Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×

A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD

A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD

Herunterladen, um offline zu lesen

Presented at Kubernetes and Cloud Native meetup in Toronto on December 4, 2019

See https://www.youtube.com/watch?v=YmIAatr3Who for a video recording of a similar talk.

Are you looking to get more flexibility out of your CICD platform? Interested how GitOps fits into the mix? Learn how Argo CD, Workflows, and Events can be combined to craft custom CICD flows. All while staying Kubernetes native, enabling you to leverage existing observability tooling.

Presented at Kubernetes and Cloud Native meetup in Toronto on December 4, 2019

See https://www.youtube.com/watch?v=YmIAatr3Who for a video recording of a similar talk.

Are you looking to get more flexibility out of your CICD platform? Interested how GitOps fits into the mix? Learn how Argo CD, Workflows, and Events can be combined to craft custom CICD flows. All while staying Kubernetes native, enabling you to leverage existing observability tooling.

Weitere Verwandte Inhalte

Ähnliche Bücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen

Ähnliche Hörbücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen

A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD

  1. 1. A GitOps Kubernetes Native CI/CD Solution With Argo Events, Workflows, and CD Julian Mazzitelli, CTO BioBox Analytics Inc.
  2. 2. $ whoami ● BioBox Analytics Inc. ● Early stage startup, incorporated April 2019 ● 3 full time ○ 2x developers ○ 1x developer + operations “full stack” ● 2 part time ○ Quality Assurance / Product Officer ● Cloud native stack - API talks to K8s ● WE NEED TO MOVE FAST! ○ Want a robust and flexible CI/CD process ○ Want Kubernetes native
  3. 3. https://www.synopsys.com/blogs/software-security/agile-cicd-devops-difference/ Agility + CI/CD + DevOps = success
  4. 4. CI/CD Stakeholders Developers Operations + Security QA + Product Officer + Users
  5. 5. CI/CD Stakeholder Concerns Devs Ops QA/PO ● Don’t write CI pipelines ● Don’t like application manifests ● Don’t like yaml! ● Want visibility into CI/CD process ● Don’t like difficult to understand CI configuration ● Don’t like difficult to reuse CI pipelines ● Don’t like inflexible CI/CD ● Don’t like yaml! ● Want K8s native CI pipelines ● Want robust application lifecycle management ● Don’t like not knowing what version of which app they just tested out ● Don’t like not having a list of all deployed applications ● Don’t like incorrectly informing users which features are available on prod YAML SUCKS WE ARE “YAML DEVELOPERS” AND YAML STILL SUCKS IS FEATURE ON DEV?
  6. 6. Issues BioBox had with existing tools ● Drone ○ Can achieve modular pipelines via jsonnet plugin...but jsonnet is unfamiliar to developers ○ There was alpha support for Kubernetes runtime, however not configurable from CI config...Drone internally was creating Jobs/Pods, was later deprecated - drone/drone-runtime/issues/69 ● GitLab ○ K8s GitLab runner a huge blackbox, don’t want to maintain a fork, also different scope ○ Reusability via YAML DSL (“.partial: &partial”, “<<: *partial” !?) is annoying for Ops, difficult for Devs ● Tektoncd/pipeline ○ Was seen as alternative to Argo Workflows, which we already had operational experience with ○ Is cool how it treats “Image” as a workflow output type!
  7. 7. Objectives - Things We Knew We Wanted ● Developers should feel comfortable reading and writing CI configuration ● CI pipelines should be kept DRY and modularized ● Flexible CI/CD configuration ● Audit log from Git event to deployed resources ● CI/CD observability tooling consistent with primary application ● Manual, schedule, or event-based triggering of CI pipelines ● Support many 3rd party dependencies (many Dockerfiles) ● Preview application for all PRs, easily accessible to QA/PO
  8. 8. Architecture overview: CI workflows ● Like Job on steroids ● Parameters, Artifacts (Git, S3, +) ● Linear sequence of steps ● DAG of steps ● Retry-able - In other systems, would be the .travis.yml .drone.yml Jenkinsfile etc
