►
From YouTube: GitOps Guide to the Galaxy (Ep 12): Flux On OpenShift
Description
Join Christian Hernandez, GitOps Extraordinaire, for a journey through how to achieve GitOps in any number of ways. Cornelia Davis and Scott Rigby from WeaveWorks will be special guests on the show talking about Fluxcd.
A
Cornelia
on
she's,
you
know
if
you,
if
you
took
a
look
at
that
resume,
she's
been
kind
of
a
heavy
hitter.
You
know
like
going
in.
You
know
coming
from
pivotal
coming
from
a
dell
emc
is
it's
been,
you
know
very
exciting
to
have.
You
know,
have
someone
with
with
that
breadth
of
knowledge.
You
know
coming
devops
for
for
many
many
of
years
and
then
also
scott
helm,
heavy
hitter,
I've
always
pinged
scott.
A
When
I've
had
issues,
because
I
just
started,
writing
helm,
charts
I've
always
pinged
them
with
with
some
with
some
help
and
scott.
I
see
that
you
have
like
a
junior
associate
back
there,
eating
lunch
or
something.
B
Yes,
yeah
we're
my
good
friend
nice
and
I
have
a
two-legged
well
teen
associate
now
wow
yeah,
going
back
and
forth
in
the
background
pretty
well.
C
A
So
yeah,
so
I
like
to
essentially
just
turn
it
over
to
you
guys
to
talk
about
flux,
openshift,
getups,
anything
anything!
You
guys
want
to
show
us
what
you
guys
are
doing
over
at
weaveworks.
D
Sounds
great,
thank
you.
So
much,
and
so
I
mean
the
tldr
is
flux
and
openshift.
You
did
this
yesterday,
scott,
when
we
were
talking,
you
did
the
little
heart
right
so
yep,
so
I
mean
that's
the
tldr,
but
I
have
some
stuff
that
I
I
definitely
want
to
show
here.
I'm
gonna
go
ahead
and
share
my
screen
and
I
have
some
slides
because
I
believe
that
pictures
are
really
helpful
to
set
the
context.
D
D
All
right
I'm
going
to
go
ahead
and
go
into
present
mode,
so
you
can
see
what
the
title
here
is
is
that
it's
application
devops
and
something
called
that
I'm
calling
get
ops
flows
now
I
should
tell
you
that
this
isn't
an
official
term
get
offs,
get
ups
flows,
but
you'll
see
what
I
mean
I'll
I'll
I'll
explain
what
I
mean
by
that
in
just
a
moment.
By
the
way
I
noticed
just
a
moment
before
we
started
that
it
says
confidential.
In
this
slide,
it's
not
confidential.
C
D
Yeah
so
cool.
So
when
I
talk
about
application
devops,
I
want
to
just
take
a
moment
to
clarify
that
there
is
there's.
A
number
of
different
devops
doesn't
have
like
one
clear,
crisp
definition,
and
so
I
want
to
give
you
a
context
of
what
I
mean
by
application
devops
here.
So
I
believe
that
devops
fundamentally
is
about
streamlining
and
eliminating
the
barriers
between
what
has
historically
been.
You
know,
development
and
then
operations,
we've
historically
had
this
boundary,
and
what
devops
is
about
is
about
reducing
or
eliminating
those
boundaries.
C
D
There's
this
notion
of
doing
devops
for
the
applications
like
the
consumer
based
applications
and
then
there's
also
the
notion
of
doing
devops
for
infrastructure
or
platforms,
etc,
etc,
and
so
I
do
not
subscribe
to
the
the
definition
of
developers
do
applications
and
ops
do
platforms.
That
is
not
the
way
that
I'm
talking
about
this.
I'm
talking
about
teams
that
are
responsible
for
doing
application,
development
and
operations
make
sense.
E
A
Sense,
that's
it's
in
the
name
right,
devops,
right
and
you're,
talking
about
more
of
an
application
stack
right!
So,
like
kind
of
a
clarification
you're
talking
about
an
app
the
team
that
takes
care
of
an
application
in
the
sense.
D
D
So
we
had
these
organizational
structures
that
I
don't
want
to
carry
forward
into
this
devops
world.
I
guess
that's,
that's
the
the
way
that
I
would
sum
it
up
so
so
then,
to
clarify
that
a
little
bit
more.
What
I'm
really
talking
about
here
is
enabling
that
application
devops
team
to
operate
at
the
speed
that
they
need
to
operate
in
these
days,
release
more
frequently
reduce
lead
time
and
then
operation
operate
their
applications.
D
They
are
responsible
for
mean
time
to
recovery
for
their
applications,
they're,
not
responsible,
necessarily
for
the
mean
time
to
recovery
for
some
server
that's
gone
up.
You
know
belly
up,
but
they're
responsible
for
the
mean
time
to
recovery
for
their
application,
and
then
I
was
making
this
distinction
that
the
platform
team
is
very
often
in
an
enterprise
responsible
for
maintaining
security,
compliance,
resilience
and
cost
management,
and
so
today,
I'm
really
going
to
focus
on
that
first
persona.
The
top
persona
there
now
I'll
leave
this
slide
here
and
folks
can
take
a
look
at
it.
D
But
what
it
comes
down
to
is
one
of
the
the
things
that
has
happened
as
we've
moved
into
this
kubernetes
space.
Is
that
when
we
take
this
idea
of
devops-
and
we
say
oh
okay-
well
we're
doing
devops
now
in
the
kubernetes,
setting
that
what
we've
done
initially
is:
we've
placed
a
tremendous
burden
on
the
application,
application
teams
and
that
burden
being
well.
D
So
then,
let
me
tell
you
a
little
bit
about
what
it
is
that
I'm
gonna
do
in
the
demo.
So
this
is
a
really
simplified
kind
of
devops
flow.
D
We're
running
this
thing
in
production,
but
it's
the
application
team
who's
responsible
for
this
and
at
a
very
simplified
view,
we've
got
on
the
far
left
hand
side
the
developers
working
in
their
ide
they're
writing
code,
they're
running
unit
tests,
they're
not
touching
kubernetes,
yet
at
all
at
some
point,
when
all
the
unit
tests
pass-
and
they
say
yep
there's
enough
here-
they
go
ahead
and
they
build
an
image
that
image
will
then
get
deployed
to
let's
say
some
staging
environment
or
a
test
environment.
