Continuous Delivery the hard way with Kubernetes

1. Continuous Delivery the hard way with Kubernetes Luke Marsden, Developer Experience @lmarsden

2. Agenda 1. Why should I deliver continuously? 2. Kubernetes primer 3. GitLab primer 4. “OK, so we’ve got these pieces, how are we going to put them together?” 5. Let’s iterate on a design! 6. Conclusions

3. Agenda 1. Why should I deliver continuously? 2. Kubernetes primer 3. GitLab primer 4. “OK, so we’ve got these pieces, how are we going to put them together?” 5. Let’s iterate on a design! 6. Conclusions

4. Why should I continuously deliver? • Microservices • Conway’s law • Scaling project, scaling team • Velocity!

5. Kubernetes: all you need to know Pods containers ServicesDeployments Container Image Docker container image, contains your application code in an isolated environment. Pod A set of containers, sharing network namespace and local volumes, co-scheduled on one machine. Mortal. Has pod IP. Has labels. Deployment Specify how many replicas of a pod should run in a cluster. Then ensures that many are running across the cluster. Has labels. Service Names things in DNS. Gets virtual IP. Two types: ClusterIP for internal services, NodePort for publishing to outside. Routes based on labels.

6. GitLab primer • Or you can use GitHub, Travis, Circle, Docker Hub, Quay.io, GCR… CI system Docker registry GitLab Version controlled code Version controlled code

7. Version controlled code These are the things that we’ve got Version controlled code CI system Docker registry Kubernetes clusterCode Docker image Kubernetes YAML

8. Version controlled code These are the things that we’ve got Version controlled code CI system Docker registry Kubernetes clusterCode Docker image Kubernetes YAML git git + shell docker registry API kubernetes API

9. These are the things that we’ve got Version controlled code CI system Docker registry Kubernetes clusterCode Docker image Kubernetes YAML

10. V1 Initial deploy (manually)

11. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes cluster

12. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes clusterkubectl apply -f service.yaml

13. V1 Deploy update (with CI system)

14. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes cluster Code Docker image

15. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes clustergit push master

16. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes clusterdocker build :a1b2c3

17. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes clusterdocker push :a1b2c3

18. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes clusterkubectl set image :a1b2c3

19. V1 Rollback

20. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes cluster

21. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes cluster git checkout master git revert HEAD  git push

22. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes clusterdocker build :b2c3d4

23. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes clusterdocker push :b2c3d4

24. Version controlled code V1 architecture Version controlled code CI system Docker registry Kubernetes clusterkubectl set image :b2c3d4

25. Demo! https://www.katacoda.com/courses/weave/flux-training

26. Downsides • Building & pushing containers is slow (disk I/O, network), shouldn’t need to this when rolling back • Branch per environment required per microservice (explosion of branches, hard to manage & scale) • Only a matter of time until you get a git merge mess • Better to decouple version of code at HEAD from version deployed…

27. Version controlled configuration • users service • code for users service • Kubernetes YAML • orders service • code for orders service • Kubernetes YAML • config repo • Kubernetes YAML for users • Kubernetes YAML for orders • Version controlled config should be the source of truth for your whole app (all the microservices)

28. Decoupling versions from releases Code versions (branches, tags) Environments & releases • users service • master • feature_A • feature_B • orders service • master • feature_A • feature_B • … • production • users -> master @ t1 • orders -> master @ t1 • staging • orders -> master @ t2 • orders -> master @ t2 conflating per- service code branches with environments in each repo is a hack, and doesn’t scale well

29. V2 Put all the yamels in one place

30. Version controlled code V2 architecture Version controlled code CI system Docker registry Kubernetes cluster Version controlled config Code Docker image Kubernetes YAML Have the CI system update the yamels automatically for you

38. Version controlled code Container builder demo Version controlled code CI system Docker registry Kubernetes cluster Version controlled config Code Docker image Kubernetes YAML Have the CI system update the yamels automatically for you Builder used as CD system

39. Now you can recreate your production environment from the central YAML repository even if your entire production cluster gets deleted

40. Demo!

41. Downsides • The CI system is responsible for a lot now (design smell – overloaded) • You can only trigger the CI system by pushing code (we wanted to be able to rollback without pushing code) • If you rollback out of band (directly with kubectl), you have to remember to update the central configuration repo as well • Parallel builds can tread on eachothers’ toes, not atomic: race between git checkout and git push (need a global lock) • Scripting updates of yamels can be a pain… it mangles your yamels • Developers start asking for more release management features (rollback, pinning, automation for some envs and manual gating for others, and your once-simple script keeps growing…)

42. V3 Refactor architecture Add “release manager”

43. Version controlled code V3 architecture Version controlled code CI system Docker registry Kubernetes cluster Version controlled config Release manager Code Docker image Kubernetes YAML push im age push config pull image list images pull, modify, push config push code policy

51. V3 Rollback doesn’t go via CI

52. Version controlled code V3 architecture Version controlled code CI system Docker registry Kubernetes cluster Version controlled config Release manager Code Docker image Kubernetes YAML push im age push config pull image list images pull, modify, push config push code policy rollback!

57. What does the release manager do? • Watches for changes in a container registry (output of CI system) • Makes commits for you to version controlled configuration (understands Kubernetes YAML) • Depending on release policy (per environment), either push changes continuously or permit manually gated releases • Allows releases to be rolled back by changing a pointer • Releases can be “locked” as a social cue

58. Different environments can have different release policies (no tight coupling between individual microservices repos and what’s released)

59. Demo! https://www.katacoda.com/courses/weave/flux-training

60. This is how we deploy Weave Cloud Weave Cloud helps devops iterate faster with: • observability & monitoring • continuous delivery • container networks & firewalls Weave Flux is a release manager for Kubernetes

61. Other topics • Kubernetes 101 • How do I monitor this stuff? (Prometheus) • Network policy for isolating & firewalling different microservices We have talks & trainings on all these topics in the Weave user group!

62. Join the Weave user group! meetup.com/pro/Weave/  Come hang out on Slack! weave.works/help

63. Thanks! Questions? We are hiring! DX in San Francisco Engineers in London & SF weave.works/weave-company/hiring Check out Flux on GitHub: github.com/weaveworks/flux

Continuous Delivery the hard way with Kubernetes

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Continuous Delivery the hard way with Kubernetes

Similar to Continuous Delivery the hard way with Kubernetes (20)

More from Luke Marsden

More from Luke Marsden (7)

Recently uploaded

Recently uploaded (20)

Continuous Delivery the hard way with Kubernetes