  9. 9. Wait, What is a CRD/Controller Again? - Custom Resource Definition is a YAML/Golang structs/OpenAPI Schema - On its own does nothing, Kubernetes will simply store them - v1.16 brings structural schema validation - Brought to life with a Controller/Operator - “Just another Deployment” - A service which watches for new/updates to CRD resources, then runs it’s `func (r *FooReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { … }`
  10. 10. Architecture overview: Git webhooks ● Push ● Tag ● New branch ● MR open/close/update ● MR comments
  11. 11. Architecture overview: Webhook to Workflow “Argo Events is an event-based dependency manager for Kubernetes which helps you define multiple dependencies from a variety of event sources like webhook, s3, schedules, streams etc. and trigger Kubernetes objects after successful event dependencies resolution.” I will explain what is inside “Argo Events” box later! - For now, know that there is something which creates a Workflow resource in response to webhooks
  12. 12. Architecture overview: GitOps “Application” ● GitOps “Application” CRD ● Defines git source and tracking ● Defines destination cluster ● Optionally defines tool settings - helm values, jsonnet top-level params, etc ● Can use a custom tool! We use an in-house Node CLI which renders JS into YAML
  13. 13. Wait, What is GitOps Again? https://www.weave.works/blog/automate-kubernetes-with-gitops https://www.weave.works/technologies/gitops/
  14. 14. Architecture overview: What is a CI/CD software?
  15. 15. Technical Architecture: Gateway and Sensors
  16. 16. Sensor Spec
  17. 17. Sensor Designs
  18. 18. https://www.slideshare.net/DaisukeTaniwaki/20190725-argo-project-latest-news Argo Projects History https://youtu.be/ZK510prml8o
  19. 19. ● intuit - Introducing Argo Flux ● weaveworks - Introducing Argo Flux ● AWS - Help us write a new chapter for Gitops, Kubernetes, and Open Source collaboration 2019 - Argo Flux Collaboration!
  20. 20. BioBox Monorepo CI/CD ● Each merge request is annotated with labels specifying which services to deploy in a monorepo ● Developer can test one or more altered services in the context of the entire stack (the rest deployed from whichever was latest release)
  21. 21. Results ● CI logic can be written in any language that developers are comfortable with, breaking down divisional roles between Dev and Ops ● Kubernetes CI Workflows can be labeled/annotated with repo/branch/tag etc (templateParameters) ● GitOps for CD via ArgoCD enables visibility for QA/PO as well as robustness for Ops ● Flexibility - receive a webhook (or event!), code process payload, pick Sensor design that fits task ● Reuse of observability stack for metrics and logging on CI workflows ● CI workflows autoscaling via K8s resource requests, scheduling via tolerations and node taints ● Consistent tooling - developers can get familiar with K8s through CI/CD, same K8s for primary app ● Arbitrary notifications (slack, PR comments, email) written as Argo Workflow steps ● CI workflows can be manually triggered via kubectl/argo CLI, or by Argo Events (e.g. GCR PubSub)
  22. 22. Observability - Prometheus for CI Workflows!
  23. 23. Observability - EFK for CI Workflows!
  24. 24. Future Objectives ● Improve multi-event multi-sensor Workflow visibility ● Argo Workflows still in YAML… working on K8s TypeScript client implementation ● Argo Workflows 2.4 release will bring “Template CRD” - reuse workflow steps across Workflows! ● Argo Events has support for NATS instead of HTTP streaming for Gateway ○ Kafka is a supported event source, but have to use NATS for Gateway-Sensor streaming? ○ Event replayability, long term storage, audit logging ○ Can theoretically manually wire up Kafka -> Consumer sends to Webhook Gateway ● Special pipelines for PRs which are WIP - bring up web IDE, run apps in debug mode ● Concrete repo CI/CD organization for monorepo - enable reuse + separation
  25. 25. ● Intuit + Blackrock ● Weaveworks ● Argo slack ● K8s & Cloud Native Meetup organizers! Thank you! PS - We are looking for talent! julian@biobox.io

×