I'm
just
for
simple
sake.
D
Here:
have
two
environments,
so
something
pre-prod
and
prod
and
I'll
get
to
that.
That
parenthetical
remark
in
just
a
moment
the
auto
deploy
part
we'll
get
to
that
in
just
a
bit.
Then
we're
going
to
do
some
integration,
testing
and
staging.
So
there
might
be
another
set
of
test
suites
and
things
like
that,
and
then
we're
ready
to
quote
unquote
hand
this
over
to
operations-
and
I
say
quote-unquote
because
again
and
this
isn't
a
throwing
it
over
the
wall-
it's
a
dotted
line,
it's
not
a
solid
wall.
D
D
All
right
so
now,
let's
start
to
pull
a
little
bit
of
git
ops
into
this,
so
you'll
notice
that
I've
introduced
a
couple
of
things
here.
I've
introduced
git,
so
there's
definitely
a
get
element
in
here,
but
then
there's
also-
and
it's
not
totally
visible,
it's
kind
of
implicit
there
is
the
notion
of
reconciliation,
so
get
ops
is
about
get,
and
it's
also
about
this
newfangled
way
of
doing
operations,
which
is
all
in
the
kubernetes
world.
Reconciliation
based
right
controllers,
reconcilers,
and
that's
what
we're
going
to
talk
about
in
this
github
setting.
C
A
Entire
time
it's
like
well,
they
have
this
actually
really
cool
process
that
we
should
probably
use,
and
now
that
we
have
the
platform
to
do
it
in
it
just
seems
like
I,
you
know
you
said
scott
did
the
the
heart
thing.
I
always
say
we
go
together
like
peanut
butter
and
chocolate
right
like
that
right
then,
then,
now
it
goes
together
and
creates
this
whole
new
thing.
That's
that's
really
cool.
D
A
D
That's
where
get
ops
actually
brings
more
than
just
git.
If
you're
just
bringing
git
into
the
equation,
then
I
assert
that
you're
not
doing
get
offs
you're
doing
git,
automation
right,
which
is
something
developers
have
been
doing
for
a
long
time.
But
operations
has
moved
into
this.
This
constantly
adapting
mode,
and
we
do
that
with
reconcilers.
E
D
E
It
can
put
things
back
to
the
way
it
was
when
things
go
bump
in
the
night
right
like-
and
I've
said
this
before,
I
feel
like
get
ops
is
kind
of
the
holy
grail
of
devops
right,
where
it's
going
to
give
you
the
automation
you
want,
while
enforcing
those
practices
from
devops
that
are
hard
to
instantiate
at
first
right,
like
this
kind
of
forces,
a
culture
change
just
by
doing
it
right.
A
D
A
Now
I
don't
have
to
write
all
these
scripts
to
do
a
lot
of
this.
You
know.
Kubernetes
does
a
lot
of
this
for
me
and
like
there's
a
process
for
it
now,
you
know
I'm
I'm
not
the
type
person
to
hold
on
to
my
scripts.
There
are
definitely
I've
known
people
who've
done
that,
I'm
the
complete
opposite
like
I'm
like.
No,
I
don't
want
to
run
my
crappy
script
anymore,
yeah.
If
the
platform
could
do
it
for
me,
I'm.
D
D
Bored
yep
exactly
so
then
this
is
what
I
want
to
demo.
So
what
we're
going
to
have
here
is
we're
going
to
have
the
the
left-hand
side
of
the
flow
I'm
actually
going
to
start
at
the
right-hand
side
of
the
flow.
So
I
already
have
something
that
has
been
there's
a
pr
for
something
that
I
want
to
deploy
into
into
prod.
D
Now
how
that
pr
gets
created,
is
kind
of
out
of
band
for
today,
I'll
we'll
say
a
little
bit
more
about
that
as
we
go
along,
but
I'm
going
to
start
here
on
the
right
hand,
side
which
is
well.
How
do
I
do
this
deployment
into
prod?
Well,
you
do
it
by
approving
a
pull
request.
D
That's
I'm
going
to
start
with
number
three
here
and
then
we'll
see
that
simply
doing
that
that
approval
is
going
to
cause
things
to
happen
in
the
production
environment.
Now
here's
where
I'm
going
to
introduce
flux
for
the
first
time
and
by
the
way
I
should
warn
everybody
who's
listening
that
today's
talk
is
not
a
flux
tutorial.
It
is
not
a
getting
started.
I'm
not
going
to
go
through
the
getting
started.
The
quick
start
guide
and
say:
here's
how
you
install
flux.
D
I
am
going
to
show
you
some
elements
of
you
know
options
that
you
can
do
in
installing.
You
know
getting
flux
installed,
but
I'm
going
to
do
this
more
from
the
perspective
of
okay.
What
is
the
value
that
flux
brings?
What
is
the
ex
the
experience
for
these
devops
teams
once
flux
has
been
established?
Flux
is
often
established
by
the
the
platform
teams,
so
I'm
gonna
for
today
assume
that
flux
has
been
established.
D
Although,
like
I
said
I'll,
show
you
some
options
that
you
have
okay,
so
I'm
going
to
start
there
and
then
I'm
going
to
work
backwards.
So
I'll
explain
what
happens
on
the
left-hand
side
when
I
get
to
that
part
in
the
demo,
and
I
think
with
that,
I'm
going
to
jump
over
to
demo,
and
so
let's
see
here,
I
think
I
want
to
go.
I'm
going
to
leave
my
hang
on
leave
my
there.
We
go
and
I'm
going
to
come
over
here
and
I'm
going
to
come
into
the
as
soon
as
that.
D
The
open
shift
ui,
so
what
I
have
by
the
way
and
I'll
jump
back
into
this.
This
slide
is
that
I
have
an
openshift
cluster
here
and
that's
the
one
we're
looking
at
right
now
is
the
openshift
prod
cluster.
D
I
have
a
second
openshift
cluster,
which
we'll
be
touching
in
just
a
little
bit,
which
is
this
integration
cluster
and
I
have
a
third
open
shift
cluster
and
I
just
created
separate
clusters
for
these
things
and
actually
that's
the
royal
eye.
