SlideShare a Scribd company logo

AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator and GitOps

Download as PPTX, PDF
Philip Welz, profile picture
Philip Welz

The document discusses the Azure Service Operator and GitOps in a presentation for the Azure Developer Community Day 2022, exploring how to YAMLize infrastructure using Kubernetes. It covers topics such as Azure AD Workload Identity and the principles of GitOps, including versioning and immutability. A demo showcases a setup using Azure Kubernetes Service, managed identities, and a public GitHub repository for implementing GitOps.

Technology
Related topics:
Cloud Computing Insights
1 of 22
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
YAMLize your infrastructure with the Azure Service Operator and GitOps Azure Developer Community Day 2022
Who we are © white duck GmbH 2022 Philip Welz (Senior Kubernetes & DevOps Engineer, GitLab Hero, CKA, CKAD & CKS) Twitter: @philip_welz LinkedIn: https://www.linkedin.com/in/philip-welz Stefan Kürzeder (Software & DevOps Engineer) Twitter: @stivik_ LinkedIn: https://www.linkedin.com/in/skuerzeder
Agenda • Intro • Azure Service Operator • Azure AD Workload Identity • GitOps on Azure • Demo © white duck GmbH 2022
Housekeeping • we will only talk about ASO v2 • high level • yes, K8s is involved :) • Half talk, half demo © white duck GmbH 2022
INTRO © white duck GmbH 2022
Why YAMLize • K8s native (YAML, Helm charts, Kustomize,…) • deploy app & dependencies together • tied lifecycle • Git as source of truth aka GitOps © white duck GmbH 2022
AZURE SERVICE OPERATOR © white duck GmbH 2022
Azure Service Operator • is an application-specific controller • that uses the operator-pattern • to extend the Kubernetes API • with the goal to provision Azure resources © white duck GmbH 2022
Azure Service Operator • Custom Resources (CRDs) © white duck GmbH 2022
Azure Service Operator © white duck GmbH 2022
AZURE AD WORKLOAD IDENTITY © white duck GmbH 2022
Azure AD Workload Identity • Next iteration of AAD Pod Identity but preview • enables AAD secured access to Cloud resources • uses federated identity credentials • implemented via OpenID Connect (OIDC) protocol • not limited to Azure only © white duck GmbH 2022
Azure AD Workload Identity © white duck GmbH 2022
GITOPS ON AZURE © white duck GmbH 2022
GitOps on Azure • implemented via AKS cluster extensions • basically a Helm Chart • GA, but only in regions that supports Azure ARC-enabled Kubernetes • West Europe - yes, Germany West Central - no • based on Flux v2 • integrated into the Azure Portal • Deep dive: Azure Rosenheim Meetup-2022-03 • https://youtu.be/QZtAIG9agHQ © white duck GmbH 2022
GitOps principles • a system managed by GitOps must have its desired state expressed declaratively • desired state is stored in a way that enforces immutability, versioning and retains a complete version history • software agents automatically pull the desired state declarations from the source • software agents continuously observe actual system state and attempt to apply the desired state • OpenGitOps (https://opengitops.dev) © white duck GmbH 2022
GitOps principles © white duck GmbH 2022
So far so good? Let's start the fun part! © white duck GmbH 2022
DEMO © white duck GmbH 2022
Round up © white duck GmbH 2022
Demo • Pre-existing resources • Azure Kubernetes Service Cluster • Managed Identity for ASO • federated identity credential set to the OICD issuer URL of the AKS • Role Assignment to Subscription Owner • GitOps Cluster extension enabled and pointed to the public GitHub demo repository • Bootstraps Cert-manager, Workload Identity Webhook & Azure Service Operator • Demo repo • https://github.com/philwelz/aso-gitops © white duck GmbH 2022
Questions? © white duck GmbH 2022 Philip Welz (Senior Kubernetes & DevOps Engineer, GitLab Hero, CKA, CKAD & CKS) Twitter: @philip_welz LinkedIn: https://www.linkedin.com/in/philip-welz Slides: https://www.slideshare.net/PhilipWelz Stefan Kürzeder (Software & DevOps Engineer) Twitter: @stivik_ LinkedIn: https://www.linkedin.com/in/skuerzeder

