SlideShare a Scribd company logo

DX, Guardrails, Golden Paths & Policy in Kubernetes

Weaveworks
Weaveworks

Today’s modern enterprises are spoilt for choice with technology options, services and approaches. But in order to improve organizational productivity and development velocity, considering how developer experience plays a key role in these decisions will be a huge driver of their success. DevEx is becoming increasingly critical for organizations because developers are important for building digital products and services. Organizations require developers to spend more time coding and less time working on infrastructure. Improving developer toolchains is essential for increasing productivity. But where does security sit in all of this? James Governor, Analyst and Co-Founder of RedMonk and Steve George, COO at Weaveworks (the pioneers for GitOps deployments and infrastructure management) discuss the importance of DX and security in successful organizations today. They focus on how GitOps is enabling DevOps automation and allowing traditional CICD practices to shift further left.

1 of 43
Download to read offline
1 DX, Guardrails, Golden Paths, & Policy Management in Kubernetes #futureofgitops
2 James Governor Analyst & Co-Founder, Redmonk James Governor is co-founder of RedMonk, the only developer-focused industry analyst firm. Based in London, he advises clients on developer-led adoption, open source, community and technology strategy. Speaker introduction Steve George COO, Weaveworks Steve joined Weaveworks in February 2017 as COO where he leads both the Product and Commercial Teams. In a career spanning 25 years, Steve has worked in a range of roles in the technology sector, most recently leading Canonical’s operations and corporate development. His interest and support for FOSS goes back to 1997, when he got hold of his first copy of Slackware on floppy disk.
3 Confidential do not distribute 3
4 Confidential do not distribute 4
5 Confidential do not distribute 5
6 Confidential do not distribute 6
7 Confidential do not distribute 7
8 Confidential do not distribute 8
9 Confidential do not distribute 9
10 Confidential do not distribute 10 Infra as Code
11 Confidential do not distribute 11 GitOps
12 Confidential do not distribute 12 From What, to Why to How
13 Confidential do not distribute 13 Progressive Delivery
14 Confidential do not distribute 14 Observability
15 Confidential do not distribute 15 SRE
16 Confidential do not distribute 16 Production Excellence
17 Confidential do not distribute 17 Platform Engineering
18 Confidential do not distribute 18 Compliance and Policy
19 Confidential do not distribute 19
20 Confidential do not distribute 20
21 Confidential do not distribute 21
22 Confidential do not distribute 22 ● Kubernetes with control ● Multi cloud management ● Software Delivery Compliance ● Governance and Guardrails (the emergence of platform teams) ● Developer Experience ● Single source of the truth for ops and dev teams ● Testing in Production/Production Excellence ● Data Ops (supporting Kafka) ● 5G Edge Networks GitOps Use Cases
23 Confidential do not distribute 23 ● Deep support for hyperscale public cloud suppliers and on prem deployments ● RBAC functionality ● Built for Observability [Prometheus support as an expectation today] ● CI/CD platform integration ● Integrated Progressive Delivery and deployment to Kubernetes clusters ● Policy management GitOps Requirements
Confidential do not distribute 24 Developer Experience
Confidential do not distribute 25 Opaque and sharp learning curve
Confidential do not distribute Complexity of Operations
Confidential do not distribute
● Specific developer and application operations use-cases for Weave GitOps ● Weave GitOps 2022.03 improvements ○ Dev Onramp to application deployment in Weave GitOps ○ GitOps enabled Trusted Delivery ● Bringing GitOps to the IDE - VSCode Extension Weave GitOps Dev Onramp and scaling operations
29 Confidential do not distribute 29 Continuous Application Delivery - use GitOps to deploy and operate applications. Automation increases deployment velocity and developer productivity. Weave GitOps - Use Cases Kubernetes Everywhere - in the cloud or the datacenter Kubernetes is a universal platform that’s easy to manage with GitOps. DevOps Automation - Lifecycle management of the entire platform. all clusters and services, using automation and policy. 1 4 2 5 3 6 Self-Service Platforms - a complete platform giving developers autonomy while ensuring consistency and manageability. Trusted Delivery - shift policy and security left - governance, risk and compliance are non-negotiables. Progressive Delivery - deploy services across many environments and regions reliably using GitOps