I
want
to
call
out
my
colleague
chanwit,
who
did
all
of
this
configuration
for
me,
so
thank
you.
Chanwick
chanwit
set
up
all
of
these
clusters
for
me
and
got
them
configured.
So
thank
you.
D
I
have
a
third
openshift
cluster
that
is
dealing
with
this
spot
right
here.
It's
dealing
with
the
building
of
the
images
and
I'll
show
that
to
you
in
just
a
moment,
so
right
now,
I'm
over
here
in
the
openshift
cluster.
That
is
for
this
part.
So
if
I
go
to
that
openshift
cluster,
I
won't.
D
I
can't
do
it
justice.
I
don't
know
all
of
these
elements,
but
what
I
want
to
do
is
I
want
to
come
over
here
into
the
operator
hub,
and
I
want
to
show
you
that
in
the
operator
hub
available
today
and
I'll
do
a
little
tap
dancing
here,
while
it
refreshes
it's
a
little
slow.
I
imagine
my
machines
might
be
a
bit
under
provisioned
either
that
or
did
I
lose
my
login.
D
C
D
See
it's
thinking
well,
let
me
go
to
here.
D
This
is
how
you
know
this
is
how
you
know
it's
that
it's
real.
C
D
A
D
Let's
go
to
the
operator
hub
again
and
now
I'm
at
least
I'm
getting
my
little
progress
bar
and
what
I'm
going
to
show
you
when
it
pops
up
is
that
there
is
an
operator
in
operator
hub
for
flux,
and
that
is
in
fact
exactly
how
I've
deployed
flux
and
I'll
show
you
in
just
a
moment
when
this
does
decide
to
update
it's
extraordinarily
slow.
Well,
let
me
show
you
in
the
meantime,
while
we're
waiting
for
that
to
update
also.
D
Not
on
my
local
machine,
no
no!
These
are,
I
think,
they're
running
up
on
equinox.
If
I
remember
correctly,
I
think
that's
where
channel
would
put
them
okay
so,
but
what
you
can
see
here
is
and
I'll
explain
the
the
windows
on
the
left
hand
side,
but
what
you
can
see
here
on
the
right
hand,
side
is
exactly
this
command
that
I
just
executed.
So
let's
see
yep
I'm
still
connected,
and
so
what
I
did
here
is
I
am
showing
you
the
pods
that
are
running
in
the
flux
system
namespace.
D
These
are
all
the
pods
and
then
there's
a
whole
host
of
other
things
like
service
accounts
and
a
number
of
other
things
and
I'll
show
you
what
that
definition
looks
like
in
just
a
bit
there's
a
whole
host
of
things
that
got
installed
by
that
flux
operator.
So
in
this
particular
case,
I
have
installed
flux
using
the
operator
that
is
available
in
operator
hub
full
stop.
I
did
not
do
any
other
magic.
I
just
installed
the
flux
operator
from
operator
hub
awesome.
So,
let's
see
there,
we.
E
D
If
I
go
to
flux
there,
you
go,
you
can
see,
it
is
in
there
and
if
I
go
to
installed
operators
at
the
risk
of
it
taking
there
we
go,
you
can
see
that
flux
is
installed
and
it's
a
community
operator.
So
if
we
go
back
here,
you
can
see
that
it's
community
operator
it
lost
my
search
context.
So
it's
a
community
operator.
D
So
I
would
consider
this
kind
of
alpha
beta
stage,
but
this
is
what
I'm
demoing
live
today.
Okay,.
D
D
The
source
code
is
over
here
in
this
other
git
repo
and
we'll
touch
touch
that
in
just
a
bit
I'm
in
this
configuring
post,
so
it
is
taking
the
image
that's
already
been
created
and
by
the
way,
the
image
repository
that
I'm
using
for
my
demo
is
key.
So
you
can
see
here
that
I
have
virgins.
Let
me
refresh
this
because
I'm
pretty
sure
I
have
a
5.09
yep,
so
I
have
a
5.09,
a
5.08
and
what
I'm
currently
running-
and
let
me
go
over
into
my
other.
D
Other
hang
on,
let
me
get
my
other
openshift
demo
window
is
right
here.
Running
on,
I
have
a
port
forwarded
so
running
on
port
9000
is
what
I'm
running
in
prod
and
I'll.
Just
refresh
that
again,
you
can
see
here
that
I'm
running
5.08,
so
I'm
running
this
version
that
I
had
pulled
down
and
that
is
being
configured
by
the
is,
is
being
deployed
through
the
configuration
repository.
That
is
here
so
for
super
simplicity
sake.
I
do
not
recommend
this
for
the
enterprise
in
production.
D
I
have
the
config
for
staging
and
the
config
for
prod
in
my
same
github
repository.
So
you
can
see
here
that
I've
got
my
prod
cluster
and
I've
got
the
configuration
for
my
web
app.
So
here
my
web
app
has
a
back
end,
a
front
end
and
some
common
stuff.
If
I
go
to
the
front
end,
for
example,
you
can
see
that
I've
got
a
deployment
and,
right
now
this
deployment
is
pointing
to
5.0.8
okay.
So
that's
what
we've
got
running
in
production
now
to
shorten
the
cycle
a
little
bit.
D
D
Sorry
get
diff,
you
can
see,
get
diff
cached
paged
staged.
Thank
you
here
we
go.
You
can
see
that
I
have
bumped.
The
version
number
oh
hang
on.
This
is
sorry,
I'm
gonna
go.
This
is
how
we
know
it's
real.
I
had
already
issued
that
pull
request.
I
decided
last
night
when
I
was
setting
up.
I
had
already
issued
the
pull
request
and
I
hadn't
done
it
locally
on
my
machine.
D
I
had
done
it
just
through
the
git
ui.
So
if
we
take
a
look
at
the
pull
request
that
I
have
already
created,
what
we
can
do
here
is
we
can
take
a
look
at
the
files
that
are
changed
and
we
can
see
that
in
the
in
the
back
end
I've
bumped
from
5.0.8
to
5.0.9
and
in
the
front
end
I've
done
the
same
okay.
So
that's
all
I'm
doing
so.
D
D
D
I
will
explain
those
two
boxes
in
just
a
moment.
Those
are
be
beginning
to
give
you
insight
into
that
concept
that
I
talked
about
called
the
get
ops
flow.
