SlideShare a Scribd company logo

Config management for_kubernetes: GitOps + Helm (CfgMgmtCamp 2020)

T
Tomasz Tarczyński

The document discusses configuration management for Kubernetes using GitOps and Helm, highlighting the advantages of a declarative approach and tools like Flux CD to synchronize cluster state with Git repositories. It explains the benefits of GitOps, including tracking history, easy rollbacks, and disaster recovery, while emphasizing Helm's role in managing application complexity through packages and modules. The document also addresses frequently asked questions regarding secrets management and multi-environment setups.

Technology
1 of 42
Downloaded 15 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
Config management for Kubernetes: GitOps + Helm Tomasz Tarczyński, Gigaset
Agenda @ttarczynski 1. Configuration Management 2. Why GitOps 3. Demo: Flux 4. Demo: Helm 5. Demo: Flux Helm Operator
Configuration Management @ttarczynski ● Infrastructure as a Code ● GIT – as a single source of truth ● Tools: Ansible / Chef / Puppet / Salt
Puppet @ttarczynski ● Declarative: describe the desired state ● Modules: public and private ● Templates: ERB ● DSL: a simple and constrained language ● Code / data separation: Hiera
Kubernetes @ttarczynski ● Control plane provides a Declarative API ● Declare the desired state ● Control plane makes sure that the actual state converges to the desired state
Kubernetes: Why GitOps @ttarczynski ● Can we declare all the state in GIT? And expect the system to converge.
Kubernetes: Why GitOps @ttarczynski ● Can we declare all the state in GIT? And expect the system to converge. ○ Track history
Kubernetes: Why GitOps @ttarczynski ● Can we declare all the state in GIT? And expect the system to converge. ○ Track history ○ Easy rollback
Kubernetes: Why GitOps @ttarczynski ● Can we declare all the state in GIT? And expect the system to converge. ○ Track history ○ Easy rollback ○ Disaster Recovery
Kubernetes: Why GitOps @ttarczynski ● Configuration Management: Declarative vs Imperative
GitOps: How @ttarczynski Kubernetes API push container images kubectl apply pull
GitOps: How @ttarczynski ● Flux CD: a GitOps operator ○ Runs in the cluster ○ Synchronizes the cluster state with a GIT repo ○ CNCF sandbox project
GitOps: How @ttarczynski Kubernetes API push container images kubectl apply pull
GitOps: How @ttarczynski Kubernetes API Flux CD push container images commit kubectl apply sync pull images metadata apply / delete
GitOps @ttarczynski Demo https://github.com/ttarczynski/gitops-demo
GitOps: Why Helm @ttarczynski ● We declared all the state in GIT ● But can we have something like modules?
GitOps: Why Helm @ttarczynski ● Helm: The package manager for Kubernetes ○ find, share, and use software built for Kubernetes
GitOps: Why Helm @ttarczynski ● Manage complexity: describe complex apps
GitOps: Why Helm @ttarczynski ● Manage complexity: describe complex apps ● Easy updates: in-place upgrades and custom hooks
GitOps: Why Helm @ttarczynski ● Manage complexity: describe complex apps ● Easy updates: in-place upgrades and custom hooks ● Simple sharing: public / private repo
GitOps: Why Helm @ttarczynski ● Manage complexity: describe complex apps ● Easy updates: in-place upgrades and custom hooks ● Simple sharing: public / private repo ● Rollbacks: roll back to an older version with ease
Helm @ttarczynski Demo https://github.com/ttarczynski/gitops-demo
GitOps + Helm @ttarczynski ● Flux Helm Operator: ○ automates Helm Chart releases ○ Kubernetes custom resource named HelmRelease ○ charts are released as specified in HelmRelease
GitOps + Helm @ttarczynski apiVersion: helm.fluxcd.io/v1 kind: HelmRelease spec: releaseName: demo chart: git: git@github.com:ttarczynski/gitops-demo.git path: charts/demo values: …
Credit: https://fluxcd.io GitOps + Helm
GitOps + Helm @ttarczynski Demo https://github.com/ttarczynski/gitops-demo
GitOps @ttarczynski ● The entire system is described declaratively ● The canonical desired system state is versioned (with Git) ● Approved changes to the desired state are automatically applied to the system ● Software agents ensure correctness
GitOps @ttarczynski ● Declarative: ● Modules: ● Templates: ● DSL / general-purpose language: ● Code / data separation:
GitOps @ttarczynski ● Declarative: k8s + Flux CD ● Modules: ● Templates: ● DSL / general-purpose language: ● Code / data separation:
GitOps @ttarczynski ● Declarative: k8s + Flux CD ● Modules: Helm charts ● Templates: ● DSL / general-purpose language: ● Code / data separation:
GitOps @ttarczynski ● Declarative: k8s + Flux CD ● Modules: Helm charts ● Templates: Helm / Go template ● DSL / general-purpose language: ● Code / data separation:
GitOps @ttarczynski ● Declarative: k8s + Flux CD ● Modules: Helm charts ● Templates: Helm / Go template ● DSL / general-purpose language: ● Code / data separation:
GitOps @ttarczynski ● Declarative: k8s + Flux CD ● Modules: Helm charts ● Templates: Helm / Go template ● DSL / general-purpose language: ● Code / data separation: kustomize ?
Agenda @ttarczynski 1. Configuration Management 2. Why GitOps 3. Demo: Flux 4. Demo: Helm 5. Demo: Flux Helm Operator
GitOps: Flux docs @ttarczynski ● fluxcd.io ● docs.fluxcd.io ● github.com/fluxcd/helm-operator-get-started ● github.com/ttarczynski/gitops-demo
Thanks! Tomasz Tarczynski @ttarczynski
Frequently Asked Questions @ttarczynski ● How to manage secrets?
Frequently Asked Questions @ttarczynski ● How to manage secrets? ○ github.com/bitnami-labs/sealed-secrets ○ github.com/mozilla/sops ○ git-secret.io ○ HashiCorp Vault
Frequently Asked Questions @ttarczynski ● How to manage multiple environments?
Frequently Asked Questions @ttarczynski ● How to manage multiple environments? ○ Branch-per-environment ○ Directory-per-environment ○ Kustomize overlays ○ github.com/fluxcd/flux/issues/1071
Frequently Asked Questions @ttarczynski ● What version of Helm is supported?
Frequently Asked Questions @ttarczynski ● What version of Helm is supported? ○ Both: Helm v2 – GA Helm v3 – beta (in Helm Operator)

