Slides from the presentation "From GitOps to a scalable CI/CD Pattern for Kubernetes" at the Docker New York City meetup, by Andrew Phillips. See https://www.meetup.com/Docker-NewYorkCity/events/257539512/
These are the slides for a talk/workshop delivered to the Cloud Native Wales user group (@CloudNativeWal) on 2019-01-10.
In these slides, we go over some principles of gitops and a hands on session to apply these to manage a microservice.
You can find out more about GitOps online https://www.weave.works/technologies/gitops/
GitOps - Modern best practices for high velocity app dev using cloud native t...Weaveworks
Alexis Richardson, Weaveworks CEO, recently presented this slide deck at the KubeCon + CloudNativeCon event. He covers GitOps - modern best practices for developing apps faster using cloud native tools.
Stefan is currently working on a new exciting project, GitOps Toolkit (https://github.com/fluxcd/toolkit), which is an experimental toolkit for assembling CD pipelines the GitOps way
Watch the recording here: https://youtu.be/0KmqEp4VxSQ
Welcome Helm users! CNCF Flux has a best-in-class way to use Helm according to GitOps principles. For you, that means improved security, reliability, and velocity - no more being on the pager on the weekends or having painful troubleshooting or rollback when things go wrong. Built on Kubernetes controller-runtime, Flux’s Helm Controller is an example of a mature software agent that uses Helm’s SDK to full effect.
Flux’s biggest addition to Helm is a structured declaration layer for your releases that automatically gets reconciled to your cluster based on your configured rules:
⭐️ The Helm client commands let you imperatively do things
⭐️ Flux Helm Custom Resources let you declare what you want the Helm SDK to do automatically
During this session, Scott Rigby, Developer Experience Engineer at Weaveworks and Flux & Helm Maintainer, will take you on a tour of Flux’s Helm Controller, share the additional benefits Flux adds to Helm and then walk through a live demo of how to manage helm releases using Flux.
If you want to follow along with Scott’s demo, here are a couple of resources to help you prepare ahead of time:
📄 Flux for Helm Users Docs: https://fluxcd.io/docs/use-cases/helm/
📄 Flux Guide: Manage Helm Releases: https://fluxcd.io/docs/guides/helmreleases/
Speaker Bio:
Scott is a Brooklyn based interdisciplinary artist and Developer Advocate at Weaveworks. He co-founded the Basekamp art and research group in 1998 and the massively collaborative Plausible Artworlds international network. In technology he enjoys helping develop open source software that anyone can use, most recently projects in the cloud native landscape including co-maintaining Helm and Flux. In daily decisions, large or small, he tries to help make the world a better place for everyone.
Continuous Lifecycle London 2018 Event KeynoteWeaveworks
Today it’s all about delivering velocity without compromising on quality, yet it’s becoming increasingly difficult for organisations to keep up with the challenges of current release management and traditional operations. The demand for developers to own the end-to-end delivery, including operational ownership, is increasing. A “you build it, you own it” development process requires tools that developers know and understand. So I’d like to introduce “GitOps”- an agile software lifecycle for modern applications.
In this session, I will discuss these industry challenges, including current CICD trends and how they’re converging with operations and monitoring. I’ll also illustrate the GitOps model, identify best practices and tools to use, and explain how you can benefit from adopting this methodology inherited from best practices going back 10-15 years.
Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern...Andrew Phillips
Slides from the presentation "From GitOps to an adaptable CI/CD Pattern for Kubernetes" at the Continuous Delivery NYC meetup, by Andrew Phillips. See https://www.meetup.com/ContinuousDeliveryNYC/events/255366708/ and https://www.youtube.com/watch?v=SYeZ0uIwbLc
These are the slides for a talk/workshop delivered to the Cloud Native Wales user group (@CloudNativeWal) on 2019-01-10.
In these slides, we go over some principles of gitops and a hands on session to apply these to manage a microservice.
You can find out more about GitOps online https://www.weave.works/technologies/gitops/
GitOps - Modern best practices for high velocity app dev using cloud native t...Weaveworks
Alexis Richardson, Weaveworks CEO, recently presented this slide deck at the KubeCon + CloudNativeCon event. He covers GitOps - modern best practices for developing apps faster using cloud native tools.
Stefan is currently working on a new exciting project, GitOps Toolkit (https://github.com/fluxcd/toolkit), which is an experimental toolkit for assembling CD pipelines the GitOps way
Watch the recording here: https://youtu.be/0KmqEp4VxSQ
Welcome Helm users! CNCF Flux has a best-in-class way to use Helm according to GitOps principles. For you, that means improved security, reliability, and velocity - no more being on the pager on the weekends or having painful troubleshooting or rollback when things go wrong. Built on Kubernetes controller-runtime, Flux’s Helm Controller is an example of a mature software agent that uses Helm’s SDK to full effect.
Flux’s biggest addition to Helm is a structured declaration layer for your releases that automatically gets reconciled to your cluster based on your configured rules:
⭐️ The Helm client commands let you imperatively do things
⭐️ Flux Helm Custom Resources let you declare what you want the Helm SDK to do automatically
During this session, Scott Rigby, Developer Experience Engineer at Weaveworks and Flux & Helm Maintainer, will take you on a tour of Flux’s Helm Controller, share the additional benefits Flux adds to Helm and then walk through a live demo of how to manage helm releases using Flux.