Confidential do not distribute Scaled GitOps ● Fleet Management with MCCP ● Advanced Curated Weave Policies using tools Enterprise GitOps ● Curated model/profiles with cluster components ● Application tenancy through workspaces ● Authorization models consistent across the environment. Kubernetes native Weave GitOps: Dev onramp Weave GitOps Enterprise (subscription) Core GitOps ● Curated GitOps toolset, installer, runtime, and proven example configurations Prerequisites ● Infrastructure provisioner ● Source code repo platform ● Container registry Weave GitOps Core (free and open-source)e) 30
31 Confidential do not distribute 31 Challenge: Developer Velocity ● Slow feature delivery cycles ● Manual, unreliable deployments ● Bad deployments - cannot recover Use Case: Application Deployment / Continuous Delivery Solution: GitOps Automation ● Automate the development process ● Continuous application delivery ● Increase MTTD and decrease MTTR
32 Confidential do not distribute Code Repo Source Code Build Container Registry K8s Manifest Config Repo Dev Cluster App Deploy App Automated Deploy Deploy to Dev
33 Confidential do not distribute Pull Request Code Repo Source Code Build Container Registry K8s Manifest Config Repo Inspect Prod Cluster App App Deploy App Manual Approval K8s Manifest Deploy to Production
34 Confidential do not distribute 34 Just Add GitOps… ● Weave GitOps Core is the easiest way to add GitOps for applications. ● Adds onto Flux our CNCF project ● Represents the repositories that store a collection of a declarative description of runnable units ● Shows health of the GitOps agent and shows the status of the system ● Presents the services and the workloads running in instances in a specific environment, including status ● Free and Open Source - Download from Weaveworks
35 Confidential do not distribute 35 Challenge: Developer Velocity and Security ● Manual, time-consuming deployments that requires extensive Kubernetes knowledge ● Security risks from manual checking ● Need for regulatory compliance (HITRUST, ISO-27001, and HIPAA) ● Need for policy control, authorization and audit Use Case: Security shifts left with GitOps (Trusted Delivery) Solution: Trusted Delivery with GitOps ● Guardrails for any deployment running anywhere ● Single pane of glass for policy management ● Policy coverage at commit/build time and at runtime ● Enforce environment and workload compliance with policy as code
Confidential do not distribute 36 Notifications Policy Engine Policies & Playbooks Reports Dashboards Assets & Configs Containers Volumes Network Policies K8s Configs Service Mesh App Components (Dbs, cache, queues, etc) Policies enforcements (Stop and prevent violating changes) Continuous monitoring (code, build, runtime)
37 Enforcing Policies at Every Step Commit Using GitHub actions Build Using CI/CD workflows Deploy K8s admission controllers Runtime Using KubeNotifier Prevent violating changes from being merged Fail builds if there is a violating change Prevent violating changes done through kubectl or APIs Get notified and report violations as they occur
38 Confidential do not distribute 38 Kubernetes Guardrails ● Policies are Dynamic: Can be applied to new or currently running clusters ● Policy Changes and Updates are enabled immediately ● Policy violation reporting uses new and updated policies
39 Create App App Cluster App Pull Request Management Repo Policy Policy Trusted delivery flow 39
40 Weave GitOps Enterprise: Policy as Code ● Enterprise version runs entirely within the customers environment ● Enforces policy on all clusters and leaf clusters can run in a semi-disconnected fashion ● Application Policies are in GitOps: stores policy with the deployment artefacts ● Cluster Policies are in GitOps: stored with the cluster definition ● Alerts on the central management clusters any violation across all clusters and workloads 40
41 Bringing GitOps to the IDE ● As James said - meet developers where they are ● The GitOps Tools for VSCode extension brings GitOps into your IDE ● Use it to iterate quickly and deploy new versions of a service into a dev cluster ● It can: ○ Deploy the GitOps engine onto any Kubernetes ○ Deploy and update them onto different clusters ● Tech preview - we’d love everyone to try it and give feedback https://github.com/weaveworks/vscode-gitops-tools 41
42 Download Weave Core for Free www.weave.works/core Request a demo of Weave GitOps Enterprise www.weave.works/contact Thank You
Confidential do not distribute Thank you https://weave.works 43

