DSD-INT 2025 Advancing Urban Flood Modeling with Delft3D FM 1D2D - A Pilot St...
byDeltares
 
PDF
Presentation Empowerment Technology in ICT
byoryoseiii
 
DSD-INT 2025 Climate and impact attribution of compound flooding induced by t...
byDeltares
 
Everything You Ever Wanted to Know About Quarkus and LangChain4j
byMarkus Eisele
 
DSD-INT 2025 DevOps - Automated testing and delivery of Delft3D FM - van West...
byDeltares
 
DSD-INT 2025 Modelling Non-Newtonian Slurry Beaching with Delft3D-Slurry - Bi
byDeltares
 
inSis suite - Laboratory Information Management System
byKondapi V Siva Rama Brahmam
 
Breaking the Vulnerability Management Cycle with Anchore and Echo
byAnchore
 
Presentation on AWS Cloud RDS Deep dive
byBimal Jain
 
operating sys about shells and terminals commands .pptx
byYazeedAbdullah6
 
Custom Software Development Presentation.pdf
byssuser9c7131
 
DSD-INT 2025 Building-Aware Flood and Lifeline Scour Modeling with Delft3D FM...
byDeltares
 
DSD-INT 2025 Timor-Leste Flood exposure and Climate Change assessment - Ogunwumi
byDeltares
 
Fundamental of Information Systems introduction.pdf
byYeabsraLakew
 
The Sync Strikes Back: Tales from the MOPs Trenches
bybbedford2
 
Data Integration with Salesforce Bootcamp
byDele Amefo
 
DSD-INT 2025 3D-modelling of salt intrusion into Germany’s busiest waterway -...
byDeltares
 
Zotero Software Demonstration. Biomedical Perspective
byDr Snehashis Singha
 
Future of Software Testing: AI-Powered Open Source Testing Tools
bySophie Lane
 
SCORM Cloud: The 5 categories of content distribution
byRustici Software
 
DSD-INT 2025 Advancing Urban Flood Modeling with Delft3D FM 1D2D - A Pilot St...
byDeltares
 