If you want to follow along with Scott’s demo, here are a couple of resources to help you prepare ahead of time:
📄 Flux for Helm Users Docs: https://fluxcd.io/docs/use-cases/helm/
📄 Flux Guide: Manage Helm Releases: https://fluxcd.io/docs/guides/helmreleases/
Speaker Bio:
Scott is a Brooklyn based interdisciplinary artist and Developer Advocate at Weaveworks. He co-founded the Basekamp art and research group in 1998 and the massively collaborative Plausible Artworlds international network. In technology he enjoys helping develop open source software that anyone can use, most recently projects in the cloud native landscape including co-maintaining Helm and Flux. In daily decisions, large or small, he tries to help make the world a better place for everyone.
Continuous Lifecycle London 2018 Event KeynoteWeaveworks
Today it’s all about delivering velocity without compromising on quality, yet it’s becoming increasingly difficult for organisations to keep up with the challenges of current release management and traditional operations. The demand for developers to own the end-to-end delivery, including operational ownership, is increasing. A “you build it, you own it” development process requires tools that developers know and understand. So I’d like to introduce “GitOps”- an agile software lifecycle for modern applications.
In this session, I will discuss these industry challenges, including current CICD trends and how they’re converging with operations and monitoring. I’ll also illustrate the GitOps model, identify best practices and tools to use, and explain how you can benefit from adopting this methodology inherited from best practices going back 10-15 years.
Continuous Delivery NYC: From GitOps to an adaptable CI/CD Pattern for Kubern...Andrew Phillips
Slides from the presentation "From GitOps to an adaptable CI/CD Pattern for Kubernetes" at the Continuous Delivery NYC meetup, by Andrew Phillips. See https://www.meetup.com/ContinuousDeliveryNYC/events/255366708/ and https://www.youtube.com/watch?v=SYeZ0uIwbLc
Join this workshop and accelerate your journey to production-ready Kubernetes by learning the practical techniques for reliably operating your software lifecycle using the GitOps pattern. The Weaveworks team will be running a full-day workshop, sharing their expertise as users and contributors of Kubernetes and Prometheus, as well as followers of GitOps (operations by pull request) practices.
Using a combination of instructor led demonstrations and hands-on exercises, the workshop will enable the attendee to go into detail on the following topics:
• Developing and operating your Kubernetes microservices at scale
• DevOps best practices and the movement towards a “GitOps” approach
• Building with Kubernetes in production: caring for your apps, implementing CI/CD best practices, and utilizing the right metrics, monitoring tools, and automated alerts
• Operating Kubernetes in production: Upgrading and managing Kubernetes, managing incident response, and adhering to security best practices for Kubernetes
Slides of talk given at London Study of Enterprise Agile Meetup in June 2019.
We go over GitOps and how it affects delivery speed in software development and release.
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDSunnyvale
A brief dissertation about using GitOps paradigm to operate an application on multiple Kubernetes environments thanks to GitHub, ArgoCD and Kustomize. A talk about this matters has been taken at the event #CloudConf2020
The Power of GitOps with Flux & GitOps ToolkitWeaveworks
GitOps Days Community Special
Watch the video here: https://youtu.be/0v5bjysXTL8
New to GitOps or been a long-time Flux user?
We'll walk you through the benefits of GitOps and then demo it in action with a sneak peak into the next gen Flux and GitOps Toolkit!
* Automation!
* Visibility!
* Reconciliation!
* Powerful use of Prometheus and Grafana!
* GitOps for Helm!
For Flux users, Flux v1 is decoupled into Flux v2 and GitOps Toolkit. We'll demo how this decoupling gives you more control over how you can do GitOps and with fewer steps!
Join Leigh Capili and Tamao Nakahara as they show you GitOps in action with Flux and GitOps Toolkit.
Note to our Flux community that Flux v2 and the GitOps Toolkit is in development and Flux v1 is in maintenance mode. These talks and upcoming guides will give you the most up-to-date info and steps to migrate once we reach feature parity and start the migration process. We are dedicated to the smoothest experience possible for our Flux community, so please join us if you'd like early access and to give us feedback for the migration process.
We are really excited by the improvements and want to take this opportunity to show you what the GitOps Toolkit is all about, walk you through the guides and get your feedback!
For more info, see https://toolkit.fluxcd.io/.
Here's our latest blog post on Flux v2 and GitOps Toolkit updates: https://www.weave.works/blog/the-road-to-flux-v2-october-update
**Watch the full webinar at https://codefresh.io/events/terraform-gitops-codefresh/
Today we write "Infrastructure as Code" and even "Pipelines as Code", so let's start treating our "code as code" and practice CI/CD with GitOps! In this talk, we'll show you how we build and deploy applications with Terraform using GitOps and Codefresh. Cloud Posse is a Terraform power user that has developed over 130 Terraform modules which are free and open source. We'll share how we handle automation with security while making the process easy for engineers.
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturasparkfabrik
GitOps è un nuovo metodo di CD che utilizza Git come unica fonte di verità per le applicazioni e per l'infrastruttura (declarative infrastructure / infrastructure as code), fornendo sia il controllo delle revisioni che il controllo delle modifiche. In questo talk vedremo i concetti alla base di CI/CD, ovvero Continuous Integration e Continuous Deployment (o anche Continuous Delivery), pratiche nello sviluppo software che permettono ai team di creare dei progetti collaborativi in modo rapido, efficiente e idealmente con meno errori. Infine vedremo come implementare un flusso di lavoro GitOps usando Github actions e ArgoCD.