Recommended

Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Weaveworks
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Weaveworks
 
Observe and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsObserve and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git ops
Weaveworks
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Weaveworks
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Weaveworks
 
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weaveworks
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Weaveworks
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
Weaveworks
 

Recommended

Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOpsDeploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
Weaveworks
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Weaveworks
 
Observe and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git opsObserve and command your fleets across any kubernetes with weave git ops
Observe and command your fleets across any kubernetes with weave git ops
Weaveworks
 
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...
Weaveworks
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for YouWebinar: Capabilities, Confidence and Community – What Flux GA Means for You
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
Weaveworks
 
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weaveworks
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes ClustersAutomated Provisioning, Management & Cost Control for Kubernetes Clusters
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
Weaveworks
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
Weaveworks
 
Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...
Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...
Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...
Gibran Badrulzaman
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Weaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Weaveworks
 
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
William Caban
 
Axway's Journey to the Cloud
Axway's Journey to the CloudAxway's Journey to the Cloud
Axway's Journey to the Cloud
Axway
 
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsExpedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
CollabNet
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdf
Weaveworks
 
Cloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOpsCloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOps
Weaveworks
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSAccelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Weaveworks
 
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ... Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Weaveworks
 
Weave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any KubernetesWeave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any Kubernetes
Weaveworks
 
gitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdfgitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdf
saraichiba2
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes way
sparkfabrik
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Sonja Schweigert
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Weaveworks
 
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
sparkfabrik
 
Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)
Weaveworks
 
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Vietnam Open Infrastructure User Group
 
Speeding up your team with GitOps
Speeding up your team with GitOpsSpeeding up your team with GitOps
Speeding up your team with GitOps
Brice Fernandes
 
Cloud Native Apps with GitOps
Cloud Native Apps with GitOps Cloud Native Apps with GitOps
Cloud Native Apps with GitOps
Weaveworks
 
Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)
Weaveworks
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)
Weaveworks
 

More Related Content

Similar to DX, Guardrails, Golden Paths & Policy in Kubernetes

Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...
Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...
Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...
Gibran Badrulzaman
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Weaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Weaveworks
 
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
William Caban
 
Axway's Journey to the Cloud
Axway's Journey to the CloudAxway's Journey to the Cloud
Axway's Journey to the Cloud
Axway
 
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsExpedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
CollabNet
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdf
Weaveworks
 
Cloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOpsCloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOps
Weaveworks
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSAccelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Weaveworks
 
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ... Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Weaveworks
 
Weave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any KubernetesWeave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any Kubernetes
Weaveworks
 
gitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdfgitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdf
saraichiba2
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes way
sparkfabrik
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Sonja Schweigert
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Weaveworks
 
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
sparkfabrik
 
Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)
Weaveworks
 
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Vietnam Open Infrastructure User Group
 
Speeding up your team with GitOps
Speeding up your team with GitOpsSpeeding up your team with GitOps
Speeding up your team with GitOps
Brice Fernandes
 
Cloud Native Apps with GitOps
Cloud Native Apps with GitOps Cloud Native Apps with GitOps
Cloud Native Apps with GitOps
Weaveworks
 

Similar to DX, Guardrails, Golden Paths & Policy in Kubernetes (20)

Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...
Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...
Understanding the GitOps Workflow and CICD Pipeline - What It Is, Why It Matt...
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
 
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021
 
Axway's Journey to the Cloud
Axway's Journey to the CloudAxway's Journey to the Cloud
Axway's Journey to the Cloud
 
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and JenkinsExpedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
Expedite Enterprise Software Development with JIRA®, TeamForge® SCM, and Jenkins
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdfGitOps Testing in Kubernetes with Flux and Testkube.pdf
GitOps Testing in Kubernetes with Flux and Testkube.pdf
 
Cloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOpsCloud Native Engineering with SRE and GitOps
Cloud Native Engineering with SRE and GitOps
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKSAccelerating Hybrid Multistage Delivery with Weave GitOps on EKS
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
 
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ... Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
 
Weave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any KubernetesWeave GitOps - continuous delivery for any Kubernetes
Weave GitOps - continuous delivery for any Kubernetes
 
gitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdfgitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdf
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes way
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
 
