Terraform and Weave GitOps: Build a Fully Automated Application Stack

•Download as PPTX, PDF•

0 likes•315 views

This document discusses using GitOps and the Weaveworks Terraform Controller to manage AWS Lambda functions on Kubernetes. Key points include: - Flux is used to bootstrap the Terraform Controller on Kubernetes which then reconciles any changes to the Terraform manifest stored in Git. - The Terraform manifest defines an AWS Lambda resource and references the Git repo, AWS credentials secret, and outputs secret. - AWS access keys are stored as a Kubernetes secret referenced by the Terraform configuration to provision the Lambda function.

Technology

1
GitOps
Everything
Steve Waterworth
Technical Marketing Manager

2
There’s more to real applications than just Kubernetes

6
● Flux bootstrapped on K8s
● Install Weaveworks Terraform Controller via Helm
● Normal file layout
○ main.tf - variables.tf - outputs.tf
○ Function source in subdirectory
● Manual testing before committing to Git
● Terraform manifest
Technique

7
apiVersion: infra.contrib.fluxcd.io/v1alpha1
kind: Terraform
Metadata:
name: aws-lambda
namespace: flux-system
Spec:
approvePlan: "auto"
destroyResourcesOnDeletion: true
interval: 1m
sourceRef:
kind: GitRepository
name: tf-lambda
namespace: flux-system
varsFrom:
- name: tf-aws-keys
kind: Secret
writeOutputsToSecret:
name: aws-lambda-output
Terraform Manifest

$8 kubectl create secret generic tf-aws-keys -n flux-system --from-literal=access_key=$AWS_ACCESS_KEY_ID --from-literal=secret_key=$AWS_SECRET_ACCESS_KEY main.tf provider "aws" { region = var.aws_region access_key = var.access_key secret_key = var.secret_key } AWS Credentials$

11
Weave GitOps
www.weave.works
Sign up for a Weave GitOps workshop
www.weave.works/events
Terraform Controller
weaveworks.github.io/tf-controller/
Thank You

What's hot

Introduction to kubernetes

Michal Cwienczek

GitOps with ArgoCD

CloudOps2005

01. Kubernetes-PPT.pptx

TamalBanerjee16

GitOps - Modern best practices for high velocity app dev using cloud native t...

Weaveworks

Hands-On Introduction to Kubernetes at LISA17

Ryan Jarvinen

For this info-packed and hands-on workshop we cover: 📍 Introduction to Kubernetes & GitOps talk: We cover the most popular path that has brought success to many users already - GitOps as a natural evolution of Kubernetes. We'll give an overview of how you can benefit from Kubernetes and GitOps: greater security, reliability, velocity and more. Importantly, we cover definitions and principles standardized by the CNCF's OpenGitOps group and what it means for you. 📍 Get Started with GitOps: You'll have GitOps up and running in about 30 mins using our free and open source tools! We'll give a brief vision of where you want to be with those security, reliability, and velocity benefits, and then we'll support you while go through the getting started steps. During the workshop, you'll also experience in action and see demos for: - an opinionated repo structure to minimize decision fatigue - disaster recovery using GitOps - Helm charts example - Multi-cluster example - all with free and open source tools mostly in the CNCF (eg. Flux and Helm). If you have questions before or after the workshop, talk to us at #weave-gitops http://bit.ly/WeaveGitOpsSlack (If you need to invite yourself to the Slack, visit https://slack.weave.works/)

Intro to Kubernetes & GitOps Workshop

Weaveworks

An overview of the Kubernetes architecture

Igor Sfiligoi

If you’re working with just a few containers, managing them isn't too complicated. But what if you have hundreds or thousands? Think about having to handle multiple upgrades for each container, keeping track of container and node state, available resources, and more. That’s where Kubernetes comes in. Kubernetes is an open source container management platform that helps you run containers at scale. This talk will cover Kubernetes components and show how to run applications on it.

Getting Started with Kubernetes

VMware Tanzu

DevJam 2019 - Introduction to Kubernetes

Ronny Trommer

Kubernetes Application Deployment with Helm - A beginner Guide!