GitOps è un nuovo metodo di CD che utilizza Git come unica fonte di verità per le applicazioni e per l'infrastruttura (declarative infrastructure/infrastructure as code), fornendo sia il controllo delle revisioni che il controllo delle modifiche. In questo talk vedremo come implementare workflow di CI/CD Gitops basati su Kubernetes, dalla teoria alla pratica passando in rassegna i principali strumenti oggi a disposizione come ArgoCD, Flux (aka Gitops engine) e JenkinsX
Introducing Flagger: a progressive delivery Kubernetes operator for Istio.
Flagger automates the promotion of canary deployments, and uses Istio routing for traffic shifting and Prometheus metrics for canary analysis.
GitOps and Kubernetes introduces a radical idea—managing your infrastructure with the same Git pull requests you use to manage your codebase. In this in-depth tutorial, you’ll learn to operate infrastructures based on powerful-but-complex technologies such as Kubernetes with the same Git version control tools most developers use daily. With these GitOps techniques and best practices, you’ll accelerate application development without compromising on security, easily roll back infrastructure changes, and seamlessly introduce new team members to your automation process.
If you want to learn more about the book, go here: http://mng.bz/G45O
Deploying software and controlling infrastructure quickly and safely is a hard task.
In this talk, Brice Fernandes, Customer Success Engineer at Weaveworks, discusses GitOps, an operational model for Kubernetes and beyond to speed up development, while retaining extremely strong security guarantees. Brice describes and shows several open source tools developed at Weaveworks to support this approach. You will have a good idea of how to use the GitOps principles to create software pipelines that are fast, safe, and reproducible, while creating clear and high quality audit trails.
Check out the full presentation on YouTube: https://youtu.be/QdCwUUtcj4I
Join us for a webinar on securing the DevOps lifecycle with GitOps. Explore the best defenses for common security threats to code repositories, and see how to apply GitOps best practices to your CICD pipelines for Kubernetes.
The adoption of GitOps already increases the security and stability of your Kubernetes deployment pipelines, keeping your deployment credentials and other secrets inside of the cluster. Although GitOps improves CICD pipeline security, it shifts the security burden to Git itself.
For organizations who wish to defend themselves from malicious internal or external actors, or who operate under high compliance requirements, implementing additional security measures to Git provides identity guarantees, automation of change control, and detailed audit trails.
In this webinar, we’ll discuss 4 common Git attacks and how to mitigate them:
1. User impersonation
2. Malicious user tampering with the repository’s history
3. Malicious user attacking the Git platform
4. Historical attacks on Git clients and their impact
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksWeaveworks
Together with Snyk, the Weaveworks team will explain and demonstrate how GitOps continuous delivery pipelines combined with good security practices improves the overall security of your development workflow - from Git to production. In the webinar we will:
- Examine security concerns in a typical CICD pipeline
- Operate continuous delivery via pull request
- Discuss Read/Write access in a GitOps pipeline
- Share 5 tips and tricks on securing your source code repos from the beginning
Blog on this topic: https://www.weave.works/blog/secure-gitops-pipelines-for-kubernetes-with-snyk-and-weaveworks
For this info-packed and hands-on workshop we cover:
📍 Introduction to Kubernetes & GitOps talk:
We cover the most popular path that has brought success to many users already - GitOps as a natural evolution of Kubernetes. We'll give an overview of how you can benefit from Kubernetes and GitOps: greater security, reliability, velocity and more. Importantly, we cover definitions and principles standardized by the CNCF's OpenGitOps group and what it means for you.
📍 Get Started with GitOps:
You'll have GitOps up and running in about 30 mins using our free and open source tools! We'll give a brief vision of where you want to be with those security, reliability, and velocity benefits, and then we'll support you while go through the getting started steps. During the workshop, you'll also experience in action and see demos for:
- an opinionated repo structure to minimize decision fatigue
- disaster recovery using GitOps
- Helm charts example
- Multi-cluster example
- all with free and open source tools mostly in the CNCF (eg. Flux and Helm).
If you have questions before or after the workshop, talk to us at #weave-gitops http://bit.ly/WeaveGitOpsSlack (If you need to invite yourself to the Slack, visit https://slack.weave.works/)
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsSonja Schweigert
One of the biggest advantages Kubernetes has to offer is that it is agnostic to infrastructure and capable of managing diverse workloads running on different compute resources. This allows organizations to manage multiple developer platforms, who can operate across many environments such as on premise, hybrid and multiple clouds.
Streamlined processes and automation is pivotal for operations when managing clusters at scale and maintaining security and policy checks. Paul Curtis, Principal Solutions Architect will demonstrate GitOps and Weave Kubernetes Platform in a hybrid and multi-cloud setup.
Learn how to:
Use model-driven automation to increases reliability and stability across environments
Simplify multi-cluster management with GitOps
Enable developers to push code to production daily (self-service)
Improve utilization and capacity management through Kubernetes platforms on cloud and on-premise infrastructure
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021William Caban
The adoption of cloud-native principles brings new challenges. Scaling and evolving operations teams and staying up to date requires the adoption of new operational models and paradigms.
This deck presents how modern paradigms map to GitOps principles and the charactersitics that must be supported by any software used for GitOps.
Join this workshop and accelerate your journey to production-ready Kubernetes by learning the practical techniques for reliably operating your software lifecycle using the GitOps pattern. The Weaveworks team will be running a full-day workshop, sharing their expertise as users and contributors of Kubernetes and Prometheus, as well as followers of GitOps (operations by pull request) practices.