So
this
is
what's
allowing
us.
These
are
the
components
that
we're
using
to
program
how
things
get
from
the
git
repository
out
into
the
running
deployment.
D
D
D
So
I'm
just
going
to
take
this
yaml
and
apply
it
to
the
cluster.
I'm
just
going
to
do
a
cuddle
apply
if
you
will
so
flux
provides
these
and
scott.
Actually,
I'm
wondering
if
this
is
one
of
those
areas.
In
fact,
why
don't
I
do
that
and
I'm
going
to
ask
you
to
guide
me
because
you
spend
a
lot
more
time
in
this
where's.
What's
the
diagram
that
I
want
to
show
here,
scott.
B
D
B
B
Thought
I
thought
I
could
eyeball
memory,
but
one
second
yeah.
D
D
D
A
Yeah
and
that's
using
the
that's
leveraging
what's
already
built
in
kubernetes
right,
like
you,
have
a.
D
The
loop,
the
loop,
is
definitely
implemented
using
the
what's
the
custom.
C
D
The
reconciler
yes,
there's
a
custom
resource,
so,
for
example,
we
can
come
over
here
and
I
can
do
a
cube,
cuddle
api
resources
and
I'll
grab
that
to
flux.
C
E
D
D
D
D
So
if
I
go
back
over
here
and
I
take
a
look
at
the
shot,
it
should
match.
So
what
we've
got
is
a4f
and
if
we
go
back
to
the
command
line,
sure
enough
a4f,
yep,
okay,
now
you'll
notice
that
it's
not
only
the
reconciler,
that's
watching
git,
there's
the
downstream
step.
Remember,
there's
the
apply
to
kubernetes
that
is
what's
happening
through
this
customization
object
and
notice
that
it's
also
reporting,
ultimately
what
I've
just
applied
maps
all
the
way
back
to
this
git
repository.
A
A
B
B
B
That
was
it
in
retrospect,
everyone
agrees
that
that
may
not
be
the
most
clear
name
for
end
users
who
who
aren't
specifically
looking
to
use
customize.
B
The
thing
is,
since
customize
is
built
into
the
control
cli
at
this
point,
its
packages
were
available,
and
it
also
does
just
it's
essentially
a
wrapper
right
now,
for
you
know
who
cuddle
apply
so
so
we
use
the
same
thing
because
under
the
hood,
it's
all
the
same,
but
it
doesn't
really
make
a
lot
of
sense
for
end
users,
thinking
which
controller
should
I
use
so
that
there
is
a
proposal
to
to
modify
that,
but
for
now
that's
what
we're
using.
C
D
All
right,
so
I'm
going
to
do
the
magic
thing
I'm
going
to
come
back
over
here,
I'm
going
to
go
into
my
pull
requests,
I'm
going
to
bump
that
application
and
I'm
going
to
jump
back
very
very
quickly.
So
for
those
of
you
who
might
be
listening,
who
are
new
to
git
ops
notice
that
I'm
not
doing
other
than
showing
you
I
did
coop
cuddle
apply
to
show
you
things
like
you
know
the
api
resources
or
I
didn't
do
coop
cuddle
apply.
D
I
did
couple
gets
so
I'm
using
cube
cuddle
to
give
you
some
visualizations,
but
I'm
not
applying
anything
into
the
cluster
by
hand.
So
I
want
to
apply
something
to
my
cluster
and
the
way
that
I
do
that
is.
I
do
a.
I
accept
a
pull
request,
so
I've
just
merged
the
pull
request
and
if
I
come
over
here
watch
the
git
sha.
D
The
customized
one
changed
and
I
think
it's
just
a
matter
of
there's
a
delay
somewhere
because
it
should
always
be
downstream.
This
one
should
be
updating
as
well
and
I'm
a
little
surprised
that
it
hasn't.
But
you
can
also
see
down
here
where
I'm.
D
So
I'm
gonna
control
c
out
of
this
and
I'm
gonna
restart
that
watch
yeah.
I
don't
know
what
was
happening
with
with
my
watch,
but
what
happened
was
the
source
controller?
Did
its
thing
and
notice
that
these
two
steps
there's
something
really
important
here-
is
that
these
are
happening.
These
reconciles
are,
are
independent,
reconcilers
and
so
they're
happening
on
their
own
schedules.
D
So
you
have
the
control.
Remember
what
I'm
talking
about
here
is
I'm
talking
about
programming,
your
get
ops
flows.
You
get
to
decide.
You
know
what
I'm
not
gonna,
I'm
not
gonna
overburden.
My
git
repository,
I'm
only
going
to
do
a
reconcilers,
I'm
only
gonna.
Look
at
my
git
repository
every
10
minutes,
or
so
we
do
in
flux,
also
have
an
eventing
mechanism
that
I
consider
an
optimization
so
that
you
can
set
it
up
so
that
when
something
happens
you
can
set
up,
for
example,
a
get
up,
get
a
github
action
which
will
trigger
flux.
D
C
D
C
D
Oh,
it's
stopped,
of
course,
because
I'm
in
a
different
different
pod.
That's
why.
C
C
D
D
D
We
are
giving
you
a
programming
model
in
which
you
can
implement
the
flow,
the
way
that
you
want
it
to
okay,
and
so
that's
why
I
showed
you
the
source
controller,
separate
from
the
customize
controller.
You
get
to
decide
how
those
things
are
wired
and
in
fact
let
me
show
you
what
that
looks
like
if
I
come
back
into
this
repository.
D
E
Let
me
pull
it
back
up
here.
That's
why
I
have
the
whole
thing
in
front
of
me:
is
there
any
web
ui
for
managing
flux,
instances
or
app
deployments
at
scale,
something
similar
to
what
argo
cd
has
today?
What's
the
preferred
way
of
managing
flux
deployments
at
scale
and
one
last
question:
does
flux
have
some
sort
of
our
back
integration
with
cube?
So
it's
kind
of
three
questions.
D
Scott
is
so
deeply
ingrained
in
the
whole
flux,
flux,
he's
part
of
the
flux,
open
source
team,
so
scott
I'll,
let
you
take
all
those
while
I
poke
around
and
look
for
the
other.