More Related Content

PDF
Introduction to Kubernetes and GKE
Opsta
 
PDF
Config management for kubernetes: GitOps + Helm
Tomasz Tarczyński
 
PDF
Configuration Management for the Cloud Native world with GitOps and Helm - To...
PROIDEA
 
PDF
Kubernetes configuration and security policies with KubeLinter | DevNation Te...
Red Hat Developers
 
PPTX
Building CI/CD Pipelines with Jenkins and Kubernetes
Janakiram MSV
 
PDF
CI/CD with Openshift and Jenkins
Ari LiVigni
 
PDF
Kubernetes-native or not? When should you ditch your traditional CI/CD server...
Red Hat Developers
 
PDF
What you have to know about Certified Kubernetes Administrator (CKA)
Opsta
 
Introduction to Kubernetes and GKE
Opsta
 
Config management for kubernetes: GitOps + Helm
Tomasz Tarczyński
 
Configuration Management for the Cloud Native world with GitOps and Helm - To...
PROIDEA
 
Kubernetes configuration and security policies with KubeLinter | DevNation Te...
Red Hat Developers
 
Building CI/CD Pipelines with Jenkins and Kubernetes
Janakiram MSV
 
CI/CD with Openshift and Jenkins
Ari LiVigni
 
Kubernetes-native or not? When should you ditch your traditional CI/CD server...
Red Hat Developers
 
What you have to know about Certified Kubernetes Administrator (CKA)
Opsta
 

What's hot (20)

PDF
How to Become DevOps
Opsta
 
PDF
[GID Live] Open-Source Cloud-Native Programming Language
Ballerinalang
 
PPTX
Helm at reddit: from local dev, staging, to production
Gregory Taylor
 
PDF
Kubernetes: The evolution of distributed systems | DevNation Tech Talk
Red Hat Developers
 