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
 
Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)Weave GitOps Core Overview (Free GitOps Workshop)
Weave GitOps Core Overview (Free GitOps Workshop)
 
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
 
Speeding up your team with GitOps
Speeding up your team with GitOpsSpeeding up your team with GitOps
Speeding up your team with GitOps
 
Cloud Native Apps with GitOps
Cloud Native Apps with GitOps Cloud Native Apps with GitOps
Cloud Native Apps with GitOps
 

More from Weaveworks

Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)
Weaveworks
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)
Weaveworks
 
Six Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform Engineering
Weaveworks
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
Weaveworks
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Weaveworks
 
Flux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIFlux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCI
Weaveworks
 
How to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy CatastrophesHow to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy Catastrophes
Weaveworks
 
Building internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsBuilding internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOps
Weaveworks
 
Implementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancy
Weaveworks
 
The Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCFThe Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCF
Weaveworks
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdfFlux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdf
Weaveworks
 
Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension
Weaveworks
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and Cilium
Weaveworks
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdf
Weaveworks
 
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdfSimplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Weaveworks
 
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Weaveworks
 
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Weaveworks
 
DevOps Automation with GitOps: Consistent and Secure End to End Deployments
DevOps Automation with GitOps: Consistent and Secure End to End DeploymentsDevOps Automation with GitOps: Consistent and Secure End to End Deployments
DevOps Automation with GitOps: Consistent and Secure End to End Deployments
Weaveworks
 
Trusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate SecurityTrusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate Security
Weaveworks
 
Terraform and Weave GitOps: Build a Fully Automated Application Stack
Terraform and Weave GitOps: Build a Fully Automated Application StackTerraform and Weave GitOps: Build a Fully Automated Application Stack
Terraform and Weave GitOps: Build a Fully Automated Application Stack
Weaveworks
 

More from Weaveworks (20)

Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)Weave AI Controllers (Weave GitOps Office Hours)
Weave AI Controllers (Weave GitOps Office Hours)
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)Flamingo: Expand ArgoCD with Flux (Office Hours)
Flamingo: Expand ArgoCD with Flux (Office Hours)
 
Six Signs You Need Platform Engineering
Six Signs You Need Platform EngineeringSix Signs You Need Platform Engineering
Six Signs You Need Platform Engineering
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdfSRE and GitOps for Building Robust Kubernetes Platforms.pdf
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
 
Flux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCIFlux Beyond Git Harnessing the Power of OCI
Flux Beyond Git Harnessing the Power of OCI
 
How to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy CatastrophesHow to Avoid Kubernetes Multi-tenancy Catastrophes
How to Avoid Kubernetes Multi-tenancy Catastrophes
 
Building internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOpsBuilding internal developer platform with EKS and GitOps
Building internal developer platform with EKS and GitOps
 
Implementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancyImplementing Flux for Scale with Soft Multi-tenancy
Implementing Flux for Scale with Soft Multi-tenancy
 
The Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCFThe Story of Flux Reaching Graduation in the CNCF
The Story of Flux Reaching Graduation in the CNCF
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdfFlux’s Security & Scalability with OCI & Helm Slides.pdf
Flux’s Security & Scalability with OCI & Helm Slides.pdf
 
Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension Flux Security & Scalability using VS Code GitOps Extension
Flux Security & Scalability using VS Code GitOps Extension
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and Cilium
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdf
 
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdfSimplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
 
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
 
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
 
DevOps Automation with GitOps: Consistent and Secure End to End Deployments
DevOps Automation with GitOps: Consistent and Secure End to End DeploymentsDevOps Automation with GitOps: Consistent and Secure End to End Deployments
DevOps Automation with GitOps: Consistent and Secure End to End Deployments
 
Trusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate SecurityTrusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate Security
 
Terraform and Weave GitOps: Build a Fully Automated Application Stack
Terraform and Weave GitOps: Build a Fully Automated Application StackTerraform and Weave GitOps: Build a Fully Automated Application Stack
Terraform and Weave GitOps: Build a Fully Automated Application Stack
 

Recently uploaded

Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
TIPNGVN2
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 

