GitOps Deployments from VS Code with little to no Kubernetes Knowledge
Hey, what's up? My video looks frozen. Nope. There we go. It's good. What's up, everybody? Welcome to the VS code live stream. It's Thursday.
Right. This Thursday, right? Yeah, it is. It is Thursday. It took me a minute. Time doesn't matter anymore. It's not linear. What's up, chat? How's it going? What's up, Cody? How are you? Uh, today we're gonna be talking about GitOps, which is, uh, new for you, new for me. Or maybe it's not new for you. It will be exciting either way and we're gonna talk about Kubernetes, which is definitely new for me.
But as we always do, let's start off our stream this morning with a Throwback TikTok. Go ahead and roll that. Did you know have a spring boot getting started guide with beans and API mapping views and features like live memory graphs? Install the free extension from the marketplace. Next
click on the spring icon to open up the Spring dashboard. Start your application and you get access to introspection for your beans and also their hierarchy. You can also get access to the URLs for your rest services the dashboard also gives you. Access to the memory view where you can see the heap memory, the non heap memory, the GC pauses and the garbage collection. Very nice. By the way, that was Rory and Rory.
Will be with us next week to talk about copilot and accessibility. See. Definitely want to tune in for that. It's going to be awesome. Let me see here. Just checking our. YouTube stream.
Looks like we're still showing as waiting Peggy on on YouTube for some reason. I don't know. Do we have some sort of a delay there? There's people waiting. I feel terrible. Feel like I should wait. Until we figure that out, before I continue.
This is YouTube, not here. YouTube's not here. Waiting on YouTube Peggy. Peggy, do you hear me? We're on YouTube. We are OK. It says we're coming. YouTube are you here? We don't need YouTube.
Says twitch. What's up twitch? You're good to see you. Alright. It just says it doesn't show as like actually streaming for me. Peggy, it just says upcoming, so I
don't know what's going on there. Anyway, thanks for being here everybody. Good to see you. I guess we'll continue knowing that we can't see. OK, good. What's up state look.
You are here. What's up, Justin? What's up, Stacy? Listen, I don't know how technology works, OK? Clearly. Or YouTube for that matter. All right, thanks for being here everybody.
We have ironed everything out. Listen, today we are going to talk about GitOps, Kubernetes. We've got a fantastic guest. Our partner, we've works is here and they're doing some very cool stuff. Yeah. I don't know how time zones work either. I'm with you. And plus we just had the time change, which by the way I had to, I took a trip last week and my wife informed me that the flight was at 5:00 AM, right? So you have to get up at what, 3:30 to make that flight. But then she
also informed me that the time was changing on Sunday night. So actually to get up at 2:30 to take that flight, which is. The worst flight I've ever taken in my life. But
this stream is not about my my shenanigans. It's about GitOps. And we've works. We're glad to have them with us. And yeah, let's go ahead and roll that intro video and we'll bring them on.
More and more companies are seeing the business benefits of moving to cloud native and adopting Kubernetes. But that can often mean a long learning curve, even for app developers. What if you could deploy directly from VS code and be compliant with your platform team's needs to use Kubernetes, GitOPs, policies, Canary deployments and more. And what if you could do that with little to no knowledge of Kubernetes and GitOps? The Weaveworks team that maintains the open source CNCF project Flux have made this possible with the GitOps extension for VS Code in this session. Kingdon, Tamao and Juozas will demo an easy way to deploy GitOps from Vs Code and show your platform team how to set it up so that you can get back to innovating and improving your apps.
All right. That's a great video. Good job, Peggy. By the way, that was Peggy, our producer doing the voice over there. It's quite, I think it's better. That's the best voice over we had so far. But yeah, without further ado, let's bring them on. Let's bring out Tamwo from Weaveworks to the stream, talk about GitOps and Kubernetes.
Ah, there we. Go. Can you see? Me. Yeah. Sorry. I think. That intro cracks me up. My sister actually does those corporate gigs, So what I'm seeing like the stock video.
Like the video clips? Yeah, she's an actor. Really. Shaking head, you know? Yeah, I'm frustrated. Like in battle elements and stuff like that. The stock footage, that's what I'm. Thinking exactly. Exactly. You might be all over YouTube then, right? Because,
you know, there's like stock footage, just it's a. That's awesome. And also, you told me I was supposed to wear a funny hat, so I brought my Flamingo hat because I want to get an acting gig as well, right? We want to get out of this technology thing, chat right? Like this is we're going to be actors. We deserve to be on the stage. Alright, So what are we talking to Tamao? What are we talking about today? What is git? GitOps? What is a Kubernetes? Can I have one? Where does one buy a Kubernetes? Let's go to your local corner store and they just have boxes and boxes of Kubernetes that you can get.