Using a combination of instructor led demonstrations and hands-on exercises, the workshop will enable the attendee to go into detail on the following topics:
• Developing and operating your Kubernetes microservices at scale
• DevOps best practices and the movement towards a “GitOps” approach
• Building with Kubernetes in production: caring for your apps, implementing CI/CD best practices, and utilizing the right metrics, monitoring tools, and automated alerts
• Operating Kubernetes in production: Upgrading and managing Kubernetes, managing incident response, and adhering to security best practices for Kubernetes
Slides of talk given at London Study of Enterprise Agile Meetup in June 2019.
We go over GitOps and how it affects delivery speed in software development and release.
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDSunnyvale
A brief dissertation about using GitOps paradigm to operate an application on multiple Kubernetes environments thanks to GitHub, ArgoCD and Kustomize. A talk about this matters has been taken at the event #CloudConf2020
The Power of GitOps with Flux & GitOps ToolkitWeaveworks
GitOps Days Community Special
Watch the video here: https://youtu.be/0v5bjysXTL8
New to GitOps or been a long-time Flux user?
We'll walk you through the benefits of GitOps and then demo it in action with a sneak peak into the next gen Flux and GitOps Toolkit!
* Automation!
* Visibility!
* Reconciliation!
* Powerful use of Prometheus and Grafana!
* GitOps for Helm!
For Flux users, Flux v1 is decoupled into Flux v2 and GitOps Toolkit. We'll demo how this decoupling gives you more control over how you can do GitOps and with fewer steps!
Join Leigh Capili and Tamao Nakahara as they show you GitOps in action with Flux and GitOps Toolkit.
Note to our Flux community that Flux v2 and the GitOps Toolkit is in development and Flux v1 is in maintenance mode. These talks and upcoming guides will give you the most up-to-date info and steps to migrate once we reach feature parity and start the migration process. We are dedicated to the smoothest experience possible for our Flux community, so please join us if you'd like early access and to give us feedback for the migration process.
We are really excited by the improvements and want to take this opportunity to show you what the GitOps Toolkit is all about, walk you through the guides and get your feedback!
For more info, see https://toolkit.fluxcd.io/.
Here's our latest blog post on Flux v2 and GitOps Toolkit updates: https://www.weave.works/blog/the-road-to-flux-v2-october-update
**Watch the full webinar at https://codefresh.io/events/terraform-gitops-codefresh/
Today we write "Infrastructure as Code" and even "Pipelines as Code", so let's start treating our "code as code" and practice CI/CD with GitOps! In this talk, we'll show you how we build and deploy applications with Terraform using GitOps and Codefresh. Cloud Posse is a Terraform power user that has developed over 130 Terraform modules which are free and open source. We'll share how we handle automation with security while making the process easy for engineers.
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturasparkfabrik
GitOps è un nuovo metodo di CD che utilizza Git come unica fonte di verità per le applicazioni e per l'infrastruttura (declarative infrastructure / infrastructure as code), fornendo sia il controllo delle revisioni che il controllo delle modifiche. In questo talk vedremo i concetti alla base di CI/CD, ovvero Continuous Integration e Continuous Deployment (o anche Continuous Delivery), pratiche nello sviluppo software che permettono ai team di creare dei progetti collaborativi in modo rapido, efficiente e idealmente con meno errori. Infine vedremo come implementare un flusso di lavoro GitOps usando Github actions e ArgoCD.
GitOps è un nuovo metodo di CD che utilizza Git come unica fonte di verità per le applicazioni e per l'infrastruttura (declarative infrastructure/infrastructure as code), fornendo sia il controllo delle revisioni che il controllo delle modifiche. In questo talk vedremo come implementare workflow di CI/CD Gitops basati su Kubernetes, dalla teoria alla pratica passando in rassegna i principali strumenti oggi a disposizione come ArgoCD, Flux (aka Gitops engine) e JenkinsX
Introducing Flagger: a progressive delivery Kubernetes operator for Istio.
Flagger automates the promotion of canary deployments, and uses Istio routing for traffic shifting and Prometheus metrics for canary analysis.
GitOps and Kubernetes introduces a radical idea—managing your infrastructure with the same Git pull requests you use to manage your codebase. In this in-depth tutorial, you’ll learn to operate infrastructures based on powerful-but-complex technologies such as Kubernetes with the same Git version control tools most developers use daily. With these GitOps techniques and best practices, you’ll accelerate application development without compromising on security, easily roll back infrastructure changes, and seamlessly introduce new team members to your automation process.
If you want to learn more about the book, go here: http://mng.bz/G45O
Deploying software and controlling infrastructure quickly and safely is a hard task.
In this talk, Brice Fernandes, Customer Success Engineer at Weaveworks, discusses GitOps, an operational model for Kubernetes and beyond to speed up development, while retaining extremely strong security guarantees. Brice describes and shows several open source tools developed at Weaveworks to support this approach. You will have a good idea of how to use the GitOps principles to create software pipelines that are fast, safe, and reproducible, while creating clear and high quality audit trails.
Check out the full presentation on YouTube: https://youtu.be/QdCwUUtcj4I
Join us for a webinar on securing the DevOps lifecycle with GitOps. Explore the best defenses for common security threats to code repositories, and see how to apply GitOps best practices to your CICD pipelines for Kubernetes.