PDF
Flink Forward San Francisco 2019: Managing Flink on Kubernetes - FlinkK8sOper...
Flink Forward
 
PDF
Cicd pixelfederation
Juraj Hantak
 
PDF
DevOps: The Future of Software Development
Opsta
 
PDF
Kubernetes Logging
Denys Havrysh
 
PDF
Deploying Anything as a Service (XaaS) Using Operators on Kubernetes
All Things Open
 
PDF
Journey of Kubernetes Scaling
Opsta
 
PPTX
Getting Started with Kafka on k8s
VMware Tanzu
 
PDF
Real World CI/CD with Kubernetes
Opsta
 
PDF
Accelerate your business and reduce cost with OpenStack
Opsta
 
PDF
Paris Container Day 2016 : Retour sur DockerCon 16', faits marquants (Docker)
Publicis Sapient Engineering
 
PDF
16. Cncf meetup-docker
Juraj Hantak
 
PDF
Swarm migration
Janakiram MSV
 
PDF
Beyond OpenStack | OpenStack in Real Life
Opsta
 
PPTX
Why observability matters - now and in the future (w/guest Grafana)
Weaveworks
 
PDF
Continuous Deployment with Kubernetes, Docker and GitLab CI
alexanderkiel
 
PDF
OSDC 2018 - Distributed monitoring
Gianluca Arbezzano
 
How to Become DevOps
Opsta
 
[GID Live] Open-Source Cloud-Native Programming Language
Ballerinalang
 
Helm at reddit: from local dev, staging, to production
Gregory Taylor
 
Kubernetes: The evolution of distributed systems | DevNation Tech Talk
Red Hat Developers
 
Flink Forward San Francisco 2019: Managing Flink on Kubernetes - FlinkK8sOper...
Flink Forward
 
Cicd pixelfederation
Juraj Hantak
 
DevOps: The Future of Software Development
Opsta
 
Kubernetes Logging
Denys Havrysh
 
Deploying Anything as a Service (XaaS) Using Operators on Kubernetes
All Things Open
 
Journey of Kubernetes Scaling
Opsta
 
Getting Started with Kafka on k8s
VMware Tanzu
 
Real World CI/CD with Kubernetes
Opsta
 
Accelerate your business and reduce cost with OpenStack
Opsta
 
Paris Container Day 2016 : Retour sur DockerCon 16', faits marquants (Docker)
Publicis Sapient Engineering
 
16. Cncf meetup-docker
Juraj Hantak
 
Swarm migration
Janakiram MSV
 
Beyond OpenStack | OpenStack in Real Life
Opsta
 
Why observability matters - now and in the future (w/guest Grafana)
Weaveworks
 
Continuous Deployment with Kubernetes, Docker and GitLab CI
alexanderkiel
 
OSDC 2018 - Distributed monitoring
Gianluca Arbezzano
 
Ad

Similar to Config management for_kubernetes: GitOps + Helm (CfgMgmtCamp 2020) (20)

PDF
How to manage Kubernetes at scale with just git
Weaveworks
 
PDF
WTF is GitOps and Why You Should Care?
Weaveworks
 
PDF
WTF is GitOps & Why Should You Care?
All Things Open
 
PDF
The journey to GitOps
Nicola Baldi
 
PDF
Hands-on GitOps Patterns for Helm Users
Weaveworks
 
PDF
GitOps & Flux - A Refresher with Priyanka Ravi
Weaveworks
 
PDF
GitOps with Flux - IPC Munich 2022
Robert Lemke
 
PDF
GitOps 101 Presentation.pdf
ssuser31375f
 
PDF
GitOps Toolkit (Cloud Native Nordics Tech Talk)
Weaveworks
 
PDF
GitOps for Helm Users by Scott Rigby
Weaveworks
 
PDF
GitOps (& Flux) for Helm Users with Scott Rigby
Weaveworks
 
PPTX
Leveraging Helm to manage Deployments on Kubernetes
Manoj Bhagwat
 
PDF
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Marc Müller
 
PDF
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 
PDF
20221130 - Luxembourg HUG Meetup
Stéphane Este-Gracias
 