So actually, yeah, you know, I don't wanna like front load so much and and overburden everybody. So part of what I'll be showing is exactly how you can execute using all these technologies without needing to be an expert from day one. Because what we're also hearing from people is, you know all these words, right? Containers, Kubernetes, and we, we know lots of people in our community who spend 6 to 9 months just building up the knowledge before they feel like they can even use it. And So what we're really excited to show today is the GitOps. Extension that we created for people in VS Code so that you can actually use all that without being an expert from day one and then if you want to learn over time you know I think that's the best way to learn right? Is that like ohh I'm using a thing. I may not fully understand it but I'm
actually still being able to do my job as as opposed to like hitting the pause button and so I'll be showing like the two-minute really short pitch and then thankfully as the video showed, a Kingdon on my team and Juozas. On my team will follow me by explaining what's going on in the under the hood. So my little pitch is to the app developers. I'm assuming many of you are app developers and maybe your app developers that you just want to work on building the best apps. And it's, you know, gets to be kind of complicated when you have to learn so much infrastructure and terminology and how things work. So I hope that my 2 minute video will get you excited to go tell your infrastructure team, your operations team, your platforms team, what however your structure is and.
Well then like please watch the rest of this video. Kingdon and Juozas explain how it works. They'll explain Kubernetes and and GitOps, and they'll show you how to set up these templates that we have that make it really easy. Oh, I think you're muted. I don't hear you.
Oh, I can't hear you. Maybe I lost my audio. Unmute.
Somehow I probably need to myself. Kubernetes is cool. All I know about Kubernetes is that it has a manifest. I will agree with you though to know that it does feel like. As a developer I feel like. Before all I had to know was like how to build an app and now I have to know about containers and orchestration and DevOps and all this other stuff and it's. Like the pipelines are, I understand, right? Like we're automating a lot of things with the developer. It's like you
have to know more, not less. It's always more. It's not scalable. So, you know, Kingdon, Juozas and I live deeply, deeply in this world of Kubernetes and open source tools that we maintain within the cloud native computing Foundation. And people are literally telling us, like, I know
not everybody has a platform team, but maybe you have operations or maybe people in IT right where they start. Out. They're like all excited. They're like, OK, we're gonna do this thing like Kubernetes, and you know, they get to go to the conference or maybe they get trained and then they realized, OK, I'm going to build this platform internally. And they're like, OK, I got to train my developers on how to how Kubernetes works and I have to, you know, give them tech support and then whatever months in, they come to us and they're like. This is not my job. And yet I'm spending half my time giving talks within the company. I'm trying to
train them and it's just not scalable. And so I think, you know, a lot of us maybe who were fairly early in this journey are now seeing this. And so thankfully it, it gave us these ideas. Like OK, we need to build an extension or we need to build some of these tools so that, you know, the larger organizations and the app developers can do all this stuff but not have to be experts because it's just not scalable for everybody to have that. Level of knowledge of Kubernetes because it's not easy.
Yeah, absolutely. So let's let's see it. I'm. I'm excited to. See it myself? Alright, so I'm going to slide over to so this is like a two-minute recording. Thanks everybody for joining. We are so so excited to show you
our GitOps extension for VS Code. And as I mentioned our our goal here my 2 minutes of fame will be talking to the app developers and showing you this wonderful way to do a deployment. Never leave VS Code and yet your deployment could be highly highly complex. It could be using all these things Kubernetes containers and all these things that we talked about. But you don't really have to know that because through the extension we're also showing these templates that your IT or platform or infrastructure.
The teams can create for you and in those templates are baked all of the things that they need. So, you know, maybe they have security policies, maybe they want to make sure that everything that gets deployed gets deployed through Canary deployment so they can roll back if there's a problem. You know, maybe they're having all this technology like Kubernetes and such, but that's all baked in. So all you have to do is grab this template and execute from VS Code and you're off to the races, you're back to developing your apps. So here I'll show.