The adoption of GitOps already increases the security and stability of your Kubernetes deployment pipelines, keeping your deployment credentials and other secrets inside of the cluster. Although GitOps improves CICD pipeline security, it shifts the security burden to Git itself.
For organizations who wish to defend themselves from malicious internal or external actors, or who operate under high compliance requirements, implementing additional security measures to Git provides identity guarantees, automation of change control, and detailed audit trails.
In this webinar, we’ll discuss 4 common Git attacks and how to mitigate them:
1. User impersonation
2. Malicious user tampering with the repository’s history
3. Malicious user attacking the Git platform
4. Historical attacks on Git clients and their impact
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksWeaveworks
Together with Snyk, the Weaveworks team will explain and demonstrate how GitOps continuous delivery pipelines combined with good security practices improves the overall security of your development workflow - from Git to production. In the webinar we will:
- Examine security concerns in a typical CICD pipeline
- Operate continuous delivery via pull request
- Discuss Read/Write access in a GitOps pipeline
- Share 5 tips and tricks on securing your source code repos from the beginning
Blog on this topic: https://www.weave.works/blog/secure-gitops-pipelines-for-kubernetes-with-snyk-and-weaveworks
For this info-packed and hands-on workshop we cover:
📍 Introduction to Kubernetes & GitOps talk:
We cover the most popular path that has brought success to many users already - GitOps as a natural evolution of Kubernetes. We'll give an overview of how you can benefit from Kubernetes and GitOps: greater security, reliability, velocity and more. Importantly, we cover definitions and principles standardized by the CNCF's OpenGitOps group and what it means for you.
📍 Get Started with GitOps:
You'll have GitOps up and running in about 30 mins using our free and open source tools! We'll give a brief vision of where you want to be with those security, reliability, and velocity benefits, and then we'll support you while go through the getting started steps. During the workshop, you'll also experience in action and see demos for:
- an opinionated repo structure to minimize decision fatigue
- disaster recovery using GitOps
- Helm charts example
- Multi-cluster example
- all with free and open source tools mostly in the CNCF (eg. Flux and Helm).
If you have questions before or after the workshop, talk to us at #weave-gitops http://bit.ly/WeaveGitOpsSlack (If you need to invite yourself to the Slack, visit https://slack.weave.works/)
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsSonja Schweigert
One of the biggest advantages Kubernetes has to offer is that it is agnostic to infrastructure and capable of managing diverse workloads running on different compute resources. This allows organizations to manage multiple developer platforms, who can operate across many environments such as on premise, hybrid and multiple clouds.
Streamlined processes and automation is pivotal for operations when managing clusters at scale and maintaining security and policy checks. Paul Curtis, Principal Solutions Architect will demonstrate GitOps and Weave Kubernetes Platform in a hybrid and multi-cloud setup.
Learn how to:
Use model-driven automation to increases reliability and stability across environments
Simplify multi-cluster management with GitOps
Enable developers to push code to production daily (self-service)
Improve utilization and capacity management through Kubernetes platforms on cloud and on-premise infrastructure
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021William Caban
The adoption of cloud-native principles brings new challenges. Scaling and evolving operations teams and staying up to date requires the adoption of new operational models and paradigms.
This deck presents how modern paradigms map to GitOps principles and the charactersitics that must be supported by any software used for GitOps.
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with ConcourseVMware Tanzu
Concourse is an open source continuous integration (CI) system designed for agile development teams. It supports developers that practice test-driven development and continuous delivery (CD) by automating a teams build-to-release process inclusive of all automated testing.
Concourse provides dependable results for each build run. It allows agile development teams to deliver business value at a much higher velocity. It allows teams to treat every code commit as if it’s about to be deployed to production.
In this webinar, we’ll talk about how teams’ practice agile development in relation to developing, testing and deploying apps in Cloud Foundry. We’ll also cover the role that Concourse plays in aiding high velocity delivery of applications.
Our agenda includes:
- What is CI / CD and how do these practices fit into Pivotal's development practices
- Overview of Concourse and how it differs from other CI / CD systems
- Why Pipelines are useful for continuously delivering apps to Pivotal Cloud Foundry
- Why containers are useful for continuously delivering apps to Pivotal Cloud Foundry
- Examples of how these concepts work in practice
- How to get started using Concourse to continuously deliver value
Presenters : Greg Chase, James Ma, Topher Bullock, Pivotal
Pivotal Platform: A First Look at the October ReleaseVMware Tanzu
Join Dan Baskette and Jared Ruckle for a first look at the latest Pivotal Platform capabilities with demos and expert Q&A. Attend this session and learn how you can put these new updates to work for your enterprise.
Build apps atop Kubernetes with:
● Azure Spring Cloud, a complete runtime for Spring apps atop Azure Kubernetes Service
● Pivotal Build Service, an automated workflow for code-to-container builds
● Container Services Manager for Pivotal Platform, a bridge between Pivotal Application Service and PKS
Build apps atop a self-managed platform with:
● Pivotal Application Service 2.7, and its additional app deployment capabilities
● Pivotal Service Instance Manager, a new tool to help you manage backing services at scale
Get your apps to production with CI/CD tools like:
● Pivotal Continuous Delivery with Spinnaker
● Pivotal Concourse 5.5
We’ll also review Pivotal Spring Cloud Gateway and Pivotal Cloud Cache 1.9!
