This document provides an overview of GitOps, service meshes, Linkerd, Flux, Weave GitOps and progressive delivery. It introduces the speakers and outlines the agenda which includes explanations of GitOps, service meshes, Linkerd and Weave GitOps. It then demonstrates how Weave GitOps and Linkerd can be used together for progressive delivery and provides a Q&A section at the end.
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Intro to GitOps with Weave GitOps, Flagger and Linkerd
1. Intro to GitOps with
Weave GitOps, Flagger
and Linkerd
In partnership with:
2. 2
Webinar Platform - FAQs
Using Zoom
• You are in listen only mode
• This webinar is being recorded
• Q&A session will follow the presentation, please use the Q&A panel to
submit questions
• Hit escape to exit full screen
• Slides and recording will be shared after the webinar
Technical Issues - please visit Zoom Help
https://support.zoom.us/hc/en-us/articles/206175806-Top-Questions
3. 3
Flynn
Technology Evangelist
Buoyant
Flynn is a technology evangelist at Buoyant, spreading
the good word and educating developers about the
Linkerd service mesh, Kubernetes, and cloud-native
development in general. He has spent nearly four
decades in software engineering from the kernel up
through distributed applications, with a common thread
of communications and security throughout, and is the
original author and a maintainer of the Emissary-ingress
API gateway. He is most easily found as @flynn on the
CNCF or Linkerd Slacks.
Stefan Prodan
Principal Engineer
Weaveworks
Stefan is a Principal Engineer at Weaveworks and an
open source contributor to cloud-native projects like
Flux, Flagger, Service Mesh Interface, and others. He
worked as a software architect and a DevOps
consultant, helping companies embrace DevOps and
the SRE movement. Stefan has over 15 years of
experience with software development and he enjoys
programming in Go and writing about distributed
systems.
Speaker introductions
4. 4
● What is GitOps?
● What is a service mesh?
● Intro to Linkerd, Flux & Weave GitOps
● What is Progressive Delivery?
● How Weave GitOps and Linkerd work together to allow progressive delivery
● Demo
● Q&A
Agenda
6. GITOPS
➔ GitOps is a way to do Continuous
Delivery, it works by using Git as a
source of truth for declarative
infrastructure and workloads.
➔ For Kubernetes this means using
git push instead of
kubectl apply/delete or
helm install/upgrade/uninstall.
What is GitOps?
7. CNCF - GitOps Principles
A system
managed by
GitOps must
have its desired
state expressed
declaratively
Desired state is
stored in a way
that enforces
immutability,
versioning and
retains a
complete
version history
Software agents
automatically
pull the desired
state
declarations
from the source
Software agents
continuously
observe actual
system state
and attempt to
apply the
desired state
https://opengitops.dev
8. 8
Git as the single source of truth
for Desired State
ALL intended operations are
committed by pull request
ALL diffs between intended and
observed state with automatic
and continuous reconciliation
ALL changes are observable,
verifiable and auditable
Test
IDE
Build
Kubernetes
GitOps
Continuous
Integration
GIT
“Immutability
Firewall”
Deployment
(clusters, apps)
Alerting
(events)
Management
(operations)
GitOps - The Operating Model for Cloud Native
Unifies Deployment,
Monitoring and Management
10. 10
What is a service mesh?
➔ Infrastructure layer providing security,
reliability, and observability features at a
platform level
◆ Uniform across the entire application
◆ No application changes required
◆ Owned and controlled by the platform
team
11. 11
What is a service mesh?
➔ Infrastructure layer providing security,
reliability, and observability features at a
platform level
◆ Uniform across the entire application
◆ No application changes required
◆ Owned and controlled by the platform
team
12. 12
What is a service mesh?
➔ Infrastructure layer providing security,
reliability, and observability features at a
platform level
◆ Uniform across the entire application
◆ No application changes required
◆ Owned and controlled by the platform
team
➔ Most meshes do this with userspace
proxies next to application Pods (the data
plane)
13. 13
What is a service mesh?
➔ Infrastructure layer providing security,
reliability, and observability features at a
platform level
◆ Uniform across the entire application
◆ No application changes required
◆ Owned and controlled by the platform
team
➔ Most meshes do this with userspace
proxies next to application Pods (the data
plane)
➔ Other processes (the control plane)
manage the proxies
CP
17. Ultralight, ultrafast, security-first service
mesh for Kubernetes.
➔ 6+ years in production
➔ 8,000+ Slack channel members
➔ 10,000+ GitHub stars
➔ 200+ contributors
➔ Weekly edge releases
➔ Open governance, neutral home
➔ CNCF graduated project
and many more...
Creators of
18. Ultralight, ultrafast, security-first service
mesh for Kubernetes.
➔ 6+ years in production
➔ 8,000+ Slack channel members
➔ 10,000+ GitHub stars
➔ 200+ contributors
➔ Weekly edge releases
➔ Open governance, neutral home
➔ CNCF graduated project
and many more...
Creators of
Linkerd is a service mesh.
Its purpose in life is to give every
developer the tools they need to create
secure, reliable, observable
cloud-native applications.
19. 19
What does Linkerd do?
➔ Security: Transparent mTLS, cert
management and rotation, policy
➔ Reliability: Retries, timeouts, load
balancing, circuit breaking*
➔ Observability: Service-level golden
metrics: success rates, latencies,
throughput. Service topologies.
…in an ultralight package focused on
simplicity and security first.
21. Weaveworks is backed by solid investors
Weaveworks is a key partner with all the
major infrastructure and Kubernetes vendors
Weaveworks: the GitOps company
Weaveworks is deeply committed
to the Open Source Community
22. 22
Flux | CNCF Project overview
The Flux project aims to provide a secure multi-tenant Continuous Delivery platform
on top of Kubernetes, supporting all the common practices and tooling in the field.
Flux v2 is powered by the GitOps Toolkit, a set of composable APIs and specialized tools for keeping
Kubernetes clusters in sync with sources of configuration, and automating updates to configuration
when there is new code to deploy.
Flagger is a Progressive Delivery tool that automates the release process for applications running on
Kubernetes. Flagger comes with a declarative model for decoupling the deployment of apps on
Kubernetes from the release process.
https://github.com/fluxcd/flux2
https://github.com/fluxcd/flagger
23. 23
Weave GitOps
Weave GitOps is a continuous delivery product built on top of Flux, Flagger and
Kubernetes Cluster API.
The OSS edition offers a web dashboard providing insight into the deployment status of your
applications, source synchronization status and the health of the Flux system components.
The Enterprise edition offers cluster fleet management, self-service templates and profiles, policy as
code, fully automated continuous delivery pipelines that roll out a change in development to staging
and production, progressive delivery, and more.
https://github.com/weaveworks/weave-gitops
https://weave.works/product/gitops-enterprise
31. Confidential do not distribute 31
● Teams can deliver software faster with automated
gates and checks. If they fail, automatically roll back.
● Easy to configure with one simple file.
● Application teams can choose their deployment
strategy such as Canary or Blue/Green.
● Teams can be notified on success or if things go
wrong and a roll back occurred via Slack, MS Teams,
…
● Platform operators can create templates requiring
progressive delivery deployments into application
teams workflows.
Weave GitOps Enterprise - Progressive Delivery
32. Fully managed on any
Kubernetes cluster
Buoyant Cloud automated upgrades, data plane
version tracking, mesh health alerts, and much,
much more.
BOOK A DEMO
buoyant.io/demo
35. Join us for part two of this series!
Hands-on workshop
February 16
Real-World GitOps with Flagger and Linkerd
The creators of
SIGN UP TODAY!
buoyant.io/sma