Krishna-Kumar

Meetup 23 - 03 - Application Delivery on K8S with GitOps

Vietnam Open Infrastructure User Group

Intro to Git, GitHub, and BitBucket

Legal Services National Technology Assistance Project (LSNTAP)

Gitlab, GitOps & ArgoCD

Haggai Philip Zagury

Kubernetes 101

Winton Winton

GitOps and ArgoCD

Omar Fathy

Intro to GitOps & Flux.pdf

Weaveworks

GitOps è un nuovo metodo di CD che utilizza Git come unica fonte di verità per le applicazioni e per l'infrastruttura (declarative infrastructure/infrastructure as code), fornendo sia il controllo delle revisioni che il controllo delle modifiche. In questo talk vedremo come implementare workflow di CI/CD Gitops basati su Kubernetes, dalla teoria alla pratica passando in rassegna i principali strumenti oggi a disposizione come ArgoCD, Flux (aka Gitops engine) e JenkinsX

Gitops: the kubernetes way

sparkfabrik

Kubernetes - introduction

Sparkbit

Follow along in this free workshop and experience GitOps! AGENDA:  Welcome - Tamao Nakahara, Head of DX (Weaveworks)  Introduction to Kubernetes & GitOps - Mark Emeis, Principal Engineer (Weaveworks)  Weave Gitops Overview - Tamao Nakahara  Free Gitops Workshop - David Harris, Product Manager (Weaveworks) If you're new to Kubernetes and GitOps, we'll give you a brief introduction to both and how GitOps is the natural evolution of Kubernetes. Weave GitOps Core is a continuous delivery product to run apps in any Kubernetes. It is free and open source, and you can get started today! https://www.weave.works/product/gitops-core If you’re stuck, also come talk to us at our Slack channel! #weave-gitops http://bit.ly/WeaveGitOpsSlack (If you need to invite yourself to the Slack, visit https://slack.weave.works/)

Free GitOps Workshop + Intro to Kubernetes & GitOps

Weaveworks

ArgoCD Meetup PPT final.pdf

amanmakwana3

What's hot (20)

Introduction to kubernetes

GitOps with ArgoCD

01. Kubernetes-PPT.pptx

GitOps - Modern best practices for high velocity app dev using cloud native t...

Hands-On Introduction to Kubernetes at LISA17

Intro to Kubernetes & GitOps Workshop

An overview of the Kubernetes architecture

Getting Started with Kubernetes

DevJam 2019 - Introduction to Kubernetes

Kubernetes Application Deployment with Helm - A beginner Guide!

Meetup 23 - 03 - Application Delivery on K8S with GitOps

Intro to Git, GitHub, and BitBucket

Gitlab, GitOps & ArgoCD

Kubernetes 101

GitOps and ArgoCD

Intro to GitOps & Flux.pdf

Gitops: the kubernetes way

Kubernetes - introduction

Free GitOps Workshop + Intro to Kubernetes & GitOps

ArgoCD Meetup PPT final.pdf

Similar to Terraform and Weave GitOps: Build a Fully Automated Application Stack

Exploring the Future of Helm

Matthew Farina

Helm @ Orchestructure

Matthew Farina

Kubernetes intro public - kubernetes meetup 4-21-2015

Rohit Jnagal

Kubernetes intro public - kubernetes user group 4-21-2015

reallavalamp

Scaling docker with kubernetes

Liran Cohen

In this new presentation, we will cover advanced Terraform topics (full-on DevOps). We will compare the deployment of Terraform using Azure DevOps, GitHub/GitHub Actions, and Terraform Cloud. We wrap everything up with some key takeaway learning resources in your Terraform learning adventure. NOTE: A recording of this presenting is available here: https://www.youtube.com/watch?v=fJ8_ZbOIdto&t=5574s

Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)

Adin Ermie

(Gwen Shapira + Matthias J. Sax, Confluent) Kafka Summit SF 2018 Kafka Streams, Apache Kafka’s stream processing library, allows developers to build sophisticated stateful stream processing applications which you can deploy in an environment of your choice. Kafka Streams is not only scalable, but fully elastic allowing for dynamic scale-in and scale-out as the library handles state migration transparently in the background. By running Kafka Streams applications on Kubernetes, you will be able to use Kubernetes powerful control plane to standardize and simplify the application management—from deployment to dynamic scaling. In this technical deep dive, we’ll explain the internals of dynamic scaling and state migration in Kafka Streams. We’ll then show, with a live demo, how a Kafka Streams application can run in a Docker container on Kubernetes and the dynamic scaling of an application running in Kubernetes.

Deploying Kafka Streams Applications with Docker and Kubernetes

confluent

thredUP team shares key learnings from after-migration processes. We tell you about what technologies and solutions worked best for us and where we spent time troubleshooting and improving. In particular we have focused on development and staging experience, user authentication, cloud-native CI pipelines, applications telemetry and service mesh. We also share our experience with Kubernetes security hardening, autoscaling and tell you about a new service creation within our infrastructure.

Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv

Aleksey Asiutin

So, you have developed your application, and have built containers for each of its components, now you need to deploy them in a container orchestration platform. You have heard about Kubernetes, but have yet to take the plunge and learn how to use it effectively. Say no more fam. In this talk I will start by describing the Kubernetes resources, how they map to usual application components, and best practices on Kubernetes deployments.

Deploying on Kubernetes - An intro

André Cruz

[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus

OpenStack Korea Community

Drupaljam 2017 - Deploying Drupal 8 onto Hosted Kubernetes in Google Cloud

Dropsolid

Many clusters, many problems? Having many clusters has benefits: reduced blast radius, less vertical scaling of cluster components, and a natural trust boundary. In this session, Zalando shows its approach for running 140+ clusters on AWS, how it does continuous delivery for its cluster infrastructure, and how it created open-source tooling to manage cost efficiency and improve developer experience. The company openly shares its failures and the learnings collected during three years of Kubernetes in production. AWS re:Invent session OPN211 on 2019-12-05

How Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent

Henning Jacobs

Francisco Javier Ramírez Urea - IT Architect, Hoplasoftware Guillaume Morini - SE, Docker The integration of Kubernetes orchestration into the Docker Enterprise Platform presents deployments with interesting new abstractions for application connectivity. Devs and Ops are often challenged with rationalizing how pod networking (with CNI plugins like Calico or Flannel), Services (via kube-proxy) and Ingress work in concert to enable application connectivity within and outside a cluster. Similarly, given the dynamic and transient nature of containerized microservice workloads, how to leverage scalable and declarative approaches like network policies to express segmentation and security primitives. This session provides an illustrative walkthrough of these core concepts by going through common deployment architectures providing design, operations, and scale considerations based on experience from numerous production deployments. We will discuss Kubernetes publishing methods and deep dive into Ingress Controllers. This session will also showcase how to complement application and operations workflows with policy-driven business, compliance and security controls typically required in enterprise production deployments including going further into limiting traffic to services, session persistence, rewriting, and activating container health checks.

DCEU 18: Docker Container Networking

Docker, Inc.

Thanks to tools like kubeadm, Terraform or Ansible setting up a Kubernetes cluster on a dedicated environment is getting reachable, but what’s about setting up a bunch of cluster in multiple clouds in automatic way? This is still a challenge. Also if you want to do same in your own datacenter. In this talk we will take a look to the approach to orchestrate and manage a whole set of k8s cluster by the Cluster API project of kubernetes (a subproject of sig-cluster-lifecycle). The main idea behind it is to use the Kubernetes API itself to manage multiple clusters with there master and worker nodes in same way you would manage your PODs - define the needed resources and the responsible controller will take care for providing it. After an overview about the concepts of cluster API, I will show what’s needed to implement a cluster API conform machine class/deployment. There I will see that adding your own provider isn’t that hard as you may aspect. At the end of the day it just requires a simple interface to implement. The corresponding kubermatic controllers we implemented at Loodse are available as open source, so its possible to play around with it. A live demo will show how easy it is to spin up and maintain multiple Kubernetes cluster at different public and on-premise cloud providers over one managing cluster. A final wrap up will summarize the current state of the Cluster API project and the advantages of managing clusters as cattles instead of pets.

Kubernetes Cluster API - managing the infrastructure of multi clusters (k8s ...

Tobias Schneck

Dayta AI Seminar - Kubernetes, Docker and AI on Cloud

Jung-Hong Kim

Linux sever building

Edmond Yu

K8s Pod Scheduling - Deep Dive. By Tsahi Duek.

Cloud Native Day Tel Aviv

Running php on nginx

Harald Zeitlhofer

Terraform - Taming Modern Clouds

Nic Jackson

Openstack days sv building highly available services using kubernetes (preso)

Allan Naim

Similar to Terraform and Weave GitOps: Build a Fully Automated Application Stack (20)

Exploring the Future of Helm

Helm @ Orchestructure

Kubernetes intro public - kubernetes meetup 4-21-2015

Kubernetes intro public - kubernetes user group 4-21-2015

Scaling docker with kubernetes

Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)

Deploying Kafka Streams Applications with Docker and Kubernetes

Kubernetes Navigation Stories – DevOpsStage 2019, Kyiv

Deploying on Kubernetes - An intro

[OpenInfra Days Korea 2018] Day 2 - E6 - OpenInfra monitoring with Prometheus

Drupaljam 2017 - Deploying Drupal 8 onto Hosted Kubernetes in Google Cloud

How Zalando runs Kubernetes clusters at scale on AWS - AWS re:Invent

DCEU 18: Docker Container Networking

Kubernetes Cluster API - managing the infrastructure of multi clusters (k8s ...