Presenter : Dan Baskette, Director, Technical Marketing & Jared Ruckle, Director, Product Marketing
Cloud Native CI/CD with Spring Cloud PipelinesLars Rosenquist
Spring, Spring Boot and Spring Cloud are tools that allow developers to speed up the creation of new business features. But a new feature is only useful if it's in production. Companies spend a lot of time and resources on building their own deployment pipelines using a plethora of technologies. Spring Cloud Pipelines provides an opinionated way for getting your features to production in a fast, reliable, reproducible and fully automated way.
Cloud Native CI/CD with Spring Cloud PipelinesLars Rosenquist
Spring, Spring Boot and Spring Cloud are tools that allow developers to speed up the creation of new business features. But a new feature is only useful if it's in production. Companies spend a lot of time and resources on building their own deployment pipelines using a plethora of technologies. Spring Cloud Pipelines provides an opinionated way for getting your features to production in a fast, reliable, reproducible and fully automated way.
Application Migration: How to Start, Scale and SucceedVMware Tanzu
Undergoing the application migration journey can be cumbersome and challenging, especially when you have a complex application portfolio that consists of both legacy and newer apps on outdated systems. You are hindered by managing and operating manual processes to address security concerns, regulatory change and policy compliance.
You know embarking on the cloud journey is inevitable and deciding where to start is overwhelming. Let us show you how.
Join Matt Russell to hear how Pivotal helps large organizations plan and execute their application transformation initiatives by using a set of proven techniques and approaches that help you get started quickly and scale continuously.
We use simple tools and start small to redefine current systems, and achieve cloud-native speed and resiliency. Let us show you how Pivotal can help you navigate your journey while instilling confidence along the way.
Presenter : Matt Russell, Senior Director, Application Transformation at Pivotal
Join this info-packed and hands-on workshop where we will cover:
Introduction to Kubernetes & GitOps talk:
We'll cover the most popular path that has brought success to many users already - GitOps as a natural evolution of Kubernetes. We'll give an overview of how you can benefit from Kubernetes and GitOps: greater security, reliability, velocity and more. Importantly, we cover definitions and principles standardized by the CNCF's OpenGitOps group and what it means for you.
Get Started with GitOps:
You'll have GitOps up and running in about 30 mins using our free and open source tools! We'll give a brief vision of where you want to be with those security, reliability, and velocity benefits, and then we'll support you while go through the getting started steps. During the workshop, you'll also experience in action and see demos for:
* an opinionated repo structure to minimize decision fatigue
* disaster recovery using GitOps
* Helm charts example
* Multi-cluster example
* all with free and open source tools mostly in the CNCF (eg. Flux and Helm).
If you have questions before or after the workshop, talk to us at #weave-gitops http://bit.ly/WeaveGitOpsSlack (If you need to invite yourself to the Slack, visit https://slack.weave.works/)
A deck from the first CDIsrael meetup, presenting our CD flow at Snyk, focusing on our testing framework. A day in a life of a developer - code, test, publish, deploy, monitor.
Delivery Pipelines as a First Class Citizen @deliverAgile2019ciberkleid
In this talk, we will cover important elements for successful CI and CD. We will discuss how these elements make CI and CD much simpler, and hence more attainable. We will cover some best practices / recommendations to include in your application pipelines. We will look at a sample implementation of a pipeline leveraging modern tools. Finally, we will discuss some forthcoming ideas for making it even easier to declaratively enable CI and CD for applications.
Orchestrate Your End-to-end Mainframe Application Release PipelineDevOps.com
What steel and concrete are to a skyscraper, the mainframe is to the global economy. The mainframe is the transactional backbone for 96 of the world’s top 100 banks, 23 of the 25 top US retailers and 9 out of 10 of the world’s largest insurance companies.
When you think of a mainframe, you probably think of an old green computer screen. Did you know you can use the same modern tools and techniques with mainframes that you use with cloud and mobile?
With the growth of mission-critical mainframe workloads showing no signs of slowing down, application delivery cannot remain slow and complex. Organizations must apply the same DevOps processes to the mainframe as they do with other platforms.
Compuware and XebiaLabs enable large enterprises to automatically build, test and deploy mainframe releases within a cross-platform application release pipeline.
Achieving Full Stack DevOps at Colonial Life DevOps.com
In an ever more competitive marketplace, organizations have turned to Agile and DevOps practices to deliver software innovations to market more quickly and with high quality. Across industries, companies are making heavy investments in tools and process improvements around automated build, test, continuous integration and delivery, and release automation and orchestration. However, despite these investments, many organizations are still struggling to bring the necessary speed and quality to their software delivery. In many cases, this is because Agile and DevOps improvements have not been applied to the entire software stack and are often limited to application code delivery.
This webinar will explore the transformation that Colonial Life made in bringing DevOps to the entire software stack. Specifically, beyond automating and accelerating the validation and delivery of application code, this webinar will focus on the critical role that data and the database play in modern software delivery and the tools and processes that can bring the same automation to database code.
After this webinar, you will understand:
* What holds organizations back despite an Agile application development process
* The benefits of automating the validation and deployment of database changes
* A template for bringing DevOps to the entire software stack
DevOpsDays Tel Aviv DEC 2022 | Building A Cloud-Native Platform Brick by Bric...Haggai Philip Zagury
The overwhelming growth of technologies in the Cloud Native foundation overtook our toolbox and completely changed (well, really enhanced) the Developer Experience.