By recording and I'll talk through it. So Yozis and kingpin will explain a lot of the details that you see here in the background. But essentially here, like I said, your IT or platform team would create a template that has these requirements in it and on your end you would grab that template and start the deployment process. Now the extension we said is called GitOps and as you might be able to guess, it's operations using Git and Git is an open source. Tool created by the person who created Linux and it does version controlling. And the reason that GitOps has really taken off a lot with infrastructure platform teams is that, as you can imagine with the version controlling system that means the deployments version controlling is tracked. If there's
an audit, there's an audit trail that they can show. There's also added automations that can be put in place using this GitOps approach. And if you know git. A little bit then you probably know like GitHub or GitLab where with github you have a pool request, right? So now you can say I want to deploy and you deploy in the form of a pull request so that your admin team can look at that, they can approve it and then merge it. So this is
a little bit what you're seeing here. We're also using here the wonderful GitHub extension that's in VS Code. So you can see here you have never left VS Code, you have kicked off a deployment. That uses the GitOps methodology, but you're still within VS Code because we also have the GitHub extension. So basically when you kick off a deployment you start the pull request. And in this case we're going to be our own admins, so we're going to go ahead and merge our own. And so the final part about this
GitOps extension that Kingdon and Juozas fantastically built and have been maintaining is once you do the deployment, you get these green check marks all within VS code so that you know. That it was successful. So you get to do the deployment, you get the feedback. And the reason I did the recording here was there was a little bit of delay, but it was seriously like 3 minute delay here from, you know, the deployment process. Like I said, it's
got so many different things on the hood. It's got the containers and the cougarettes and all these things that your platform team can set up. And again with the templates, you know, in this case we're using these commercial templates to show you the full bells and whistles, but with the templates you know they are. Able to put all the things that they need. Like I said, if they want Canary deployments, if they want policies, if they have those things, they will bake that into the template. So all you have to do is grab it. So I hope that for many of you
app developers, maybe some of you who are feeling the pain because the word Kubernetes has come up in your company and everybody's trying to train you on stuff and you know, it just feels like a lot of work. We hope that you will tell your platform or infrastructure teams to watch the rest of this video because Kingdon and Juozas will explain. What just happened here and explain how to get started. And if you're kind of in the middle like you know you like to learn more, maybe you're you're full stack developer or maybe you're in the DevOps side, then please do stick around and watch the rest and ask questions.
Very nice. Well, let's bring Kingan and Yosan, because I already have some questions. Hey, what's up? How are y'all? Hi Burke. Good, good seeing you. It's got a hat too. I
appreciate that effort. Duly noted. OK, so just a couple of comments here. Let's see here. Kubernetes, also known as Kate Open source. Yep, for orchestrating containers. Richard says we're looking forward to this demo. My my my current mindset is to use IaC. I don't know what that is. What is that?
Infrastructure as code. Ah, and policies within Azure to define what resources can be deployed and how they can be configured. So I guess this is the part that I don't understand. It
isn't clear to me. Is that how exactly? How? What it? What is that exactly? And how how does that work? Like what is Richard referring to here? Well, it seems like the general idea is to put your policies, your infrastructure, all that stuff into a declarative definition. And and Kubernetes, we have this concept of declarative definition, but we put definitions into git so that we have a snapshot of what things are like at a given state in time. And some things are easy, some things are hard to declare in a declarative way. The
usual paradigm is imperative. So, you know, that means we're doing things in order. First we create a cluster, then we put some workload on it, then you know, we make it exposed to the public and these things all happen in order. And in Kubernetes it's kind of turns that paradigm upside down because everything is declarative, so. Gotcha. So in that demo, is that what we're seeing
there? And declarative changing a YAML file and then checking it in, which then kicks off some sort of deployment? Yeah. So go ahead. Yeah, it creates a cluster. It creates an entire environment and installs flux, which is a system for synchronizing resources and get to the live cluster. So because infrastructure is
a code, we treat it completely as code. We can make changes. Give him commit, revert version and we get all the benefits that we apply to our app development but apply it to our infrastructure. OK, so this isn't as much about deploying my React app as it is about defining my infrastructure entirely in configuration, putting that into GitHub so that it's version, and then I can easily roll back and move between versions and changes in my infrastructure in case something goes wrong or I want to change back. And then it automatically deploys that infrastructure or makes changes to the infrastructure based on my commits to Git. Is
that correct? Exactly. And is that GitOps? Well, there's a little bit more to it than that. We've got an app demo because apps are what people are actually focused on or they probably want to be focused on. And cluster creation is probably one of the
hardest examples, which is the other reason we didn't do it live this time. But maybe if we have an if time, we can go over that from the beginning, create the cluster once we're through our actual examples that we prepared for today. Yeah, sure, let's get right into that then. I appreciate
y'all clarifying for me as a as a simple app. Developer I don't like the infrastructure is over there someone else's problem? Yeah, sure. So I'll I'll show you a simpler demo and I'll walk through some parts of it and hopefully it'll be interesting both to people completely new to Kubernetes and people who work with every day. So we're using, sorry. We're using GitOps tools for for Flux extension that has logo. It looks like this. Excuse me one second.
I'm having some issues with my computer. OK. OK so we we are using this extension and we have a lot of clusters. Including management cluster called Howard Space, so we can select this cluster and make it our current cluster. And we can see all the resources management cluster has a lot of stuff in it that will not talk about, but it has one thing that we'll be using called templates. So it has a simple application template. So we're going to use a template to create an application and then we will deploy that application to a cluster that was created in the video cluster 02. So when you say app template, what exactly is the app template? Does it define like the defines the container? How much resources it gets, things like that.
It it defines that, but in this case it also defines GitOps configuration for the app. So not only this will deploy the manifest, this template will also set it up so that it's continuously being deployed from Git. So your app is deployed. It automatically is enabled for DevOps. Is automatically set.