A
B
That
I
want
to
show
you
great
sure,
yeah,
so
last
question
first,
are
back
flux
specifically
uses
our
back.
It
doesn't
have
some
type
of
separate
access
control
system
that
is
made
somewhat
different
from
some
other
projects.
In
this
space
you
you
simply
use
the
rbac
you
have
and
as
everyone
who's
set
up
or
anyone,
who's
set
up
or
thinking
about
even
setting
up
even
simply
playing
the
ammo
manifests
in
some
type
of
version.
B
Control
system
knows
that
the
way
you
structure
your
repo
in
the
week
or
repose
generally
mirrors,
if
you're
successful
anyway
mirrors
your
organizational
structure,
how
you
want
people
to
be
able
to
access
certain
things
so
with
anyway,
that's
slightly
aside
from
our
back,
but
the
que.
But
the
the
point
is
that
we
don't
have
conventions
that
you
must
follow.
B
For
that
you
we
do
have
a
way
of
impersonating
using
excuse
me
delegating.
B
B
You
know
our
back
style
in
in
in
kubernetes,
and
we
have
a
kind
of
interesting
way
of
going
about
it.
If
you
ever
want
to
see
it,
we
has
given
a
really
great
a
really
good
talk
on
this
too,
that
we
could
always
link
to.
But
yes,
answer
quick
answer
is
yes
follows:
are
back,
follows
your
out
our
back
rules.
It
does
use
impersonation
inside
of
kubernetes
to
do
that
delegation.
So
it's
kind
of
it's
kind
of
an
interesting
way
about
it.
B
B
Yeah
and
it
allows
it
allows
it
allows
greater.
It
allows
namespace
separation
and
in
a
way
that
works
well.
There
are
some
really
good
demos
to
show
different
use
cases
of
how
flux
uses
our
back
and
then
the
the
ui
question
we
have.
B
A
D
Yep
exactly
prs
are
welcome
and
and
by
the
way
it's
not
only
roadmap.
I
I
mean
it's
definitely
roadmap,
but
if
you
go
into
the
flux,
cd
repos,
you
can
find
some
of
the
wireframes
that
our
our
colleague,
jordan,
has
put
together.
That
show
you
so
I'm
showing
it
in
the
cli,
but
it'll
show
you
that
view,
and
it
actually
goes
a
bit
beyond
in
some
ways
well
in
some
ways,
not
a
bit
beyond.
D
That
is
what
the
wireframes
are
showing
they're,
showing
a
gui
that
links
together,
not
just
these
first
two
pieces
that
are
about
the
delivery
part
but
links
the
delivery
to
the
running
application.
The
operations
part
as
well.
So
if
you
will
it's
linking
this,
this
all
the
way
down
to
the
running
instance,
exactly.
B
Yeah-
and
I
think
one
one
thing-
that's
really
interesting
or
important
to
note
about
flux,
ui,
that's
out
of
scope
of
the
flux
ui.
There
is
no
intention
of
of
of
of
a
ui
for
flux,
making
imperative
changes
into
your
cluster.
For
you.
D
B
There
is
absolutely
no
intention
of
that,
because
that
goes
against
the
the
the
get
ops
model,
as
many
of
us
understand
it,
so
what
it,
what
it,
what
it
likely
will
do
is
allow
you
to
do
the
same
kinds
of
things
through.
B
So
what
so?
It
won't
actually
make
imperative
changes
in
your
in
your
cluster.
It
will,
however,
it
will,
however,
update
your
configurations
in
order
for
those
to
then
move
to
your
cluster.
There
is
one
other
side
of
this.
Is
that
you,
you
flux,
allows
you
to
pause
and
resume
reconciliation
on
a
per
per
delivery
basis.
Let's
say
whether
it's
a
home
release
or
or
a
customization,
and
I
know
that
it's
not
the
only
tool
that
that
does
that,
but
it
does
that
through
annotations.
B
It
doesn't
do
that
by
telling
the
cluster
hey.
You
know
stop
working
so
that
that's
that's,
how
that's
how
we
do
it
and
that's
how
the
ui
would
do
it
under
the
hood
or
yeah
the
plan.
Is
it
will
at
some
point.
D
Okay,
because
I
want
to
make
sure
we
don't
run
out
of
time
to
show
that
the
cooler
stuff,
so
it
both
of
those
components,
so
these
two
components
that
you
see
in
this
diagram,
retrieved
from
git
and
delivered
to
kubernetes,
are
in
the
same
file
here.
So
you
can
see
here,
here's
the
get
repository.
This
is
the
source
object.
D
So
this
is
I'm
pulling
from
this
git
url
on
a
one
minute
interval
and
then
down
here,
I'm
applying
the
customization
on
a
I'll
come
back
to
this
10
minute
interval
in
just
a
moment,
I'm
tying
here's
the
link.
So
I'm
going
to
this
git
repository
object
and
I'm
going
to
apply
specifically
within
that
git
repository,
I'm
going
to
apply
everything.
That's
in
prod
cluster.
A
D
D
A
So
it
makes
sense.
Why,
then
now
you
are
separating
your
your
prod
manifests
from
your
dev,
manifest
from
your
you
know.
Instead
of
having
the
the
overlays
in
the
same
repo,
you
have
them
in
individual
repos
and
you
kind
of
just
load
them
in
almost
like
a
a
plug-in
system
right
right.
D
Now
I'll
come
back
to
this
10
minute
thing
in
just
a
minute,
because
I'm
looking
at
git
every
minute,
but
I'm
only
reconciling
here,
every
10
minutes
did
we
just
get
lucky
and
that's
where
I
was
saying
that
we
also
have
an
eventing
mechanism,
but
I'll
come
back
to
that.
So
if,
if
there's
an
eventing
mechanism,
then
what
is
happening
on
this
10-minute
interval
I'll
I'll
come
back
to
that
in
just
a
second
okay.
D
So
I
was
here:
we've
just
demoed.
What's
on
the
right
hand,
side!
What's,
on
the
left
hand,
side
is
a
lot
more
sophisticated
and
it's
super
interesting
in
a
couple
of
different
ways.
So
what
I'm
going
to
demo
to
you
now
is
that
I'm
going
to
make
a
change,
I'm
going
to
go
into
this
cycle
right
here,
I'm
going
to
assume
that
the
unit
tests
passed
I'm
going
to
commit
a
change
into
the
repository
and
then
the
rest
of
this
is
going
to
happen.