Dayta AI Seminar - Kubernetes, Docker and AI on Cloud

Linux sever building

K8s Pod Scheduling - Deep Dive. By Tsahi Duek.

Running php on nginx

Terraform - Taming Modern Clouds

Openstack days sv building highly available services using kubernetes (preso)

More from Weaveworks

LLMs are one of the rising workloads on Kubernetes and so are the complexities of deploying, managing and fine-tuning them. With this latest extension we can offer a strong blueprint for enterprises on how to keep LLMs OCI contained with the use of Kubernetes, Flux and Weave AI Controllers. The Highlights: * Simplified deployment, management, and fine-tuning of LLMs on any Kubernetes infrastructure. * Strong security and governance ensured through GitOps workflows and a robust signing and verification process. The Whys: * Security, Governance & Compliance: Ensures vulnerability-free and compliant deployments. * Seamless Integration: Works with existing systems, including Red Hat OpenShift. * GitOps for Productivity & Collaboration: Leverages the power of Flux and Kubernetes for automated, streamlined workflows. The Weave AI Controllers are an out of the box extension for Flux and are shipped and supported with Weave GitOps Assured (https://www.weave.works/product/gitops) and Enterprise (https://www.weave.works/product/gitops-enterprise/). Read our latest blog for more information (https://www.weave.works/blog/weave-ai-controllers) and visit GitHub to get started - https://github.com/weave-ai/weave-ai

Weave AI Controllers (Weave GitOps Office Hours)

Weaveworks

Flamingo is an open source tool that allows for integrated use of both Flux and ArgoCD, the two leading GitOps solutions available today. * See how to integrate the two most used CNCF projects together to create flexible and extensible GitOps solutions. * Learn how to use Flux’s powerful and secure controllers with ArgoCD’s web-based GUI. * Understand how Flamingo provides a path towards Platform Engineering for ArgoCD users. * Explore extending ArgoCD to manage Infrastructure as Code through Flux’s Terraform Controller. For more information visit: https://github.com/flux-subsystem-argo/flamingo

Flamingo: Expand ArgoCD with Flux (Office Hours)

Weaveworks

Flux, the original GitOps project, began its development in a small London office back in 2017 with the goal to bring continuous delivery (CD) to developers, platform and cluster operators working with Kubernetes. From donating the project to the CNCF, its continued growth within the cloud native community, to its achievement of passing rigorous battle tests for security, longevity and governance, it’s little wonder that Flux v2 has reached yet another celebratory milestone – General Availability (GA). Flux is the GitOps platform of choice for many enterprise companies such as SAP, Volvo Cars, and Axel Springer; and is embedded within AKS, Azure Arc and EKS Anywhere. It provides extensive automation to CI/CD, security and audit trails, and reliability through canary deployments and rollback capabilities. Join this webinar by Flux maintainers and creators and discover: * Latest release features and roadmap for the future. * Interesting use cases for Flux (e.g security). * Flux capabilities you may not be aware of (e.g. extensions). * Joining the vibrant Flux community. * How to leverage Flux in a supported enterprise environment today.

Webinar: Capabilities, Confidence and Community – What Flux GA Means for You

Weaveworks

Although not an entirely new concept, Platform Engineering and Internal Developer Platforms (IDPs) are all the rage due to their potential to increase development velocity and deployment frequency while boosting reliability and security. Join Joe Dahlquist, VP of PMM and Mohamed Ahmed, VP of Developer Platforms at Weaveworks to learn the 6 tell-tale signs your company should implement a platform engineering approach. The webinar draws on hundreds of conversations with SRE’s, developers, and platform engineering teams to help you better understand what works, what doesn’t and what might be missing from your strategy. Attendees can apply these learnings to their first (or next) developer platform regardless of your build vs. buy journey. You will learn: * The difference between Internal Developer Platforms and Platform Engineering * Why platform engineering now? * How Dev and Ops benefit from an IDP * 6 tell-tale signs to start platform engineering * Drafting your platform engineering strategy - where to begin and what to avoid

Six Signs You Need Platform Engineering

Weaveworks

In today's technology-driven landscape, ensuring the reliability and stability of systems is critical for organizations to deliver exceptional user experiences. Site Reliability Engineering (SRE) has emerged as a proven methodology to achieve operational excellence and elevate performance. By combining SRE and GitOps, organizations can leverage the benefits of both methodologies. GitOps provides a reliable and auditable approach to managing infrastructure and application changes, ensuring that all deployments are version-controlled and consistent across environments. This aligns with the SRE principle of implementing standardized and automated processes for maintaining system reliability. Join our live webinar as we introduce the fundamentals and significance of SRE and GitOps, and provide actionable strategies for implementation. We’ll also explore the features of Weave GitOps that integrate SRE and GitOps practices to streamline workflows to support system reliability and stability. You will learn: An overview and correlation of key SRE and GitOps best practices The 5 keys DORA metrics for measuring performance of software delivery. How to leverage continuous delivery and progressive delivery to enhance application stability. How Weave GitOps can reliably simplify the management of infrastructure and applications, with real-world customer examples illustrating their impact.