GitOps is automatically enabled thanks to the template as well. As the app is deployed. OK. So the template is available here in the list of templates we're showing you off a commercial website Guido's enterprise product. We're discussing open sourcing it, but we're also showing
it because for purpose of demonstrating a concept, you can set this up to yourself using open source tools. Just create a template. But we have created templates already. So we'll use the template.
And we're going to put that in the fleet in for a folder and we fill out information about our app. So this is a resource name, it's hard coded. And there's the Git repository where app lives. Our app is a simple web application that just says like Hello World and lives in GitHub. Stefan Prodan part info. So it already exists. It's in a different you. Have already exists in Git? Yeah, and then we're going to have a name. We're going to use the master Bench we're gonna use default namespace and then inside the Git Repo there is a folder called customize that contains the manifest that are the deployment, that are the pods, the container images. This is where our app definition lives
in git in this folder, so we'll use a template. And the template will create a file and which cannot one second. And this file was now added to our Fleet Infra folder, which is a folder where all our infrastructure is defined. Our clusters, our apps, everything lives inside this folder. Not the app itself, but the information for deploying the app. It's in this folder. So create a new file default clusters too. Example 01 app.
So our template created this file and this file contains 2 resources for Kubernetes. One resource is a git repository and it refers to the podium for Git repository. And every 20 seconds flux will check the git repository for updates.
OK. That's what flux does. Flux glues these things together. Yes, yes, and it is based on a pull method, so you set an interval. If you have a very large system, maybe 1000 apps, you don't want to do it every 20 seconds. You can set up a push system where we need to push something to get, it will inform flux and then it will update immediately. And then it it has customization, which will deploy everything in a customized folder. So. So now we have this
stuff, but flux doesn't know about it because it's not in our Git repository yet. So we will, we will take this and we will add this, add this change and then we'll talk. Yep, and we will commit this and I'll push this directly to the main branch because. This is for an example. It's faster. So now our
fleet infrastructure Git repository knows about our application Git repository and Flux will reconcile it. Let me show you very quickly the application good repository. It's called pod info. And it has this folder customized and inside the customized folder we have some other resources. HPA deployment and service deployment is the most interesting one for total Kubernetes newbies because it defines how the app works.
It has a spec. And the spec says use this container for GitHub container registry. And then it will have these supports and it will have these options for the app also has a service resource which will connect which will connect the app, the Pod Info deployment to a network service on this port. OK, so now we have. We have created this Git repository customization and we have pushed it and now flex should reconcile and create.
Create these resources inside our cluster O2. So let's connect to cluster O2. And then inside cluster 02 we can see that we have some namespaces and inside the default namespace.
Is now created a resource called Git repository. That refers to Stefan Prodan Git repository. And in the default namespace is also create a customization. Customization that create that refers to the Git repository customized folder. Now Flux knows about all of this and it
took everything in that folder and put it on a cluster and then the cluster created all the resources. So now you can see once it's finished loading. That inside our cluster live we have a deployment based on the image that we talked about before this information here.
And then we also have a service which is how it's connected to a network and has a cluster IP. So now on our cluster there's a service running, we can go on a web browser. We can go HTTP. And then what was the port? The port was 9898. 89898.
And if everything went right? Hey. Yeah, so a lot of steps to show a web page, but what is happening now is a web page is being continuously updated from Git. We make a change, push it to Git to Stefan story. This will 22nd later be updated in our cluster flex In Sync. So where does the cluster run? I guess that doesn't matter, right? It could be an Azure, it could be a native, yes, it could be on your own.
Data center on my home lab. Yeah. OK, so so then how exactly is it? Well, this is in GitHub right? It's in a git repo. Yes, there are two git repos. Using action, what is it using to actually make the changes? Is that where we works comes in? Flux copies. Flux clones the repository into the cluster and it maintains a copy of the clone there. Filter down to only the files that we tell it that we're interested in. So if you have a git
repository that has a giant app and you know lots of source code in it, we're really only interested in the manifests, right? Because flux is only deploying the app, and the manifest tell everything that Kubernetes needs so. Flux is taking first it's doing a clone and and that's what the Git repository resource does. The other resource that we saw is called a customization. This is subscribed to Fluxus copy of the Git repository. So every time the Git repository updates now customization is saying OK, I have new changes to apply. And it tries, and it's also reconciling on an interval of its own, so if something changes inside the cluster.
You know, someone has access that they shouldn't, or they've changed something for testing purposes. Now we want flux to put it back because the definition of what's supposed to be on the cluster, the source of truth, is in the git repository. Does that make sense? It does. So flux is running inside the cluster, right? You've installed it, whatever that means, inside the cluster, assuming a container. But then you're looking at multiple clusters here, So what is sitting above those clusters that lets you? Like if flux, this flux is running in each single one of those hmm and maintaining a copy of that repository. And then when you push to the repository, flux, I assume, sees the change and then does the rest from there.