D
E
A
D
C
A
Yeah
he's
a
great
guy
and
I
was
watching
his
stream
and
once
he
accidentally
showed
his
azure
token,
whatever
so
yeah.
So
he
said
like
it
was
such
a
pain
to
to
like
just.
E
E
A
E
Yeah,
no,
I
actually
I've
actually
done
that
in
at
a
meet
up
before
where
it's
like.
Oh
damn,
there's
my.
C
B
Yeah
but
but
I
don't,
I
sometimes
forget
to
put
that
in
the
gist
of
for
demos.
So
hopefully
people
know
that
when
they
do
themselves.
D
Okay,
so
here
I'm
gonna
come
back
over
into
I'm
now,
on
my
other
my
build
server
and
if
I
come
into
pipelines
you
can
see
here
that
I've
installed
openshift
pipelines.
So
we've
got
tekton
running
behind
the
scenes
here
and
here's
my
build
pipeline
for
the
application
that
I'm
deploying.
D
So
this
is
where
I'm
going
to
actually
use
my
command
line,
because
I
don't
think
I
staged
this
yet
and
I
want
to
show
you
a
number
of
things.
So
I'm
going
to
go
into
pod
info
and,
let's
see
what
have
I
done
here,
get
status
get
log.
I
don't
think
I've
made
the
change
okay
good,
so
I'm
gonna
go
in
and
I'm
going
to
bump
my
version
number.
D
So
here's
my
massive
code
change
is
I'm
going
to
go
from
version
5.0.9
to
5.0.10.,
I'm
going
to
go
ahead
and
save
that
now
I
do
get
status,
get
add,
I'm
gonna.
Do
a
git
commit
release
new
version,
then
I'm
gonna
tag
this
thing,
I'm
gonna
do
a
git
tag
so
that
I
get
the
right
tag
because
I'm
keying
off
of
tags.
D
Some
of
my
automation,
keys
off
of
the
tags
that
are
showing
up
in
key
where,
where
my
image
is
going
to
show
up,
so
I'm
going
to
do
a
git
tag
and
then
I'm
going
to
do
a
get
push.
D
D
Nice
now
this
is
one
where
chanwick
my
colleague
chanwit
used
exactly,
and
I
dare
say
he
probably
learned
about
it
from
an
earlier
get
ops
happy
hour
that
you
did
where
somebody
showed
he's
using
this
polling
operator
that
was
written
by
somebody
else.
Who
was
it
that
did
this?
Mario,
you
had
mario
on
the
show
quite
a
number
of
months
ago,
and
so
mario
took
advantage
of
this
polling
operator
that
was
polling
to
kick
off.
These
pipeline
runs
nice,
so
we're.
A
D
Exactly
yeah,
this
is
techton.
We
we
wanted,
because
what
we
wanted
to
do
in
putting
this
demo
together
is
that
we
wanted
to
say:
okay,
you're,
an
open
shift,
user
you've
embraced
things
like
you
know,
techton
openshift
pipelines,
and
so
we
really
wanted
to
use
this.
Of
course,
you
could
you
be
using
circle
ci,
you
could
be
using
github
actions,
those
types
of
things,
but
I
assume
that
we're
in
this.
You
know
openshift
context
that
that
would.
A
D
Yeah,
so
I
am
then
going
to
go
back
over
here
into
this
repository
and,
let's
see
if
I
can
be
fast
enough,
I
am
not
sure
that
I
was
fast
enough,
but
let
me
switch
context.
I
need
to
just
change
my
coupe
cuddle
context.
D
A
E
Yeah,
that's.
That
was
one
of
my
points
I
was
meaning
to
make
during
the
show
earlier.
Was
that,
like
I
love
getups
force
auditing
capability
right,
like
you
want
to
know
what
changed
and
who
approved
it.
Here
you
go
right
like
here's,
the
shaw's,
here's
everything
all
the
information
you
need
to
audit
trail.
Any
change
is
right.
There.
A
C
A
You
got
you
gotta
encrypt
those
buckets,
though
too
there's
a
lot
of.
A
E
D
So
I
think
I
was
fast
enough,
because
this
was
the
shaw
that
we
had
before
and
to
verify
that
let's
come
over
here,
if
we
go
back
to
demo,
the
latest
shot
yep
and
this
was
20
minutes
ago,
so
we're
in
good
shape.
D
But
what
you're
going
to
see
here
is
we're
going
to
see
that
shot
change
and
I'm
not
going
to
have
done
any
kind
of
a
commit.
That's
kind
of
the
magic
that
I
want
to
show
you
here
now.
You
might
have
noticed
that
there
was
a
third
window
here.
You
know
I
have
four
windows
on
the
left
and
I
was
showing
you
all
of
those.
D
So
I'm
now
in
the
context
of
this
there's
another
watch
that
I'm
going
to
put
here
and
I'm
going
to
watch
on
an
image,
update,
okay
and
so
I'll
put
the
image,
update,
watch
up
there
and
then
I'll
show
you
how
these
things
all
link
together
in
just
a
moment.
Now
this
image
update
automation
is
doing
this.
It
is
watching
the
image
registry
and
based
on
a
certain
policy.
C
D
D
Is
that
it's
not
to
me
a
pipeline
is
something
that
has
a
start
and
a
direction
get
ops
flows,
do
not
have
a
single
starting
point
and
a
single
direction
what's
happening
here
is
that
this
flow
that
is
happening
in
the
in
the
staging
environment
can
be
triggered
off
of
a
change
that
this.
This
image
update
policy
applies
to,
or
if
I
had
gone
in
and
just
changed
my
configuration
it
would
have
updated.
A
So
there's
many
many,
I
guess
points
of
entry
right
where
you
can
do
the
triggering.
D
B
D
D
A
So
it's
it's
kind
of
you
know
I
always
go
back
to.
I
remember.
Kelsey
hightower
did
a
talk
long
time
ago
back
when
he
was
in
coral
west.
So
this
is
a
long
time
ago
said
that
you
know,
kubernetes
is
how
you
design
a
system.