In this talk, I will try to provide my personal journey from the "Operator to Developer's chair" and the practices which helped me along my journey as a Cloud-Native Dev ;)
OpenDev 2018: "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deplo...Andrew Phillips
Slides from the presentation "Open CD for Open Infrastructure - Hybrid and Multi-Cloud Deployments with Spinnaker" at OpenDev 2018, by Andrew Phillips. See https://www.youtube.com/watch?v=EC_zxrk2NQc
New York Kubernetes: CI/CD Patterns for KubernetesAndrew Phillips
Slides from the presentation "CI/CD Patterns for Kubernetes" at the New York Kubernetes meetup, by Andrew Phillips & Lars Wander. See https://www.meetup.com/New-York-Kubernetes-Meetup/events/250629415/ and https://www.youtube.com/watch?v=U4aPD8sthBc#t=33m47s
Slides from the presentation "Breaking Down the Prod/Dev Wall" at the nycdevops meetup, by Andrew Phillips. See https://www.meetup.com/nycdevops/events/fmgjmnyxgbwb
BASE Meetup: "Analysing Scala Puzzlers: Essential and Accidental Complexity i...Andrew Phillips
Slides from the presentation "Analysing Scala Puzzlers: Essential and Accidental Complexity in Scala" at the Boston Area Scala Enthusiasts meetup, by Andrew Phillips & Nermin Serifovic. See http://www.meetup.com/boston-scala/events/228136405/
Scala Up North: "Analysing Scala Puzzlers: Essential and Accidental Complexit...Andrew Phillips
Slides from the presentation "Analysing Scala Puzzlers: Essential and Accidental Complexity in Scala" at Scala Up North 2015, by Andrew Phillips & Nermin Serifovic. See http://scalaupnorth.com/speakers.html#andrew
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Docker New York City: From GitOps to a scalable CI/CD Pattern for Kubernetes
1. From GitOps to an scalable
CI/CD pattern for Kubernetes
Andrew Phillips
Docker New York City; Jan 16, 2019
2. From GitOps to an scalable
CI/CD pattern...for everything?
Andrew Phillips
Docker New York City; Jan 16, 2019
3. The bio slide
● Been on most sides of this space: developer, infra builder, product owner,
evangelist and more
● Long-standing open-source contributor
● Author and regular conference and meetup presenter
● Co-organizer of ContainerDays Boston & NYC
4. Agenda
1. What’s the challenge?
2. CI/CD practices & patterns today
3. What does Kubernetes add into the mix?
4. A CI/CD pipeline for Kubernetes
5. Next steps for your scenario
6. Q&A
5. The context
● Lots of organizations looking at Kubernetes right now
● Trying to use this also as an opportunity to “clean up” sub-optimal software
delivery pipelines
● How to do this right?
6. The challenge
● Lots of new runtime-specific concepts to deal with
● “Kubernetes-native” best practices still very much in flux
● Wrapping your head around “new” practices (e.g. GitOps) is hard
● Extrapolating from new practices in theory to actual, working implementations
is even harder
● Figuring out how all this new stuff relates to accepted industry practices and
tools is harder still
8. The approach
● Recall good practices that we’d like to retain
● Incorporate refinements related to Kubernetes to create a straw man setup
● Develop a mental model to understand advantages and shortfalls of the setup
● Refine the setup based on tradeoffs to be made related to each user’s
particular situation
● Implement using appropriate tools
9. Existing good practice
● Reproducible builds
● Store source and derived artifacts appropriately
● Minimize duplication, especially around environment config
● Keep the business process flexible and the env automation robust
● Support 4 related processes:
○ Application update
○ Environment (config) update
○ Environment spin-up/restore
○ Environment drift detection and remediation
● Specifically, support env-specific (e.g. log settings change) and cross-env
(e.g. new app version rollout) processes concisely
10. Deployment execution: business process vs. technical process
Release pipeline A business process, represented as a sequence, possibly very specific to a service
Test environment Staging environment
Technical components with
interdependencies, defined
“as-code”. To be
automatically sequenced if
possible
Production environment
Deploy to Test Review Approve Deploy to Prod...
App
Endpoint
Config
App
Endpoint
Config’
Old app version
Namespace
11. What’s new with Kubernetes
● Declarative == intent/desired state is front-of-mind
● “as-code” description of the intended state of an environment
(“environments-as-code”)
● Purpose of automation is to modify that intent and apply it to the target
runtime(s)
● Needed UX (generally poor currently!) is to see/understand current intent;
review and approve changes to intent; and track status of intent (“being
applied”, “successfully applied”, “failed”, “drifted” etc.)
12. Deployment execution: adding in Kubernetes
Release pipeline A business process, represented as a sequence, possibly very specific to a service
Test environment Staging environment
Technical components with
interdependencies, defined
“as-code”. To be
automatically sequenced if
possible
Production environment
“environments-as-code” repositories
Deploy to Test Review Approve Deploy to Prod...
App
Endpoint
Config
App
Endpoint
Config’
Old app version
Namespace
13. TL;DR
Release pipeline A business process, represented as a sequence, possibly very specific to a service
Test environment Staging environment
Technical components with
interdependencies, defined
“as-code”. To be
automatically sequenced if
possible
Production environment
“environments-as-code” repositories
Deploy to Test Review Approve Deploy to Prod...