Yeah, flex is very lightweight so it is OK to install it on every cluster. There is another model where you can install flex just on one cluster and then have it control all the others. But part of the getups model is this poll poll based. So you don't
actually have to open up a connection from the Internet to your cluster. You can allow that cluster to reach out and look for what changes or what definition should it have and it's just going to pull it in. So this is a more secure. Followed by default. Ah, gotcha. So there's there is no actual external access
to the cluster. Right. Even though they did have access to that, we have. They're building images. That's all they're doing. They're building images and pushing them, and then flux is watching.
OK, so we got some questions here. First of all, the most important question. I love you too, Cecil. I miss you man. Hope to see you again soon. All right, here's the here's an actual question. Is so is this cluster instantiated on mini cube? See, when we start using words like mini cube, this is where. This is where I start to go off the rails because I don't know what this stuff is.
The audience knows what we're doing here. They do this is a cluster API cluster. So Cluster API is an open source toolkit that is leveraged by we've Git OPS to create clusters declaratively. So there is a cluster resource up there. And we can come back and look at that template or if you have it now, we can pull it up and see the cluster definition that we actually ran through and the very first in the video.
And that definition, it includes 3 resources. There's one. We'll see. It's called getopts cluster. And this is the hook for. We've git OPS to understand how to get OPS the cluster. So Cluster API
is a completely separate tool. It does its own job supported by other tools. And this is a V cluster. So there is really the answer for people who want to know what are we building on top of this is cluster and there is V cluster that supports it. So that's the infrastructure
provider. And this is all very complicated, and I'm sure we've lost some people at this point, but hopefully someone's getting something. We do have another example. I'd like to show that story absolutely more apt focused again here. Yeah, let's do it. So let's. I've got, uh, if we can switch the screen shares to mine, I've got this one ready to go.
OK. Yeah, I think, yeah, you're up. Yeah, so? So here is a definition for Git OPS template, just like the one showing you want to get this a little bigger there. Yeah, yeah, sure, we can
get that out of the way. Probably that's out of the way too. So, so here all we're really doing with a template in general like this is this is the pattern here that we really wanted to show today. More than anything
is we can use templates to help our app developers or people who don't know Kubernetes wield the complexity that we want them to have access to. So in this case, there's a lot of choices here, but we've prefilled all the all the, you know, correct answers, so you just click. So you can see the result of this example, and we've got some options in this one. I'll show a slightly different interface, so.
We know that we can access templates this way. But with we've get UPS enterprise we get a UI for templates in the browser. So we can access our templates here, and it's very much the same. This is this is almost exactly the same as what we've just done, so here, this list should look familiar. Here we go, use this template. We get a prompt
very similar to the one we saw before. This is selected for us because that's the example I wanted to show today. And. We have a pull request workflow that's similar to the one that we use in VS code, but it's a little bit more. Um, streamlined. I guess it's part of the we've got UPS product. So what this is doing here is authorizing
we've git OPS to open a pull request on our behalf. So here it's ready to go. And now we're going to create pull requests. And this is the whole this is the. This is the big point of Git OPS, right? It's not only the single source of truth, it's not only declarative, like those things are great, but what it really gets us is we have.
Code that we can share and have reviewed so we can look at this and say alright. This is wrong. Or maybe I don't know if something else is wrong and then fix it in the pull request before it gets merged, so that's the point of get OPS. But this this should work, so we're just going to merge it so we can see what happens. And what this example is going to do? Outwardly it looks like the same example, except it's pointed at a different git repository. It's pointed at my fork,
so this is kingdom's pot info. And I've done some work in here to make it a little bit simpler. So I know that we said it's a website, but it really what it is. It's a micro services example platform. It's really quite complicated under the hood. There's a lot of source code in here.
And. What I would like to do, if I can find where I'm looking for I think I want. What's row 2? So while you're pulling that up. Richard's taking a crack at it here. So get up
actions, provisions, infra using Yammer on the cloud provider, then Kates on the cloud provider. Pulls GH for updates. Yes. That is what's happening.
That is what's happening. And the polling, yeah, the polling. So polling is the easiest thing that we can do. Polling is fine for a small example, but. If you're scaling, like really, there are a lot of problems with this first example, right? There's. First of all we we don't have any ingress, there's no way for traffic to get into this cluster.
And second of all, we don't have any monitoring. So there's a lot of opportunities that we'd like to make available that are not going to be available because we don't have. You know, all these things that we haven't done yet.
So, So what we do have though this example has multiple environments because I think this is probably the first thing that you want. You know, this is a conversation that you have with your platform team. I know not everyone has a platform team, but hopefully you've at least had the conversation with someone or about, you know, we shouldn't just be deploying straight to production, right? We we need to test things before they go live. So, you know, maybe, maybe that takes different forms, flux and flagger. There's one way that you can test things in production that we actually do recommend where we have a monitoring setup so that we know.