If
you
don't
have
ssh-
and
I-
and
I
always
kind
of
just
take
that
and
expand
on
it
for
get
ops
is
like
git.
Ops
is
how
you
design
a
system.
When
I
take
away
cuddle
from
you
right
and.
A
D
D
D
D
C
D
Those
other
steps
are
being
represented
up
here
should
have
put
them
in
this.
In
the
same,
I
maybe
should
have
put
them
down
in
this
folder,
but
don't
worry
about.
That
is
that
I
have
this
image,
update
automation
that
says:
okay,
I'm
going
to
watch
based
on
certain
policies,
I'm
going
to
watch
this
and
then
I'm
going
to
make
updates
to
the
configuration.
D
D
My
pull
request
merge
26
minutes
ago,
but
the
more
recent
update
was
this
thing
that
was
done
by
flux,
flux,
updated
the
repository,
not
me,
and
so,
if
I
take
a
look
at
what
this
particular
change
was
that
notice
that
it
bumped
it
from
5.09
to
5.010,
okay,
but
there's
something
super
interesting
here
and
I
need
to
move
this
because
I
just
want
to
show
the
file
now
so
that
you
can
see
it
a
little
bit
better.
This.
A
Is
all
roads
lead
to
get
depend.
D
D
A
D
A
Yeah,
it
wouldn't
have
triggered
yeah.
So
here
your
your
your,
I
guess,
you're
sticking
or
you're
you're,
pinning
yourself
to
a
to
a
z,
z
stream,
essentially.
B
And
it's
really
important
to
note
that
that's
really
cool
this
is
the
thing
that
differentiates
say,
get
ops,
this
type
of
get
ups
with
or
excuse
me
from
other
ways
of
doing
this
say
with
the
latest
tag
and
image
pull
policy.
Always
you
know
what
I
mean
yeah.
C
B
Other
tools
that
store
that
do
pinning
and
store
that
within,
let's
say,
a
secret
or
something
in
your
cluster.
The
main,
the
main
reason
that
that
it's
not
stored
purely
in
cluster
is
git.
Ops
is
also
amongst
its
other
values,
allows
for
disaster
recovery.
So
if
you
want
to
be
able
to
set
up
an
entire
cluster
exactly
the
way
you
had
it,
not
just
within
a
specific
range,
and
hopefully
that's
right
now
exactly
the
way
you
had
it,
it
could
do
that.
A
Yeah
yeah
yeah.
Definitely
I'm
also
not
a
fan
of
floating
tags,
specifically
for
the
reason
you
you
mentioned
scott
is:
I
want
a
specific
version
I
don't
want
to
just
whatever
dev
is
like.
Who
knows
what
that
is
right,
yeah.
D
D
And
notice
that
it's
scoped,
so
if,
if
you
remember,
when
we
looked
at
the
deployment.yaml
for
the
prod
cluster,
that
annotation
didn't
exist
and,
furthermore,
that
those
image
update
objects,
those
crs-
they
also
didn't
exist
so
over
here
in
the
prod
cluster,
I
don't
have
any
of
the
image
update
automation
but
over
in
the
staging
cluster.
I
have
all
of
the
update
logic
that
I've
programmed
in
and
I've
programmed
it
through
these
series
of
flux,
objects,
and
so,
like
I
said
at
the
beginning,
I'm
not
giving
you
a
flux,
getting
started.
E
A
E
D
So
they
so
I
don't
remember
all
of
the
details
but
they're
the
the
regular
expressions
if
you
will
and
I'm
putting
arrows.
D
A
Either
one
would
work,
yeah
it'd,
be
interesting.
B
There
is
a
an
issue
I'll
paste
in
the
chat
where
michael
bridgen,
who
is
leading
the
image
update,
automation
project,
has
consolidated
all
of
the
all
of
the
the
open
issues
and
proposals
into
one
so
that
there
can
be
progress
on
that
level.
We
just
talked
about
it
in
the
flux
dev
meeting
today,
and
that
would
probably
be
the
best
place
to
follow
because
there's
a
redesign
there's
some
redesign
elements
being
being
described
in
that
too.
But
but
the
goal
is,
the
goal
is
definitely
to
have
policy
ranges.
C
D
Yeah
excellent,
so
that,
if
you
will
is
roughly
what
I
wanted
to
show
today,
I
do
want
to
come
back
and
just
emphasize
in
one
last
picture
is
and
in
fact
I'll
go
into
present
mode.
I
want
to
summarize
what
get
ops
is
so
what
what
git
ops
is
we've
been
talking
about?
It
we've
been
talking
about
the
fact
that
what
we've
brought
is
git
and
we've
brought
this
reconciliation-based
approach
to
the
bridging
the
gap
between
git
and
the
running
system.
D
D
It
will,
if
you,
if
you've,
got
a
deployment.
If
you
have
multiple
instances,
it
would
take
down
just
one
of
them
and
incrementally
bring
you
over
to
the
new
instances
and
if
something
goes
wrong
with
the
first
one,
it
will
pause.
But
what,
if
you
wanted
something
more
sophisticated?
What
if
you
wanted
a
canary
style
deployment,
or
you
wanted
to
do
a
blue
green
deployment,
or
you
wanted
to
do
something
more
sophisticated
in
your
prod
deployment?
D
Well,
you
can
carry
forward
programming,
your
git
ops
flow
so
that
I
don't
just
deliver
to
kubernetes
directly.
I
am
going
to
deliver
to
kubernetes,
but
then
I'm
also
going
to
program
in
something
like
flagger
and
flagger.
It
doesn't
replace
the
deployment
that
is
in
kubernetes.
It
dovetails
on
top
of
that.
It
says:
okay,
while
this
deployment
is
happening
so
once
it
sees
the
deployment
happening,
it
steps
in
and
says
all
right.
Let
me
do
a
little
bit
more
control
for
you,
and
so
what
I
wanted
to
do
here
was
was
bring
up.
E
E
D
And
flyer
by
the
way
is
it
flagger
is
part
of
flux,
so
flux
is
a
cncf
open
source
com,
open
source
project
that
just
reached
incubation
status.
E
D
A
Awesome
yeah,
this
is
awesome,
is
let
me
see
here.
There
is
oh.