SRE and GitOps for Building Robust Kubernetes Platforms.pdf

Weaveworks

One of the key values of GitOps relies on its fully declarative single source of truth in Git for the desired state of your entire system – configuration that continuously reconciles with the runtime of the system. Validating committer identity in your Git repository is a critical component towards a secure GitOps solution. Although basic capabilities are provided by Git service providers, more granular controls for governance and compliance are a requirement to satisfy most enterprise grade implementations. How do you keep that end to end process secure, from Git to Runtime? Join Weaveworks and Chainguard for a live webinar where we will look at how Chainguard Enforce for Git together with Weave GitOps Enterprise Policy Engine allows you to secure your end to end GitOps workflows, from Git to Runtime. You will learn how to: - Use Chainguard Enforce for Git to ensure only authorized GitOps tooling can modify your desired state. - Provide a secure identity to Weave GitOps Enterprise for all Git operations. - Use Weave GitOps Policy Engine to guarantee compliance on admission.

Webinar: End to End Security & Operations with Chainguard and Weave GitOps

Weaveworks

Watch the recap: https://youtu.be/gKR95Kmc5ac In this KubeCon Europe 2023 session, Stefan and Hidde will talk about the latest developments of Flux around the Open Container Initiative (OCI). The focus will be on how OCI can serve as the single source of truth for both application code (container images) and configuration (OCI artifacts). We will start by explaining how Flux can be used as a package manager for distributing Kubernetes configs and Terraform modules as OCI artifacts. Afterwards, we will demonstrate how to build a secure delivery pipeline that leverages Flux integrations with GitHub Actions and keyless signatures from Sigstore Cosign. Lastly, we will touch upon the upcoming plans for 2023 and the significance of OCI in the future of continuous delivery with Flux.

Flux Beyond Git Harnessing the Power of OCI

Weaveworks

In today’s economic climate, IT departments are feeling the pressure to reduce costs which can have a significant effect on development teams, and more specifically, Kubernetes strategies. For many organizations, there is a good chance that many Kubernetes resources are overprovisioned, and it’s often difficult to visualize which processes are responsible for this unnecessary spend. Weaveworks has joined forces with KubeCost to show you how to “do more with less” by easily integrating a Kubernetes FinOps solution into your existing workflows and seamlessly automating the provisioning and management of FinOps enabled Kubernetes clusters from a single UI / dashboard. Join this webinar to discover best practices for monitoring and reducing Kubernetes spend, while balancing cost, performance, and reliability. What you’ll learn: - Best practices for implementing a FinOps strategy in your organization. - Cluster management and templating capabilities using Weave GitOps for automating FinOps. - How to use predefined, automated policies for reliable cost control across your Kubernetes environment.

Automated Provisioning, Management & Cost Control for Kubernetes Clusters

Weaveworks

Picture this… It’s the middle of the night on a Saturday, and the sound of slack messages rolling in rouses you from slumber. Then two text messages chime in quick succession. As you grab your phone and pry open an eye to figure out WTF, the phone rings - and it’s your boss!? You stammer out a “Hello?” She sounds alarmed. “Wake up, we have a big problem” “It’s two-in-the-morning, what problem?” you croak back. “I guess you missed the alerts while you were sleeping…API endpoints in prod are getting knocked over, and the tokens responsible are yours.” “They’re what? How?” “Get to your machine and jump on the meeting link I just sent - everybody’s waiting” Yikes. Join Weaveworks for some real-world tales from the trenches, and learn about the 5 simple things you can do to prevent making a royal mess of Tenancy in Kubernetes. Hear from developers that got that late night call because of a bone-headed accident, and teams affected by gob-smacking access and permissions foul-ups. Luckily for us, they were happy to tell us the tales so we can learn from their pain. Weave GitOps Workspaces is a new feature that enables multi-tenancy so platform engineers can scale their GitOps workflows across numerous development teams. Oh yeah, it also wards -off wake-up calls in the middle of the night, which is nice. Watch this webinar recording to learn: - How Weave GitOps simplifies tenancy management - How security guardrails keep you from blowing a hole in your app, and across your team - 5 takeaways for enabling Kubernetes tenancy safely and effectively for your teams