How it's doing based on KPIs, you know, things that we we measure like how is the response rate? Is it fast, is it slow? How many errors are we serving up? Has it gone up since the release? And we can do. Yeah, go ahead. Yes, so can you when you say a platform team. In my mind, you know you have app. In a typical setup you have app developers. If you're lucky, you
have a QA department and then. And then you then you have what I would call infrastructure, right? And to me what? So where does platform fall in that? Now, again, I've been out of the a large enterprise setup for a while, so I'm not sure where it's at today. But to me this is, is this is like an infrastructure thing. Like this is something our infrastructure team would have done, is configuring all of this stuff, setting up these templates for us as app developers so that we don't have to do this.
Yeah, we've we've found in a lot of our conversations. With people who are using these patterns in in their companies that there is sort of a a extra layer that you need when you have OPS and you have dev and there's nobody in between you bottleneck because devs constantly needs support of OPS and OPS. You don't want to pay those guys as much as you pay them. You don't want to have so many OPS people to support all these devs that you need. Maybe I need 1000 devs and maybe I could support them with ten guys, but I really need you know. This core infrastructure team of four OPS guys to focus on infrastructure, not on supporting the devs. So that's what
we mean when we say platform team or at least one gotcha what we might need, OK. OK. So in an ideal scenario, I guess that's the way it would go. I guess it just depends on the size, you know? I mean, chat, I don't know about y'all, but when I was doing even the enterprise like I was doing it all, I mean, I was writing. Sequel. I was fixing the box. Pro apps. Most people have access to a platform team, and that's part of what we're talking about today, right? We're trying to help you. We want to be your platform team. We would
really like to support you and, and, you know, provide you with that extra help that you need to scale your devs. So I'm just going to show a little workflow here. Yeah, sure, change. So we've got this code. And we have to open another window so I can get to. Pod info here projects.
All right. Yes, of course I trust them. Yes, Workspace trust notifications. Alright, I need a terminal for this. And I need to edit a file, so the first thing I'm going to do. Is I'm going to show you the overlays. So we
we deployed from this directory, customized. This is the simplest version of the manifests. We actually have multiple versions of the manifest in this app repo that live together with the app. So we can define our production environment as part of the app so we can define. You know, there are different patterns for this. This one maybe isn't for everyone, but I wanted to be able to show a deployment of multiple environments, which we've already done. By
the way, I don't know if we noticed what we saw here, but. We have 3 environments. Beijing production and pre production back here because that's.
The pod app. Yeah. And. There's some more. Advance with that part of the template, sorry. Kingdom was
that part of the template that it automatically created those 3 environments. Yeah the template is here for that. So here are those 3 environments pre prod, staging and the app itself is production so. So this points at another one of those overlays, and all three of these are exactly the same except for a few minor variations. So this point set production.
And this one also points at production, because it's pre production, but it points at a different source. Let's take a look at those sources real quick. So this is an OC I repository source. It's something
that we build from our GitHub actions as part of our release or part of our testing workflow. So there's different tags that we use as part of the release workflow. And if you saw the CNCF live stream about six months ago in August, I think where we presented OC I as a new feature, we use the same workflow then. So what we're about to see, we're going to do a deployment to staging.
And then we're going to do a release and then we're going to approve it to production. All right. Yeah, let's let's do that real quick so we have time.
I mean, as a developer I would love to live inside of an environment set up like this. Yeah, so here you want to see what the production environment actually is composed of. It also has multiple environments that it's composed of. It's got a back end, front
end, and then a Redis cache and we have this cash. So that it's distinguished from the other environments. So we can see this was production and we've got similar things in here. There's one in here, right? This one says welcome to staging. So, so the definitions are the same. Everything is going to be the same for these except for that one label that we've patched and.
Those definitions come from way up here bases front end deployment. Alright, so we're going to change. One of the options that we pass. And you'll see why. And that's a second. And I want to commit that to get right. So you've commented out of variable I assume for a logo. Right, yes.
What is this? No, I don't wanna do that. I don't know why I would wanna do that. OK, all right. And I've got some helpers here to make the release workflow smooth. So we're going to do make version set tag equals. I need to know what
the current tag is. All right, six point 4.4. So we need a new tag for this. OK, this is like a package dot JSON version. You got to increment it.
To get into and you see it's in a bunch of files. That's why we've got this helper here. To make it really easy to do this, just go do and six point 4.5. Ask me the same question again. And now I think we want to go back to those environments and we want to see. Are getting action, so it's gonna take a minute. So if you fork this, you will need to enable GitHub actions. If you've ever worked on a forked repo
with GitHub actions before, you probably already know that. The only thing I missed actually have to do make release so we won't see the release so. We'll see staging updating soon because we haven't done a release. Actually we'll see an error soon because there is no image 6.4 point 5 and that's all that's staging knows. Make release.
