- Config driven deployments
- Containers are first class
- Multi cloud by design
- No Magic
- Really fun to operate
- Really fun to deploy to
- A single app nees Pod, deployment, replicaset, service, ingress, networkpolicy, and a lot more
- Updates, rollbacks, and roll outs require some forethought
- Unique deployments for different environemnts are impossible with native objects (if we ignore kustomize... that's for a different talk)
What is helm?
Helm is a templeting engine and deployment manager for kubernetes.
But it's become so much more...
Helm is an:
- ecosystem of software you can run on kubernetes with standard reasonable config
- a dependncy managment system
- a rollback rollforward manager
- a configuration a code manager
- Helm is easy!
- Written in GoLang
- The templates look intimidating at first but there's not much to it
- Helps organize all your k8s configuration
- Easily parameterize dynamic k8s config between environments
- Install, upgrade, rollback for a package of k8s config files
- Version tracking
helm create <name>
Let's take a look at what gets created.
- Helm uses the Go templating language with Sprig functions included
- --dry-run will help you verify templated yaml
- My source of friendly reminder YAML docs
- Looks intimidating at first, but it's really not all that and a bag of chips
Pro Tips:
- SHA sum config/secrets to force pod restarts in deployment.yaml
** Github actions on every project **
Application version: <env>_<git_sha>
Audit Artifacts:
- Application Artifact: Docker image containing your built application. Published to an ECR repository under
<aws_account_number>.dkr.ecr.<aws_region>.amazonaws.com/<ecr_repo_name>:<application_version> - Automated Test Artifact: Publish test result <nexus/S3/etc>
- Manual Test Artifact: Acceptance of pviotal stories indicate that a representative of the business has manually interacted with the feature and verified it works as expected.
- Automated vulnerability scanning before promotion:
- passing builds are candidates for promotion to staging/production.
GitOps is two things:
An operating model for Kubernetes and cloud native. It provides a set of best practices to join up deployment, management and monitoring for containerized clusters and applications. An elegant “1 slide” definition from Luis Faceira is shown below.
A path towards a developer centric experience for managing applications. We’re applying the Git workflow to operations, as well as development. Note that this is not just about Git push, it’s about how we set up the entire CICD toolchain and UI/UX.