How to Avoid Kubernetes Multi-tenancy Catastrophes

Weaveworks

An internal developer platform (IDP) is a set of standardized tools and technologies that enables development teams to self-service, offering convenient access to resources they need to create and deploy compliant code. The ultimate goal is to facilitate automation, autonomy and productivity across large teams. However, creating an IDP is highly complex, especially when bridging hybrid scenarios. In fact, build timelines can take anywhere between one to two years! In this Techstrong Learning Experience, we will discuss how platform engineers can more efficiently build an IDP with Amazon EKS and Weave GitOps and accelerate cloud-native adoption while speeding up migration of existing applications to the cloud. Our experts will also introduce EKS Blueprints, a collection of infrastructure-as-code (IaC) modules like Terraform and AWS Cloud Development Kit (AWS CDK) that will help you configure and deploy consistent EKS clusters across on-premises and cloud. Key Takeaways: - Why you should build a self-service IDP - How to leverage EKS, GitOps and EKS Blueprints to build your IDP - A review of use cases and benefits of an IDP

Building internal developer platform with EKS and GitOps

Weaveworks

GitOps is amazing... until you can't apply it! This has been the case mostly for testing where it continues to be more of a push than a pull in organizations' DevOps pipelines. Join us in this talk to learn the benefits of improving your existing testing pipeline with Testkube, an open source project that brings tests inside your Kubernetes cluster, and FluxCD adding the GitOps sprinkles to testing! Speaker: Abdallah Abedraba, Product Leader at Testkube Abdallah works at Testkube, a Kubernetes native testing framework. In his prior experiences, he has tried everything from software engineering to product management, and now working as a Developer Advocate, on open source (a dream of his!) evangelizing all things Testing and Kubernetes. In his free time, he enjoys attending developer conferences and meetups, as well as spending time at the movies and actively listening to music.

GitOps Testing in Kubernetes with Flux and Testkube.pdf

Weaveworks

You may not think of "GitOps" and "service mesh" together – but maybe you should! These two wildly different technologies are each enormously capable independently, and combined they deliver far more than the sum of their parts: a single Git commit can control workflows customized for your exact situation by taking advantage of the service mesh's ability to measure and manipulate traffic anywhere in your application's call graph, and you can rest easy knowing that Git is preserving the complete configuration for your entire application every step of the way. See how these technologies can work together to tackle complex problems in cloud-native applications. What you’ll get out of this: * Understand what GitOps and service meshes can - and can't - do for you. * Understand basic operations with GitOps and Linkerd. * Understand the basics of continuous deployment with Weave GitOps and Linkerd.

Intro to GitOps with Weave GitOps, Flagger and Linkerd

Weaveworks

Soft multi-tenancy can be hard to achieve and secure. Multiple tenants sharing the same cluster means there are global objects, like Custom Resource Definitions (CRDs), namespaces, and so on, that you don’t want tenants controlling. Platform admins, cluster admins, and tenants, should be separated, with dedicated namespaces, role bindings, node groups, taints and tolerations, etc. With Flux, tenant isolation is enforced by default, so you don’t have to worry about accidental tenant cross-over / cross-contamination. In this session, Priyanka “Pinky” Ravi, Developer Experience Engineer at Weaveworks, will walk you through how to set up multi-tenancy on an existing Kubernetes cluster and manage several tenants within the cluster. Take advantage of the benefits that come with infrastructure as code.

Implementing Flux for Scale with Soft Multi-tenancy

Weaveworks

Join Leo Murillo, Principal Solutions Architect at Weaveworks and Rama Ponnuswami, Sr. Container Specialist at AWS, as they walk through accelerating Multi-stage delivery on GitOps. If you already have EKS-A, you are ready to automate the release of multistage delivery. Thus, allowing you to deploy more often and reliably with less overhead. In this Webinar, we cover: - Best practices for CI/CD, GitOps and Application Pipeline Management. - Simple cluster management across Kubernetes hybrid infrastructure. - Multistage deployments using Weave GitOps for EKS and EKS-A using a single UI dashboard.

Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS

Weaveworks

The Story of Flux Reaching Graduation in the CNCF

Weaveworks

In this session, we’ve partnered with Upbound to showcase how to effectively manage application delivery while maintaining a high level of security using Weave GitOps and Upbound. Managing a stateful application deployment with a relational database, Weave GitOps can recognize if there is a policy violation and correct it before deploying the application. Join us as we demonstrate the scenarios where: All changes to application configuration are managed through Git workflows Upbound’s Universal Crossplane allows you to build, deploy, and manage your cloud platforms GitOps provides an extra layer of security by removing the need for direct access to Kubernetes clusters Policy-as-Code guarantees security, resilience and coding standards compliance Watch the recording: xx

Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...