Recently uploaded (20)

Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 

DX, Guardrails, Golden Paths & Policy in Kubernetes

  • 1. 1 DX, Guardrails, Golden Paths, & Policy Management in Kubernetes #futureofgitops
  • 2. 2 James Governor Analyst & Co-Founder, Redmonk James Governor is co-founder of RedMonk, the only developer-focused industry analyst firm. Based in London, he advises clients on developer-led adoption, open source, community and technology strategy. Speaker introduction Steve George COO, Weaveworks Steve joined Weaveworks in February 2017 as COO where he leads both the Product and Commercial Teams. In a career spanning 25 years, Steve has worked in a range of roles in the technology sector, most recently leading Canonical’s operations and corporate development. His interest and support for FOSS goes back to 1997, when he got hold of his first copy of Slackware on floppy disk.
  • 3. 3 Confidential do not distribute 3
  • 4. 4 Confidential do not distribute 4
  • 5. 5 Confidential do not distribute 5
  • 6. 6 Confidential do not distribute 6
  • 7. 7 Confidential do not distribute 7
  • 8. 8 Confidential do not distribute 8
  • 9. 9 Confidential do not distribute 9
  • 10. 10 Confidential do not distribute 10 Infra as Code
  • 11. 11 Confidential do not distribute 11 GitOps
  • 12. 12 Confidential do not distribute 12 From What, to Why to How
  • 13. 13 Confidential do not distribute 13 Progressive Delivery
  • 14. 14 Confidential do not distribute 14 Observability
  • 15. 15 Confidential do not distribute 15 SRE
  • 16. 16 Confidential do not distribute 16 Production Excellence
  • 17. 17 Confidential do not distribute 17 Platform Engineering
  • 18. 18 Confidential do not distribute 18 Compliance and Policy
  • 19. 19 Confidential do not distribute 19
  • 20. 20 Confidential do not distribute 20
  • 21. 21 Confidential do not distribute 21
  • 22. 22 Confidential do not distribute 22 ● Kubernetes with control ● Multi cloud management ● Software Delivery Compliance ● Governance and Guardrails (the emergence of platform teams) ● Developer Experience ● Single source of the truth for ops and dev teams ● Testing in Production/Production Excellence ● Data Ops (supporting Kafka) ● 5G Edge Networks GitOps Use Cases
  • 23. 23 Confidential do not distribute 23 ● Deep support for hyperscale public cloud suppliers and on prem deployments ● RBAC functionality ● Built for Observability [Prometheus support as an expectation today] ● CI/CD platform integration ● Integrated Progressive Delivery and deployment to Kubernetes clusters ● Policy management GitOps Requirements
  • 24. Confidential do not distribute 24 Developer Experience
  • 25. Confidential do not distribute 25 Opaque and sharp learning curve
  • 26. Confidential do not distribute Complexity of Operations
  • 27. Confidential do not distribute
  • 28. ● Specific developer and application operations use-cases for Weave GitOps ● Weave GitOps 2022.03 improvements ○ Dev Onramp to application deployment in Weave GitOps ○ GitOps enabled Trusted Delivery ● Bringing GitOps to the IDE - VSCode Extension Weave GitOps Dev Onramp and scaling operations
  • 29. 29 Confidential do not distribute 29 Continuous Application Delivery - use GitOps to deploy and operate applications. Automation increases deployment velocity and developer productivity. Weave GitOps - Use Cases Kubernetes Everywhere - in the cloud or the datacenter Kubernetes is a universal platform that’s easy to manage with GitOps. DevOps Automation - Lifecycle management of the entire platform. all clusters and services, using automation and policy. 1 4 2 5 3 6 Self-Service Platforms - a complete platform giving developers autonomy while ensuring consistency and manageability. Trusted Delivery - shift policy and security left - governance, risk and compliance are non-negotiables. Progressive Delivery - deploy services across many environments and regions reliably using GitOps
  • 30. Confidential do not distribute Scaled GitOps ● Fleet Management with MCCP ● Advanced Curated Weave Policies using tools Enterprise GitOps ● Curated model/profiles with cluster components ● Application tenancy through workspaces ● Authorization models consistent across the environment. Kubernetes native Weave GitOps: Dev onramp Weave GitOps Enterprise (subscription) Core GitOps ● Curated GitOps toolset, installer, runtime, and proven example configurations Prerequisites ● Infrastructure provisioner ● Source code repo platform ● Container registry Weave GitOps Core (free and open-source)e) 30