More Related Content

PDF
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
Weaveworks
 
PDF
Azure Rosenheim Meetup: Azure Service Operator
Nico Meisenzahl
 
PPTX
Modern development tools - Kubernetes and DevOps
Houssem Dellai
 
PDF
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Nico Meisenzahl
 
PDF
Secure Your Code Implement DevSecOps in Azure
kloia
 
PPTX
Azure_DevOps_Customer1212121_201903.pptx
Ganesh Shirsat
 
PDF
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Weaveworks
 
PDF
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
Weaveworks
 
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
Weaveworks
 
Azure Rosenheim Meetup: Azure Service Operator
Nico Meisenzahl
 
Modern development tools - Kubernetes and DevOps
Houssem Dellai
 
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Nico Meisenzahl
 
Secure Your Code Implement DevSecOps in Azure
kloia
 
Azure_DevOps_Customer1212121_201903.pptx
Ganesh Shirsat
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Weaveworks
 
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
Weaveworks
 

Similar to AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator and GitOps (20)

PPTX
Microsoft Skills Bootcamp - The power of GitHub and Azure
Davide Benvegnù
 
PDF
Intro to Kubernetes & GitOps Workshop
Weaveworks
 
PPTX
Azure DevOps
Michael Jesse
 
PDF
Azure Devops
Amitesh Raikwar
 
PDF
PDF GitOps Cookbook (Third Early Release) Natale Vinto download
xamysakuchuk
 
PDF
GitOps Cookbook (Third Early Release) Natale Vinto
heeressiepel
 
PDF
Git ops & Continuous Infrastructure with terra*
Haggai Philip Zagury
 
PPTX
Azure_DevOps_Presentation BASIC SLIDES.pptx
SantoshAiwale4
 
PDF
GitOps 101 Presentation.pdf
ssuser31375f
 
PDF
Azure DevOps Day - Kochi
Amal Dev
 
PDF
Azure DevOps Day - Trivandrum
Amal Dev
 
PPTX
Microsoft Tech Series 2019 - Azure DevOps
Tomasz Wisniewski
 
PDF
Azure Academyadi: Introduction to GitHub and AzureDevOps
Lorenzo Barbieri
 
PDF
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 
PPTX
GitOps - Modern best practices for high velocity app dev using cloud native t...
Weaveworks
 
PDF
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Sonja Schweigert
 
PDF
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Weaveworks
 
PPTX
Azure DevSecOps Training | Azure DevOps Certification Course.pptx
TalluriRenuka
 
PDF
Azure DevOps - Azure Guatemala Meetup
Guillermo Zepeda Selman
 
PDF
Free GitOps Workshop
Weaveworks
 
Microsoft Skills Bootcamp - The power of GitHub and Azure
Davide Benvegnù
 
Intro to Kubernetes & GitOps Workshop
Weaveworks
 
Azure DevOps
Michael Jesse
 
Azure Devops
Amitesh Raikwar
 
PDF GitOps Cookbook (Third Early Release) Natale Vinto download
xamysakuchuk
 
GitOps Cookbook (Third Early Release) Natale Vinto
heeressiepel
 
Git ops & Continuous Infrastructure with terra*
Haggai Philip Zagury
 
Azure_DevOps_Presentation BASIC SLIDES.pptx
SantoshAiwale4
 
GitOps 101 Presentation.pdf
ssuser31375f
 
Azure DevOps Day - Kochi
Amal Dev
 
Azure DevOps Day - Trivandrum
Amal Dev
 
Microsoft Tech Series 2019 - Azure DevOps
Tomasz Wisniewski
 
Azure Academyadi: Introduction to GitHub and AzureDevOps
Lorenzo Barbieri
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 
GitOps - Modern best practices for high velocity app dev using cloud native t...
Weaveworks
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Sonja Schweigert
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Weaveworks
 
Azure DevSecOps Training | Azure DevOps Certification Course.pptx
TalluriRenuka
 
Azure DevOps - Azure Guatemala Meetup
Guillermo Zepeda Selman
 
Free GitOps Workshop
Weaveworks
 
Ad

Recently uploaded (20)

PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Approach and Philosophy of On baking technology
30anthuong17
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Cloud computing and distributed systems.
kkkkkhan
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
A Presentation on Artificial Intelligence
memembruh336
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Ad

AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator and GitOps

  • 1. YAMLize your infrastructure with the Azure Service Operator and GitOps Azure Developer Community Day 2022
  • 2. Who we are © white duck GmbH 2022 Philip Welz (Senior Kubernetes & DevOps Engineer, GitLab Hero, CKA, CKAD & CKS) Twitter: @philip_welz LinkedIn: https://www.linkedin.com/in/philip-welz Stefan Kürzeder (Software & DevOps Engineer) Twitter: @stivik_ LinkedIn: https://www.linkedin.com/in/skuerzeder
  • 3. Agenda • Intro • Azure Service Operator • Azure AD Workload Identity • GitOps on Azure • Demo © white duck GmbH 2022
  • 4. Housekeeping • we will only talk about ASO v2 • high level • yes, K8s is involved :) • Half talk, half demo © white duck GmbH 2022
  • 6. Why YAMLize • K8s native (YAML, Helm charts, Kustomize,…) • deploy app & dependencies together • tied lifecycle • Git as source of truth aka GitOps © white duck GmbH 2022
  • 7. AZURE SERVICE OPERATOR © white duck GmbH 2022
  • 8. Azure Service Operator • is an application-specific controller • that uses the operator-pattern • to extend the Kubernetes API • with the goal to provision Azure resources © white duck GmbH 2022
  • 9. Azure Service Operator • Custom Resources (CRDs) © white duck GmbH 2022
  • 10. Azure Service Operator © white duck GmbH 2022
  • 11. AZURE AD WORKLOAD IDENTITY © white duck GmbH 2022
  • 12. Azure AD Workload Identity • Next iteration of AAD Pod Identity but preview • enables AAD secured access to Cloud resources • uses federated identity credentials • implemented via OpenID Connect (OIDC) protocol • not limited to Azure only © white duck GmbH 2022
  • 13. Azure AD Workload Identity © white duck GmbH 2022
  • 14. GITOPS ON AZURE © white duck GmbH 2022
  • 15. GitOps on Azure • implemented via AKS cluster extensions • basically a Helm Chart • GA, but only in regions that supports Azure ARC-enabled Kubernetes • West Europe - yes, Germany West Central - no • based on Flux v2 • integrated into the Azure Portal • Deep dive: Azure Rosenheim Meetup-2022-03 • https://youtu.be/QZtAIG9agHQ © white duck GmbH 2022
  • 16. GitOps principles • a system managed by GitOps must have its desired state expressed declaratively • desired state is stored in a way that enforces immutability, versioning and retains a complete version history • software agents automatically pull the desired state declarations from the source • software agents continuously observe actual system state and attempt to apply the desired state • OpenGitOps (https://opengitops.dev) © white duck GmbH 2022
  • 17. GitOps principles © white duck GmbH 2022
  • 18. So far so good? Let's start the fun part! © white duck GmbH 2022
  • 19. DEMO © white duck GmbH 2022
  • 20. Round up © white duck GmbH 2022
  • 21. Demo • Pre-existing resources • Azure Kubernetes Service Cluster • Managed Identity for ASO • federated identity credential set to the OICD issuer URL of the AKS • Role Assignment to Subscription Owner • GitOps Cluster extension enabled and pointed to the public GitHub demo repository • Bootstraps Cert-manager, Workload Identity Webhook & Azure Service Operator • Demo repo • https://github.com/philwelz/aso-gitops © white duck GmbH 2022
  • 22. Questions? © white duck GmbH 2022 Philip Welz (Senior Kubernetes & DevOps Engineer, GitLab Hero, CKA, CKAD & CKS) Twitter: @philip_welz LinkedIn: https://www.linkedin.com/in/philip-welz Slides: https://www.slideshare.net/PhilipWelz Stefan Kürzeder (Software & DevOps Engineer) Twitter: @stivik_ LinkedIn: https://www.linkedin.com/in/skuerzeder