E
A
question
from
an
sre
point
of
view:
let's
say
I've
got
something:
that's
come
up
in
production
and
we
want
to
apply
a
patch,
but
for
whatever
reason
I
may
not
want
to
patch,
I
may
not
want
that
patch
to
roll
back
in
and
deploy
the
rest
of
the
fleet.
Can
I
tell
flux
to
ignore
things,
perhaps
some
temporary
shifting
resource
configs
for
a
migration?
As
an
example,
yeah
can
you
like,
say:
hey
flux,
take
a
break
for
a
little
bit.
B
Okay,
I
don't
know
if
the
language
is
really
it's
fairly
precise,
but
we
could
maybe
come
up
with
some
better
terms
than
that,
but
there
are
different
delivery
controllers
right
now
we
have
the
customized
controller,
which
can
either
do
customize,
overlays
or
customize
some
more
sophisticated,
customized
things
or
just
plain
ammo,
and
and
we
have
the
helm
controller,
and
so
you
can
tell
each
of
those
either
customizations
or
helm
releases
to
just
go
ahead
and
take
a
break
nice.
It's
important
for
break
glass
as
well.
B
C
B
A
D
How
can
I
and
and
I
need
that
to
live
longer
because
it's
going
to
be
the
thing
that
brings
my
application
back
up
into
a
running
state
because
something
was
dorked
up
somewhere
else.
You
can
essentially
pause
this.
You
can
pause
this
part
and
say
you
know
what
those
changes
right
now.
I'm
remember
that
10
minute
mark
you
can
pause
that
10
minute
reconciler
and
say
yup
nope.
Don't
do
it
right
now
at
all,
not
even
10
minutes.
A
D
I
saw
somebody
recently
doing
a
demo
of
flux
where
they
didn't
know
about
the
pause
thing
and
so
what
they
did
was
they
scaled.
The
number
of
instances
of
the
of
that
particular
reconciler,
like
the
customized
controller,
they
scaled
it
down
to
zero.
The
problem
with
that
is
that
that's
pretty
global
scope,
so
it's
any
git
ops
flow
that
that
customization
controller
is
controlling
just
got
paused,
but
I
want
to
scope
it
to
a
particular
flow.
I
want
to
say
that
you
know
what
this
particular
micro
service.
I
want
to
pause.
D
I
want
to
stop
all
of
the
reconciliation.
I
want
to
stop
the
git
ops
flow,
because
I
have
something
that
I
need
to
do
urgently
on
the
server,
but
all
of
my
other
microservices
should
continue
running
using
their
getups
continue
being
managed
by
their
get
ups
flows,
so
that
pause
is
extremely
powerful.
It's
it's
doing
something
that
you
couldn't
do
by
just
issuing
commands
against
the
kubernetes
objects.
C
A
Got
it
right,
yeah,
so
so
yeah
there's
we
are
a
few
minutes
over,
which
is
fine.
I
I
told
for
for
those
of
you
watching
at
the
cornelia.
You
can
go
as
long
as
you
want.
You
know.
All
this
stuff
is
really
cool,
but
yeah.
Is
there
anything
else
you
want
to
show
us
something
you
want
to
tease.
I
know
we.
We
got
you
guys
back
for
the
next
next
round.
Is
there
any
any
clip
hangers
you
want
to
leave
out
for
for
the
viewers
or.
A
A
D
The
other
thing
that
I
think
that
would
be
really
valuable
is
is
scott,
and
I
have
talked
about
having
scott
do
a
bit
more
of
a
all
right,
so
cornelia
showed
you
flux
was
already
installed.
She
was
showing
you
some
of
these
components
that
were
already
created,
showing
them
to
you
in
the
repository.
How
do
you
actually
get
all
that
set
up?
A
You
know
what
there's
actually
a
good
question,
which
I
think
I
I
will
modify
slightly
right.
So
us
the
question
was
actually
how
much
work
would
it
be
to
add
an
openshift
route
support
to
flagger,
but
I
think
that
extends
more
to.
How
does
how
does
flagger
handle
things
like
crds
and
you
know,
can
it
be
extended
to
to
to
do
things
with
crds?
So
you
know
that
that's
that
that
might
be
another
another
teaser
right
when
you
guys
get
into
yeah.
C
A
A
D
Yeah
so.
B
Eu
2021
is
a
day,
zero,
co-located,
kubecon
and
cloud
cloudnativecon
event,
so
those
who
have
registered
already
may
have
seen
it
and
may
have
signed
up
for
it,
or
maybe
you
didn't
those
who
haven't.
Please
do
that
as
soon
as
you
can
and
there's
the
most
important
thing,
I'm
mentioning
is
not
to
say,
come
come
to
this,
but
I
mean,
of
course
you
know
if
you're
here,
you're,
probably
interested
but
the
cfps
the
calls
for
proposal
or
for
participation
proposals
whatever
are
are
open
through
april
16th.
B
A
So
we
just
shared
it
yeah,
so
I'm
we're
pretty
excited
we'll.
Be
there
right.
The
fine
folks
we
works
will
be
there
cfps,
where
we're
collecting
cfps.
This
is
a
get
ops
working
group
in
the
cncf
we're
putting
this
on,
but
the
fine
folks
at
weave,
works
and-
and
you
know
red
hat-
is
you
know
co-sponsoring
it
putting
this
together,
but
it's
open
for
everyone,
who's
coming
to
qcon,
you
know
doing
a
day,
zero
event.
There
we
go.
Chris
says
it
actually.
A
Sorry
cornelia
has
it
up
on
the
screen
so
yeah.
So
if
you
guys,
you
know,
if
you
have
an
idea,
feel
free.
You
know
we.
We
have
lightning
talks,
we
have,
you
know
regular
tracks
and
you
know
it's.
It's
gonna,
be
it's
gonna
be
a
great
event.
It's
gonna
be
really
cool.
So
I.
A
Yeah,
so
so
yeah.
Where
can
folks
find
you
at
twitter
or
you
know
any
any
social
media
any
github
anything
you
guys
want
to
share
out
there.
C
E
So,
thank
you
very
much
for
coming
on.
This
is
very
informative.
The
audience
loves
it,
and
you
know
the
questions
coming
in
were
great.
Thank
you
very
much
audience
for
participating
and
this
we
can't
wait
to
have
you
back
and
also
obviously
get
up
gun.