  • 31. 31 Confidential do not distribute 31 Challenge: Developer Velocity ● Slow feature delivery cycles ● Manual, unreliable deployments ● Bad deployments - cannot recover Use Case: Application Deployment / Continuous Delivery Solution: GitOps Automation ● Automate the development process ● Continuous application delivery ● Increase MTTD and decrease MTTR
  • 32. 32 Confidential do not distribute Code Repo Source Code Build Container Registry K8s Manifest Config Repo Dev Cluster App Deploy App Automated Deploy Deploy to Dev
  • 33. 33 Confidential do not distribute Pull Request Code Repo Source Code Build Container Registry K8s Manifest Config Repo Inspect Prod Cluster App App Deploy App Manual Approval K8s Manifest Deploy to Production
  • 34. 34 Confidential do not distribute 34 Just Add GitOps… ● Weave GitOps Core is the easiest way to add GitOps for applications. ● Adds onto Flux our CNCF project ● Represents the repositories that store a collection of a declarative description of runnable units ● Shows health of the GitOps agent and shows the status of the system ● Presents the services and the workloads running in instances in a specific environment, including status ● Free and Open Source - Download from Weaveworks
  • 35. 35 Confidential do not distribute 35 Challenge: Developer Velocity and Security ● Manual, time-consuming deployments that requires extensive Kubernetes knowledge ● Security risks from manual checking ● Need for regulatory compliance (HITRUST, ISO-27001, and HIPAA) ● Need for policy control, authorization and audit Use Case: Security shifts left with GitOps (Trusted Delivery) Solution: Trusted Delivery with GitOps ● Guardrails for any deployment running anywhere ● Single pane of glass for policy management ● Policy coverage at commit/build time and at runtime ● Enforce environment and workload compliance with policy as code
  • 36. Confidential do not distribute 36 Notifications Policy Engine Policies & Playbooks Reports Dashboards Assets & Configs Containers Volumes Network Policies K8s Configs Service Mesh App Components (Dbs, cache, queues, etc) Policies enforcements (Stop and prevent violating changes) Continuous monitoring (code, build, runtime)
  • 37. 37 Enforcing Policies at Every Step Commit Using GitHub actions Build Using CI/CD workflows Deploy K8s admission controllers Runtime Using KubeNotifier Prevent violating changes from being merged Fail builds if there is a violating change Prevent violating changes done through kubectl or APIs Get notified and report violations as they occur
  • 38. 38 Confidential do not distribute 38 Kubernetes Guardrails ● Policies are Dynamic: Can be applied to new or currently running clusters ● Policy Changes and Updates are enabled immediately ● Policy violation reporting uses new and updated policies
  • 39. 39 Create App App Cluster App Pull Request Management Repo Policy Policy Trusted delivery flow 39
  • 40. 40 Weave GitOps Enterprise: Policy as Code ● Enterprise version runs entirely within the customers environment ● Enforces policy on all clusters and leaf clusters can run in a semi-disconnected fashion ● Application Policies are in GitOps: stores policy with the deployment artefacts ● Cluster Policies are in GitOps: stored with the cluster definition ● Alerts on the central management clusters any violation across all clusters and workloads 40
  • 41. 41 Bringing GitOps to the IDE ● As James said - meet developers where they are ● The GitOps Tools for VSCode extension brings GitOps into your IDE ● Use it to iterate quickly and deploy new versions of a service into a dev cluster ● It can: ○ Deploy the GitOps engine onto any Kubernetes ○ Deploy and update them onto different clusters ● Tech preview - we’d love everyone to try it and give feedback https://github.com/weaveworks/vscode-gitops-tools 41
  • 42. 42 Download Weave Core for Free www.weave.works/core Request a demo of Weave GitOps Enterprise www.weave.works/contact Thank You
  • 43. Confidential do not distribute Thank you https://weave.works 43