Presentation Empowerment Technology in ICT
byoryoseiii
 

Ci/CD - Stop wasting time, Automate your deployments

  • 1.
    Stop wasting time Automateyour deployments Jerry Jalava Cloud GDE Helsinki @W_I
  • 2.
    “Companies waste $300Billion of developer productivity every year” “Developers spend 42% of their time on code maintenance” - Stripe (The Developer Coefficient study)
  • 3.
    Using CI/CD Saves youtime and money, brings reliability and trust
  • 4.
    Essentially it meansthis Picture from "Setting up GitLab CI/CD for Android projects"
  • 5.
    Multiple options Landscape ofCI/CD tools The number of different CI/CD tools and solutions have grown rapidly in the past years
  • 6.
  • 7.
    ● Source codelocation(s) Github, Gitlab, Cloud Source ● Target systems Kubernetes, Cloud Run, VMs ● Target Environments Development, Testing, Staging, QA, Production Your solution needs may vary Not all projects are created equal ● Code structure Multiple repos, Monorepo ● Deployment tooling Helm charts, Chef, etc. ● And so on...
  • 8.
    ● Keep yourPipelines fast ● Run the Fastest Tests Early ● Run tests locally before committing ● Think about your branches ● Secure and Isolate your CI/CD environment ● Allow Production deployments only through CI/CD ● If the process is painful, you are doing it wrong! Some key things to consider Your solution needs may vary
  • 9.
    Demo time Let’s startwith Cloud Build
  • 10.
    Tools we willbe using Google Cloud Build Cloud Build lets you build software quickly across all languages. Get complete control over defining custom workflows for building, testing, and deploying across multiple environments such as VMs, serverless, Kubernetes, or Firebase. Pricing: 120 min/day free (10 concurrent builds), $0.003 per minute https://cloud.google.com/cloud-build https://github.com/GoogleCloudPlatform/cloud-builders-community
  • 11.
    Performance tweaks Best practicesfor speeding up builds Build leaner containers https://cloud.google.com/cloud-build/docs/building-leaner-containers Use Kaniko cache (in demo) Use a cached Docker image (in demo) Use custom virtual machine sizes (Defaults to 2 high-CPU VMs) Avoid uploading of unnecessary files (.gcloudignore)
  • 12.
  • 13.
    # Create Buildproject and Enable Billing $ gcloud projects create $BUILD_PROJECT_ID $ gcloud --quiet beta billing projects link $BUILD_PROJECT_ID --billing-account $BILLING_ID # Enable APIs in the build project $ ENABLE_APIS=( "cloudresourcemanager.googleapis.com" "servicemanagement.googleapis.com" "sourcerepo.googleapis.com" "cloudbuild.googleapis.com" "run.googleapis.com" "containerregistry.googleapis.com" ) $ gcloud services enable --project=$BUILD_PROJECT_ID ${ENABLE_APIS[@]} Preparations
  • 14.
  • 15.
    Deploy to environment GoogleCloud Repository, Google Cloud Run - Prepare projects - Setup repository - Setup Cloud Trigger - Check the Magic
  • 16.
  • 17.
    # Create Deployproject and Enable Billing $ gcloud projects create $DEPLOY_PROJECT_ID $ gcloud --quiet beta billing projects link $DEPLOY_PROJECT_ID --billing-account $BILLING_ID # Enable APIs in the build project $ ENABLE_APIS=( "cloudresourcemanager.googleapis.com" "compute.googleapis.com" "container.googleapis.com" "run.googleapis.com" "storage-api.googleapis.com" "servicenetworking.googleapis.com" ) $ gcloud services enable --project=$DEPLOY_PROJECT_ID ${ENABLE_APIS[@]} Preparations
  • 18.
    # Create CloudRepository $ gcloud source repos create cb-deploy-run --project $BUILD_PROJECT_ID # Allow Cloud Run to fetch containers from Build Project $ DEPLOY_PROJECT_NUMBER=$(gcloud projects describe $DEPLOY_PROJECT_ID --format='value(projectNumber)') $ RUN_SA_EMAIL="service-$DEPLOY_PROJECT_NUMBER@serverless-robot-prod.iam.gserviceaccount.com" $ BUCKET_PATH="gs://eu.artifacts.$BUILD_PROJECT_ID.appspot.com" $ gsutil iam ch serviceAccount:$RUN_SA_EMAIL:objectViewer $BUCKET_PATH # Allow Cloud Build to deploy to Cloud Run on Deploy Project $ BUILD_PROJECT_NUMBER=$(gcloud projects describe $BUILD_PROJECT_ID --format='value(projectNumber)') $ CB_SA_EMAIL="$BUILD_PROJECT_NUMBER@cloudbuild.gserviceaccount.com" $ COMPUTE_SA_EMAIL="$DEPLOY_PROJECT_NUMBER-compute@developer.gserviceaccount.com" $ gcloud projects add-iam-policy-binding $DEPLOY_PROJECT_ID --member=serviceAccount:$CB_SA_EMAIL --role roles/run.admin $ gcloud iam service-accounts add-iam-policy-binding $COMPUTE_SA_EMAIL --project $DEPLOY_PROJECT_ID --member="serviceAccount:$CB_SA_EMAIL" --role=roles/iam.serviceAccountUser Preparations
  • 19.
  • 20.
    Deploy to environment GoogleCloud Repository, Google Kubernetes Engine - Prepare projects - Setup repository - Setup Cloud Trigger - Check the Magic
  • 21.
  • 22.
    # Create GKECluster $ gcloud beta container clusters create "demo-cluster" --project $DEPLOY_PROJECT_ID --zone $COMPUTE_ZONE... # Set yourself as the cluster admin $ export CONTEXT=`kubectl config view | awk '{print $2}' | grep "demo-cluster" | tail -n 1` $ ACCOUNT=$(gcloud info --format='value(config.account)') $ NAME=$(echo "${ACCOUNT%@*}") $ kubectl --context $CONTEXT create clusterrolebinding $NAME-cluster-admin-binding --clusterrole=cluster-admin --user=$ACCOUNT Preparations
  • 23.
    # Create CloudRepository $ gcloud source repos create cb-deploy-k8s --project $BUILD_PROJECT_ID # Allow GKE to fetch containers from Build Project $ DEPLOY_PROJECT_NUMBER=$(gcloud projects describe $DEPLOY_PROJECT_ID --format='value(projectNumber)') $ GKE_SA_EMAIL="$DEPLOY_PROJECT_NUMBER-compute@developer.gserviceaccount.com" $ BUCKET_PATH="gs://eu.artifacts.$BUILD_PROJECT_ID.appspot.com" $ gsutil iam ch serviceAccount:$GKE_SA_EMAIL:objectViewer $BUCKET_PATH # Allow Cloud Build to deploy to GKE on Deploy Project $ BUILD_PROJECT_NUMBER=$(gcloud projects describe $BUILD_PROJECT_ID --format='value(projectNumber)') $ CB_SA_EMAIL="$BUILD_PROJECT_NUMBER@cloudbuild.gserviceaccount.com" $ gcloud projects add-iam-policy-binding $DEPLOY_PROJECT_ID --member=serviceAccount:$CB_SA_EMAIL --role roles/container.developer Preparations
  • 24.
  • 25.
    There is alot more you could do Eg. GitOps-style continuous delivery with Cloud Build https://cloud.google.com/kubernetes-engine/docs/tutorials/gitops-cloud-build
  • 26.
    Github Triggers Using thenew App Triggers
  • 28.
  • 29.
    This is onlythe beginning We have just scratched the surface
  • 30.
    Some of thesolutions I suggest looking into - Tekton https://tekton.dev/ - Jenkins X https://jenkins-x.io/ - Gitlab Kubernetes Executor - Github Actions https://github.com/features/actions - Flux https://docs.fluxcd.io/en/latest/ - Flagger https://flagger.app/
  • 31.