App
Endpoint
Config
App
Endpoint
Config’
Old app version
Namespace
Imperative pipeline across environments
Declarative spec for each environment
(with support for some imperative “cheating” where necessary)
14. What’s popular in the Kubernetes community
● Actuation based on reconciliation engine built into runtime with continuous
enforcement
○ Interest in “pull-based”, async invocation via repo-watching
● Out-of-the-box support for some types of rollout via Deployment object, as
well as CRDs to define your own
○ But can also manipulate underlying objects directly
● GitOps ~ environments-as-code + async invocation + repo workflow for
business process
16. ● App repo is driving deployment, env repo is snapshotting desired cluster state
○ Think source code in github is to container image in registry as template in app repo is to
manifest in env repo
● Env repo is just a checkpoint in time, cluster can evolve
○ Kubernetes applies changes to manifests
○ Strategies like exponential rollouts or traffic shifting apply changes over time
● Env repo is not a guaranteed healthy state
○ We can defer snapshotting until some health/success metric… but rollback has no silver bullet
● Deletion from either repo ≠ deletion from cluster
○ Challenge is: not trivial to know if cluster depends, or will depend on manifest not submitted to
repo
○ kubectl apply --prune attempts to solve this with a lot of (scary) caveats
Mental model
22. The mental model
● Understand how your app is updated across two dimensions:
● code change promoted through to
prod
● common externalized config setting,
e.g. localized title ● rotating database credentials for
prod
● updating discovery service
endpoint
● adding debug logging to staging
● configuring a scaling policy in prod
based on a new metric
dependent on app version
independent
of
environment
dependent
on
environment
independent of app version
23. The mental model
● Understand how your app is updated across two dimensions:
Application update
Static environment config
update
(App-linked) environment config
update
dependent on app version
independent
of
environment
dependent
on
environment
independent of app version
24. The mental model
● Understand how your app is updated across two dimensions:
Application update
Static environment config update
(App-linked) environment config
update
dev responsibility ~ app repo platform responsibility ~ env repo
28. The four related processes
● Application update
○ “I want to validate a new release candidate and promote it through envs to prod”
● Environment (config) update
○ “I want to change the attributes of a particular env only”
● Environment spin-up/restore
○ “I want to (re-)create an environment from scratch, with config from a specific checkpoint/point
in time”
● Environment diff, drift detection and remediation
○ “I want to understand how the actual config of an env relates to the intended config, also
potentially across different environments”
40. The four related processes
Demonstrated:
● Application update
● Environment (config) update
Should be relatively easy to see how to do the following with the same data:
● Environment spin-up/restore
● Environment diff, drift detection and remediation
41. Straw man in a nutshell
● Source config in app repo, “compiled” (a.k.a. hydrated) config in env repo(s)
○ Cf. source code in app repo, compiled code in artifact repository
● One app repo per app/team, shared env repos for environments
● Use branches where possible to represent different environments
○ If greater separation via access control is needed, use different repos or consider other
storage
● Keep config in app repo unless it needs to be independent of the app lifecycle
or you really, really need to be able to change it for one env
○ Allows you to use templating/overriding to cut down on duplication
○ The fewer places to keep track of config, the better
● Source config doesn’t have to be “raw” YAML, can be more suitable
abstraction!
○ Cf. higher-level language source code vs. low-level assembly code
42. A quick refresher on the overall picture...
Release pipeline A business process, represented as a sequence, possibly very specific to a service
Test environment Staging environment
Technical components with
interdependencies, defined
“as-code”. To be
automatically sequenced if
possible
Production environment
“environments-as-code” repositories
Deploy to Test Review Approve Deploy to Prod...
App
Endpoint
Config
App
Endpoint
Config’
Old app version
Namespace
43. Implementation thoughts
● Prefer explicit invocation over “repo-watching”
○ Avoids “root-level” process running inside cluster, and provides more flexibility for multi-step
rollouts
○ “Repo-watching” makes visualizing current status harder, and requires some sort of feedback
mechanism to distinguish successful from failed deployments in the repo
○ Hard to support phased/multi-step application
○ Easier to reproduce/simulate
44. Implementation thoughts
● Commit to master (also) after successful application, not (just) before
○ Avoids having to distinguish attempted from successful deployments on master
○ Allows for richer pre-application validation than code diff in a PR (e.g. three-way diff against
actual environment)
○ Avoids commit rights to repo being equivalent to deploy rights to env (and your automation will
need commit rights to make pull requests, unless you used forked repos)
○ Harder if pull requests are used for the business process (as in vanilla GitOps) - requires
multiple branches or “on approve” deployment
45. Tuning for your scenario
● Appropriate level of abstraction? How much “raw” Kubernetes YAML
should our developers have access to?
● Where should the abstraction live? In templates? In CRDs? In the
automation tool?
● What to use for templating? Token replacement or overrides?
● When do you snapshot/publish to the env repo? On every change to the
cluster? Or when a desired end-state is reached? (think multi-step rollout)
● Access control: how many repos do you need? Are code repositories right
for your use case, or e.g. a blobstore better?
● Am I distributing or deploying? Helm is much better suited for distribution
than deployment
○ Its templating capability is often used as part of deployment flows, though
46. Implement
● Choose storage implementations and partitioning strategies for your
environments-as-code
● Define the appropriate level of abstraction for your developers and choose
tools to support it
● Choose a flexible automation tool for your deployment business process
● Define an appropriate definition of deployment health/success to determine
when a deployment is “good”
● Decide which of the four processes - app update, env config update, env
restore and env drift detection - you want to support
● Build pipelines
● Done!