Here we go. This is what I've done. Make release. So this is doing git tag and Git push tag. That's really simple. And then we should see our actual release workflow kicking off. There we go, release pod info. So we've got a staging artifact that's pushed.
And we should be able to see that error that I was talking about because six point 4.5 doesn't exist. Umm. So there are different patterns here, and we're not showing all of the patterns right? What I want to show here right is. That definition has a specific, you know, reference to an image in it. We just updated it, and now it's
pointed somewhere that doesn't exist. So there's an error. Yeah, but. It which image pulled back off means it ain't running, it's down.
Right, well the old version is still running because Kubernetes knows the new version isn't up. So so. That's so it's basically telling you we did the new image didn't get deployed. Right. But it will keep trying because the definition says it should be there and and and there's different ways.
If you, I mentioned the CNCF live stream, we were actually on the CNCF live stream last week also where we showed image update automation which is a tool that would get you out of this if you really wanted to be deploying fast in Dev. But what we're showing is a slightly different pattern because we want to be able to test changes to our manifests that might not be the image you might want to be able to test. Something else like. See, it hasn't changed the image because the new deployment hasn't rolled out. So even though we're not, we're not worried about a new image. The deployment and the image together are kind of bonded as a pair right there.
There is no. New definition that comes in and starts updating the old deployment pods there. That's part of the deployment workflow. So as long as our new deployment isn't ready, we're not going to see any change here. But we should see this momentarily.
This. Is done pushing an image what we're going to see? Here we go, build and push is done. So we should see this updating any moment now to the new image deployment and manifest. And what we're going to see after that is it'll also go out to pre production. So we had some definitions. We'll go back and look at those so we understand why it's going out to pre production before it goes to production.
But. I like how they're staging, pre production and production. It's like, Are you sure staging? Are you sure you're sure pre production? Yeah. Well, I wanted something so that I had an
actual definition of production that I could point to and say production is running this image, I tell you what image it is, right? I approve that image. That's the image. I don't want to see any other image running until I approve a different image. That's kind of the
pattern that I'm going for because that's the work environment that I came from. Before I was at Weaveworks. And this does take a minute. See it is running now. We should see responses coming from the new one. As the old one gets shut down, there it is.
Nice. I like. That reproduction is also updated. OK, we got a couple of. Questions here. So Osama is asking earlier if to point to public cloud, where did the secrets get saved? How do you manage secrets? There are definitely different answers to that. The enterprise answer that we're pushing at this point is called External secrets and it has many different back ends that you can use. The probably the best answer is a solution like a key management system that actually is managed by your cloud provider.
Because then you can implement policies around key management and but the the Flex official answer because we don't endorse or support any official cloud provider other than all cloud providers. You know equally the flux official answer for open sources. We use sops. Is the primary solution that we suggest and in Sops.
You can encrypt your secrets and store them in a git repo. I say a git repo, not the git repo because even encrypted secrets. You should consider who should have access to the encrypted secrets. It's probably a different set of people than who should have access to the source code for your app. So yeah, create a git repo just for secrets. Or
you can keep it in the fleet infra repo. Like we've got our fleet repo for all of our cluster stuff. That's a reasonable place to keep it. But it's encrypted.
So, so it's not. Open Access for everyone who has access to that repo. Yeah, I know here. You know, Azure has key Vault and part of Key Vault is. Yes, it stores your secrets, but the bigger part of Key Vault is the governance that you can put on a key vault that controls exactly who and when and how people can even access the secret so that it's not just.
Not just your ability to access the key vault. Similar question here I think. Could he? Couldn't the EV files be combined? I think this was from earlier in the demo and using ENV VAR. It's a good question. Yeah. So you can have a difference between your environments and sometimes those differences are desirable, right? So I said there was a problem with our first example. Well, there's a problem with this example too.
We still don't have ingress. We don't have any way other than this tail scale network that I'm connected to, to actually get traffic to these environments. We don't have monitoring from Prometheus, so we can't fuel our horizontal pod auto scaler. We don't have metrics. There's a here. We can see in the details about this. There's actually something that's not ready in here. Horizontal pod auto scaler for these deployments
is not ready because we don't have a metric server. And that's OK in this environment because really the point was to just show the progression from one environment to the next. We don't need all of that for for a simple demo of releasing, but if we had another 30 minutes or 40 minutes, we could build an environment where we do have flagger for Canaries. And we could see. You know a fraction of the traffic going to our new release before the cutover actually sends all traffic to that release. And flagger monitors those metrics from Prometheus to see how are things going. Do we need more? We'll
flagger doesn't decide that that's what the horizontal pod auto scaler does, but you see the metrics are used for different purposes and all of these details. Most app developers probably don't care about any of this, right? That's why you have an OPS team to support those details. So the point of this demo is really to show. As we as we build these templates out, you can hand them to your app developer teams and make them instantly productive with all the bells and whistles. Well, this is, I mean, this has been great for me. I feel like I finally have not a full
understanding, but a much better understanding one of what Git OPS is. But also, I mean how fortunate you are as an app developer if you get to live inside of an environment where things are this automated right? Or the fact that you can automate things to this degree is is quite fascinating. All right. We are kind of coming up on time here. Chat if you've got any other questions, it's a good time to get them in now, but.