Weaveworks

In a joint webinar with Traefik Labs, we show how Traefik Hub, a SaaS-based cloud native networking platform, helps you publish your containers securely in seconds with tunnels, OIDC authentication and automated TLS certificate management. And, how you can combine that with Weave GitOps to achieve continuous application delivery using progressive delivery strategies for risk-free and reliable deployments. Security is key, so we showcase multi-tenancy for full RBAC across the different deployment stages, and trusted delivery best practices for continuous security and compliance baked in. Learn how: - To utilize canary deployments for reliable and risk-free application deployments. - GitOps lets you automate and secure the publishing of containers at the edge consistently. - Easy it is to deploy, update and manage your application workloads on Kubernetes. - To publish containers securely using tunnels, OIDC authentication and TLS certificate management.

Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...

Weaveworks

Flux’s Security & Scalability with OCI & Helm Slides.pdf

Weaveworks

Recently Flux has released two new features (OCI and Cosign) for scalable and secure GitOps. Juozas Gaigalas, a Developer Experience Engineer at Weaveworks, will demonstrate how developers and platform engineers can quickly create scalable and Cosign-verified GitOps configurations using VS Code GitOps Tools extension. New and experienced Flux users can learn about Flux’s OCI and Cosign support through this demo.

Flux Security & Scalability using VS Code GitOps Extension

Weaveworks

Deploying secure, cloud native stateful applications requires a high level of performance across hybrid and multi-cloud environments. Using the scalable, highly performant storage provided by Ondat in combination with Weave GitOps Trusted Delivery, you can shift left security and accelerate software development. Watch this on-demand webinar as we demonstrate how: - All changes to application configuration are managed through Git workflows GitOps provides an extra layer of security by removing the need for direct access to Kubernetes clusters. - Policy-as-Code guarantees security, resilience and coding standards compliance. - To dynamically provision highly available persistent volumes by simply deploying Ondat anywhere with a simple operator profile. - All data services such as replication, compression and encryption, are optimized and accelerated to scale on any platform with Ondat’s low latency data plane.

Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps

Weaveworks

More from Weaveworks (20)

Weave AI Controllers (Weave GitOps Office Hours)

Flamingo: Expand ArgoCD with Flux (Office Hours)

Webinar: Capabilities, Confidence and Community – What Flux GA Means for You

Six Signs You Need Platform Engineering

SRE and GitOps for Building Robust Kubernetes Platforms.pdf

Webinar: End to End Security & Operations with Chainguard and Weave GitOps

Flux Beyond Git Harnessing the Power of OCI

Automated Provisioning, Management & Cost Control for Kubernetes Clusters

How to Avoid Kubernetes Multi-tenancy Catastrophes

Building internal developer platform with EKS and GitOps

GitOps Testing in Kubernetes with Flux and Testkube.pdf

Intro to GitOps with Weave GitOps, Flagger and Linkerd

Implementing Flux for Scale with Soft Multi-tenancy

Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS

The Story of Flux Reaching Graduation in the CNCF

Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...

Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...

Flux’s Security & Scalability with OCI & Helm Slides.pdf

Flux Security & Scalability using VS Code GitOps Extension

Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps

Recently uploaded

The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.

Search and Society: Reimagining Information Access for Radical Futures

Bhaskar Mitra

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

Speed Wins: From Kafka to APIs in Minutes

confluent

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to: Create a campaign using Mailchimp with merge tags/fields Send an interactive Slack channel message (using buttons) Have the message received by managers and peers along with a test email for review But there’s more: In a second workflow supporting the same use case, you’ll see: Your campaign sent to target colleagues for approval If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team But—if the “Reject” button is pushed, colleagues will be alerted via Slack message Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors. And... Speakers: Akshay Agnihotri, Product Manager Charlie Greenberg, Host

Connector Corner: Automate dynamic content and events by pushing a button

DianaGray10

The Future of Platform Engineering

Jemma Hussein Allen

Intrigued by why some of the world's largest companies (Netflix, Google, Cisco, Twitter, Uber etc) are using gRPC? In this demo based talk we delve into the world of gRPC in .Net, what it does and why we should use it. We compare the interface with both Rest and graphQL. We will show you how to implement grpc server-side in .net and in the web. Finally, I will show you how the tooling helps you deliver powerful interfaces and interact with them quickly and simply.

