diff --git a/content/day0/07_past-present-future.md b/content/day0/07_past-present-future.md index 015a586..fa2a0d3 100644 --- a/content/day0/07_past-present-future.md +++ b/content/day0/07_past-present-future.md @@ -4,6 +4,7 @@ weight: 7 tags: - platform - cloudnativecon + - victor --- diff --git a/content/day0/09_promotions.md b/content/day0/09_promotions.md new file mode 100644 index 0000000..de30252 --- /dev/null +++ b/content/day0/09_promotions.md @@ -0,0 +1,128 @@ +--- +title: A million ways to promote changes between environments +weight: 9 +tags: + - argo + - cloudnativecon + - victor +--- + + + +## Baseline + +- Promotion: Move things from one env to another +- Options: Sequentially or both +- Challenge: Env differences +- Challenge: How do we link our promotion tasks? + +### GitOps + +- Declarative: YAML, JSON, XML (Not helm or kcl or anything else) +- Versioned and immutable: Git +- Pulled automatiocally: No wirte access from cluster +- Continously reconciled: Maintain parity between desired and actual state + +### Rules + +- Part of SLDC +- Declarative +- Versioned and immutable +- Pulled automatiocally +- Continously reconciled + +## Workflows + +### Manual + +1. Deploy +2. Run tests +3. Push to next stage +4. Test again or roll back + +### Manual with gitops + +1. Update manifest +2. Push to git +3. Test +4. Next stage + +Problem: Eventual consistency makes the process async instead of sync (important for tests) + +### Generic workflows + +1. Dev: Bump, push +2. QS: Wait for success of 1 (how?), do the same +3. Prod: Wait for success of 2 (how?) + +TODO: Steal code screenshots from slides + +## Tools + +### Extend your standard CI + + +Not async, risk of flapping, either blindly trust the state or break the pull-principle by running argo sync or kubectl apply + +### AppSets Progressive Sync + +- Built in to Application Sets (alpha) +- Targeting by label, promotes everything +- Not supported with autosync, bechause it basically manually triggers sync one after another +- Changes from git have to be manually triggered + +### Image updater + +- Subscribe to semver based image updates and write them to kubernetes and/or git +- You have to implement promotions via image naming schemes + +TODO: Steal flowchart + +### Kargo + +- Freight: Artifact or manifest versions to promote +- Stage: ArgoCD Apps + +TODO: Steal flowchart + +### Telefonistka + +- IaC Agnostic tooling +- Idea: Watch folder contents and copy contents to new folder +- Pretty mutch a bundeled CI-Script + +TODO: Draw your own chart + +### Codefresh GitOps + +> This is one of the speaker's tools + +- Product: Applications with relationships +- Env: Any cluster and/or namespace +- Promotion: CRD for policy (when does it happen, what get's validated) +- Promotions can happen manually or automated via commit/pr +- BAsed on argo workflows + +### GitOps Promoter (Intuit) + +- Define Manifests once and hydrate them later +- Sourcehydrator: Argocd feature that handels the rendering and commits it to a new dedicated branch (one branch per stage) +- The Branches are the branches used by argo, e.g. `environments/dev` get's watched by the dev cluster +- Changes result in environment proposal branches, PR get's oppened, PR checks run, when PR requirements are met (Tests), it will merge them into the real env branches + +TODO: Steal Pattern + +## Overview of the philosopies + +Artifact Oriented: Imageupdater, Kargo +Define Manifests once: AppSets Progessive Sync, GitOps Promoter +Deff and workflow: CI, Codefresh + +TODO: Steal from slides + +## Best practives + +- Can you recover from git at any point? No -> Do better +- Does git reflect what's deployed without looking? +- Does this enable SDLC? +- Interfaces in folders, not branches? -> Branches may get crowded \ No newline at end of file