PDF
.NET Day - Continuous Deployment Showdown: Traditional CI/CD vs. GitOps
Marc Müller
 
PDF
SFScon18 - Gerhard Sulzberger - Jason Tevnan - gitops with gitlab + terraform
South Tyrol Free Software Conference
 
PDF
Reconcile Terraform Resources the GitOps Way with Priyanka Ravi
Weaveworks
 
PDF
Flux Beyond Git Harnessing the Power of OCI
Weaveworks
 
PDF
Flux Beyond Git Harnessing the Power of OCI
CezzaineZaher1
 
How to manage Kubernetes at scale with just git
Weaveworks
 
WTF is GitOps and Why You Should Care?
Weaveworks
 
WTF is GitOps & Why Should You Care?
All Things Open
 
The journey to GitOps
Nicola Baldi
 
Hands-on GitOps Patterns for Helm Users
Weaveworks
 
GitOps & Flux - A Refresher with Priyanka Ravi
Weaveworks
 
GitOps with Flux - IPC Munich 2022
Robert Lemke
 
GitOps 101 Presentation.pdf
ssuser31375f
 
GitOps Toolkit (Cloud Native Nordics Tech Talk)
Weaveworks
 
GitOps for Helm Users by Scott Rigby
Weaveworks
 
GitOps (& Flux) for Helm Users with Scott Rigby
Weaveworks
 
Leveraging Helm to manage Deployments on Kubernetes
Manoj Bhagwat
 
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Marc Müller
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 
20221130 - Luxembourg HUG Meetup
Stéphane Este-Gracias
 
.NET Day - Continuous Deployment Showdown: Traditional CI/CD vs. GitOps
Marc Müller
 
SFScon18 - Gerhard Sulzberger - Jason Tevnan - gitops with gitlab + terraform
South Tyrol Free Software Conference
 
Reconcile Terraform Resources the GitOps Way with Priyanka Ravi
Weaveworks
 
Flux Beyond Git Harnessing the Power of OCI
Weaveworks
 
Flux Beyond Git Harnessing the Power of OCI
CezzaineZaher1
 
Ad

More from Tomasz Tarczyński (9)

PDF
Kubernetes Network Observability with Cilium and Hubble
Tomasz Tarczyński
 
PDF
Day 2 Operations for Kubernetes Networking with Cilium
Tomasz Tarczyński
 
PDF
Learning Terraform While Building a Reference Repository of Code Examples
Tomasz Tarczyński
 
PDF
Kubernetes Config Management Landscape
Tomasz Tarczyński
 
PDF
What is Cloud Native and why should I care
Tomasz Tarczyński
 
PDF
What is Cloud Native, and why should I care?
Tomasz Tarczyński
 
PDF
Evolution of the IoT backend platform. From a monolith to microservices and t...
Tomasz Tarczyński
 
PDF
IoT backend architecture
Tomasz Tarczyński
 
PDF
#Monitoringlove in 2017
Tomasz Tarczyński
 
Kubernetes Network Observability with Cilium and Hubble
Tomasz Tarczyński
 
Day 2 Operations for Kubernetes Networking with Cilium
Tomasz Tarczyński
 
Learning Terraform While Building a Reference Repository of Code Examples
Tomasz Tarczyński
 
Kubernetes Config Management Landscape
Tomasz Tarczyński
 
What is Cloud Native and why should I care
Tomasz Tarczyński
 
What is Cloud Native, and why should I care?
Tomasz Tarczyński
 
Evolution of the IoT backend platform. From a monolith to microservices and t...
Tomasz Tarczyński
 
IoT backend architecture
Tomasz Tarczyński
 
#Monitoringlove in 2017
Tomasz Tarczyński
 

Recently uploaded (20)

PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
KodekX | Application Modernization Development
KodekX
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
Modernizing your data center with Dell and AMD
Principled Technologies
 

Config management for_kubernetes: GitOps + Helm (CfgMgmtCamp 2020)