Demystifying gRPC in .Net by John Staveley

John Staveley

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

Key Trends Shaping the Future of Infrastructure.pdf

Cheryl Hung

Designing Great Products: The Power of Design and Leadership by Chief Designe...

Product School

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

I'm excited to share my latest predictions on how AI, robotics, and other technological advancements will reshape industries in the coming years. The slides explore the exponential growth of computational power, the future of AI and robotics, and their profound impact on various sectors. Why this matters: The success of new products and investments hinges on precise timing and foresight into emerging categories. This deck equips founders, VCs, and industry leaders with insights to align future products with upcoming tech developments. These insights enhance the ability to forecast industry trends, improve market timing, and predict competitor actions. Highlights: ▪ Exponential Growth in Compute: How $1000 will soon buy the computational power of a human brain ▪ Scaling of AI Models: The journey towards beyond human-scale models and intelligent edge computing ▪ Transformative Technologies: From advanced robotics and brain interfaces to automated healthcare and beyond ▪ Future of Work: How automation will redefine jobs and economic structures by 2040 With so many predictions presented here, some will inevitably be wrong or mistimed, especially with potential external disruptions. For instance, a conflict in Taiwan could severely impact global semiconductor production, affecting compute costs and related advancements. Nonetheless, these slides are intended to guide intuition on future technological trends.

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Peter Udo Diehl

Welcome to UiPath Test Automation using UiPath Test Suite series part 2. In this session, we will cover API test automation along with a web automation demo. Topics covered: Test Automation introduction API Example of API automation Web automation demonstration Speaker Pathrudu Chintakayala, Associate Technical Architect @Yash and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 2

DianaGray10

IoT Analytics Company Presentation May 2024

IoTAnalytics

Quantum Computing: Current Landscape and the Future Role of APIs

Vlad Stirbu

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

Recently uploaded (20)

Search and Society: Reimagining Information Access for Radical Futures

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

Speed Wins: From Kafka to APIs in Minutes

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

FIDO Alliance Osaka Seminar: Overview.pdf

UiPath Test Automation using UiPath Test Suite series, part 3

Connector Corner: Automate dynamic content and events by pushing a button

The Future of Platform Engineering

Demystifying gRPC in .Net by John Staveley

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Key Trends Shaping the Future of Infrastructure.pdf

Designing Great Products: The Power of Design and Leadership by Chief Designe...

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

UiPath Test Automation using UiPath Test Suite series, part 2

IoT Analytics Company Presentation May 2024

Quantum Computing: Current Landscape and the Future Role of APIs

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Terraform and Weave GitOps: Build a Fully Automated Application Stack

1. 1 GitOps Everything Steve Waterworth Technical Marketing Manager

2. 2 There’s more to real applications than just Kubernetes

3. 3 Constant Reconciliation

4. 4 Constant Reconciliation

5. 5 AWS Lambda

6. 6 ● Flux bootstrapped on K8s ● Install Weaveworks Terraform Controller via Helm ● Normal file layout ○ main.tf - variables.tf - outputs.tf ○ Function source in subdirectory ● Manual testing before committing to Git ● Terraform manifest Technique

7. 7 apiVersion: infra.contrib.fluxcd.io/v1alpha1 kind: Terraform Metadata: name: aws-lambda namespace: flux-system Spec: approvePlan: "auto" destroyResourcesOnDeletion: true interval: 1m sourceRef: kind: GitRepository name: tf-lambda namespace: flux-system varsFrom: - name: tf-aws-keys kind: Secret writeOutputsToSecret: name: aws-lambda-output Terraform Manifest

8. 8 kubectl create secret generic tf-aws-keys -n flux-system --from-literal=access_key=$AWS_ACCESS_KEY_ID --from-literal=secret_key=$AWS_SECRET_ACCESS_KEY main.tf provider "aws" { region = var.aws_region access_key = var.access_key secret_key = var.secret_key } AWS Credentials

9. 9 Demo

10. 10 Questions?

11. 11 Weave GitOps www.weave.works Sign up for a Weave GitOps workshop www.weave.works/events Terraform Controller weaveworks.github.io/tf-controller/ Thank You

Terraform and Weave GitOps: Build a Fully Automated Application Stack

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Terraform and Weave GitOps: Build a Fully Automated Application Stack

Similar to Terraform and Weave GitOps: Build a Fully Automated Application Stack (20)

More from Weaveworks

More from Weaveworks (20)

Recently uploaded

Recently uploaded (20)

Terraform and Weave GitOps: Build a Fully Automated Application Stack