King, Dan and Joseph, you're OK we'll move into our our last Part Lightning round. You know, good with that. Yeah. Absolutely. Alright, outstanding.
Alright. This has nothing to do with Git OPS at all, but the most important part of this stream. First of all, Kingdom. If we all want a dope hat like that, where can we get it? I got this on woot.com. I don't know when you'll
be able to. Absolutely. Ohh wow. I haven't done that in years. I remember when I was like 25, somebody showed it to me and I checked it every day, every day.
Y'all using weird chat. Put it put a one inch in the comments here using root. OK, next question, yes. This is important. Tabs are spaces. Depends. Ohh, there's a space and tab for each file. That's
the right choice. Make file, make files. You need tabs. I wouldn't use tabs basically any other place, but maybe there's a place. Have.
That's the first. It depends that I've gotten. Yeah. Alright, next question. Which I need more DevOps questions, XML or YAML? Yeah, no. Please XML is. You could get lost in it for
four days just trying to read the file with this. Code. Do we have a a friend here, Bruno Borges? I don't know if you all know him. He's works on Java, but he's a huge fan of XML over over YAML. We'll have to talk to him and figure out. We'll have him on and figure out what to do with the deal. Is there? Let's see, types or no types? For for JavaScript or or for what? Yeah, I mean just type type languages or.
Strongly typed or no types? As a rubyist, I'm extremely excited about types. I'm still not using them. Oh really? Does Ruby have types now? Ruby has types. Yeah, they're they're in Ruby three. I think. I'm. I don't know. I'm not using them. So this is implicitly answer the question then, if we've added types to JavaScript, and we've added types to Ruby, and we've added types to Python.
Is it possible that we everybody really just wants types after all in the end? If I don't plug my wasm talks that are coming up with the open source summit, I'm making a huge mistake right now because it's all about type safety. That's that's what it's for. It's all about type safety and runtime performance and cold start performance. OK, so check out Kingman at the open source summit talking about wasm, alright? I mean with Jorge in the chat because. I've really grown to TypeScript. It's to think is complex, but it helps when you when you go along with it and kind of let it help you instead of.
Rule you, then it's good. I agree with Richard Prettier. It's kind of made the tabs versus spaces argument moot, right? Like somebody decide for me, I don't care. Just figure it out. Alright folks, where can everybody go? What should they do now if they've seen this and they're like, I gotta have more of that in my life, what do they need to do? Well you need to download we've Git OPS open source and you need to download the VS code extension, vscode, git OPS tools. That. Is. Let's see which URL is this get OPS for
flux must be the get off. Tool must be something that TAMO gave us the other day. Hopefully points to the right place so to make that link.
Jobs for flux, yes. That's the marketplace for the VS code extension and Git OPS CLI is where you'll find the template feature. There's a git OPS enterprise CLI, so there's full transparency. We have to let you know that template feature that we showed is part of we've got UPS enterprise. You can download the we've Gibbs Enterprise CLI
to get your hands on it and try out that specific template feature. It will work if you use it manually, but. In order to pull the templates from the cluster you will need, we've got UPS enterprise at this point. So.
So we mentioned that there's some open source open sourcing discussion going on and we're perpetually looking for things in our enterprise product that we can open source to make everyone more aware of. We've worked and more aware of flux and and that's certainly something that's on the table, but there probably be more other things that we'll see open source first like the flagger dashboard. And there there are a lot of features that you can read about and use in our we've gups enterprise docs without actually purchasing. The enterprise product itself like Cluster API is all open source and all of the things that we showed are based on open source. So. This specific feature that we showed today is a little bit different. Difficult for people to use out-of-the-box right now,
but we're working on that and making it more accessible so that more people can adopt it, right. It's a templating tool. There are other templating tools you can use that are open source, helm, you know and customize. Q. Lots of different templating tools and a lot of them have great support in VS code, so.
Umm. If you haven't tried tempting as a as an approach, you know, definitely take a look at. We've got OPS. Absolutely. Alright so folks check out the Git OPS Extension VS code check out we've works and what was the the one you said there was called weave.
We've. Got we've got up. Check out. We get ups, and then there we go, right there, and then come back here. Next Thursday, check out Rory showing you how to make accessible apps, using copilot to do that with the help of AI. Because we can't do anything anymore without
AI, right, folks? Right. That's the new way to do AI. We're going to do everything, OK? Most things. Some things. Thank you Kingdom and yours for being with us today chat. We will see you back here next week and I hope you have a fantastic weekend.
Bye everybody. For hosting. Yeah. Thank you.
2023-03-26 08:12
