Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
What to Upload to SlideShare
Loading in …3
×
1 of 16

GitOps Toolkit (Cloud Native Nordics Tech Talk)

3

Share

Download to read offline

Stefan is currently working on a new exciting project, GitOps Toolkit (https://github.com/fluxcd/toolkit), which is an experimental toolkit for assembling CD pipelines the GitOps way

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

GitOps Toolkit (Cloud Native Nordics Tech Talk)

  1. 1. GitOps Toolkit NextGen operational model for Kubernetes Stefan Prodan @stefanprodan Cloud Native Nordics - June 2020
  2. 2. What is the GitOps Toolkit? The GitOps Toolkit is a set of composable APIs and specialized tools that can be used to build a Continuous Delivery platform on top of Kubernetes. These tools are built with Kubernetes controller-runtime libraries and they can be dynamically configured with Kubernetes custom resources either by cluster admins or by other automated tools. The GitOps Toolkit components interact with each other via Kubernetes events and are responsible for the reconciliation of their designated API objects.
  3. 3. What is the scope of GitOps Toolkit? ● Source management ● Kustomize and Helm support ● Event-based and on-a-schedule reconciliation ● Role-based reconciliation (multi-tenancy) ● Health assessment (infra and workloads) ● Dependency management (infra and workloads) ● Alerting to external systems (webhook senders) ● External events handling (webhook receivers) ● Source write-back (automated patching) ● Policy driven validation (OPA, admission controllers) ● Seamless integration with Git providers (GitHub, GitLab, BitBucket) ● Interoperability with CAPI providers (for cluster and fleet management)
  4. 4. Source Controller The main role of the source management component is to provide a common interface for artifacts acquisition. The source API defines a set of Kubernetes objects that cluster admins and various automated operators can interact with to offload the Git and Helm repositories operations to a dedicated controller. Operations: ● Authentication and authenticity validation ● Event-based and on-a-schedule policy driven artifacts acquisition ● Produce immutable artifacts from sources ● Notify interested 3rd parties of source changes and availability API Spec: https://github.com/fluxcd/source-controller/tree/master/docs/spec/v1alpha1
  5. 5. Source Controller
  6. 6. Specialized Reconcilers The GitOps Toolkit allows specialized reconcilers to collaborate when declaring the desired state of a group of clusters: ● Kustomize Controller ● Helm Controller (TBA) ● Fleet Controller (TBA) All these controllers will be using the Source API package to acquire artifacts and subscribe to “source changes” events.
  7. 7. Cluster Management
  8. 8. Kustomize Controller Features ● Reconciles the cluster state from multiple sources ● Generates manifests with Kustomize from plain yamls or overlays ● Validates manifests against Kubernetes API ● Impersonates service accounts (multi-tenancy RBAC) ● Health assessment of the deployed workloads ● Runs pipelines in a specific order (depends-on relationship) ● Prunes objects removed from source (garbage collection) ● Reports cluster state changes (Slack/Discord) API Spec: https://github.com/fluxcd/kustomize-controller/tree/master/docs/spec/v1alpha1
  9. 9. GitOps Pipeline
  10. 10. Fleet Management (TBA)
  11. 11. GitOps Toolkit - CLI The TK command-line utility allows cluster admins to configure the toolkit and assemble CD pipelines without having to write tomes of YAML: ● seamlessly integrates with Git providers like GitHub and GitLab ● deploy keys provisioning for Git sources (SSH and token based auth) ● install/upgrade/check/uninstall operations for the toolkit components ● create/update/get/export/delete operations for sources and kustomizations ● sync/suspend/resume operations for kustomizations
  12. 12. GitOps Toolkit CLI - Bootstrap One-click provisioning for: ● Git repositories ● Deploy keys ● Teams access ● Toolkit components (install/upgrade) Git providers: ● GitHub ● GitLab ● BitBucket (TBA) ● SSH-agent (TBA)
  13. 13. GitOps Toolkit CLI - Incident Management When dealing with an incident, cluster admins can suspend the reconciliation of some workloads and debug/fix the issues, without having to stop the reconciler and affect the whole cluster.
  14. 14. What about Flux and Helm Operator? We envision a future where Flux v2 and Helm Operator v2 are assembled from the GitOps Toolkit components. Roadmap (WIP) https://toolkit.fluxcd.io/roadmap/ The Flux CD team is looking for feedback and help as the toolkit is in an active experimentation phase. If you wish to take part in this quest please reach out to us on Slack and GitHub.
  15. 15. What about Flagger and Progressive Delivery? Flagger, like many others Kubernetes operators, works out-of-the-box with the GitOps Toolkit.
  16. 16. Links 16 Toolkit documentation https://toolkit.fluxcd.io Toolkit assembler https://github.com/fluxcd/toolkit Source controller https://github.com/fluxcd/source-controller Kustomize controller https://github.com/fluxcd/kustomize-controller

×