►
From YouTube: CloudNative Development & Deployment w Kubernetes & GitOps Jaime Magiera UMich OpenShiftCommons 2022
Description
OpenShift Commons Gathering 2022
Speaker: Jaime Magiera (ICPSR at University of Michigan Institute for Social Research)
Full Agenda:
https://commons.openshift.org/gatherings/OpenShift_Commons_Gathering_on_GitOps.html
Learn more at OpenShift Commons https://commons.openshift.org
A
Jamie
is
one
of
my
favorite
people
in
the
universe.
A
It
could,
because
we
managed
to
get
him
to
talk
here
about
get
ops,
but
I
also
get
him
to
co-chair
the
okd
working
group
with
me,
which
is
the
open
source
side
of
openshift,
and
he
is
just
a
wonderful
speaker
and
today
he's
going
to
tell
us
a
little
bit
about
get
ops
at
the
university
of
michigan.
So
if
we
can,
let
you.
A
B
Awesome,
let's
see
if
we
can
get.
Oh,
there
is
a
little
bit
of
echo
there.
The
I'll
try
to
get
done
like
right
around
135-ish.
B
So
thank
you
very
much
folks
and
a
little
bit
about
myself
and
about
this
presentation.
We'll
start
with
that.
Actually
let
me
share
my
screen
and
actually
show
you
the
presentation.
B
All
right,
excellent,
so
cloud
native
development
and
deployment
with
kubernetes
and
git
ops.
What
we're
calling
icpsr
ops-
and
I
am
jamie
mcgarrett,
and
so
the
agenda
for
this
quick
talk-
is
an
introduction
and
some
foundations
and
where
we
are
at
icpsr
and
then
some
suggestions
for
devops
engineers
and
developers
and
then,
as
diane
mentioned
question
and
answers
will
be
moved
to
the
section
at
the
end.
B
So
an
introduction
about
icpsr,
the
inter
university
consortium
for
political
and
social
research
provides
leadership
and
training
in
data
access,
curation
and
methods
of
analysis
for
social
science,
research,
community,
the
social
science,
research
community.
We
provide
research
data
to
organizations
across
the
globe
via
a
variety
of
web
services
and
portals
recently
we
began
to
transition
our
application,
development
and
deployment
to
the
cloud
native
paradigm
in
particular
kubernetes
and
get
ops.
B
We've
learned
a
lot
during
this
process
and
would
like
to
share
that
knowledge
and
experience
with
others
to
shed
some
light
on
the
challenges
and
advantages
of
moving
to
kubernetes.
In
the
cloud
and
about
me,
I've
worked
in
education,
research
technology
for
25
years,
with
a
focus
on
higher
education.
B
I've
worked
for
the
university
of
michigan
for
18
years
and
started
working
with
kubernetes
in
2017,
as
diane
mentioned,
I'm
co-chair
of
the
okd
working
group
and
I'm
a
member
of
the
get
ops
and
fedora
core
os
working
groups,
contributing
as
time
permits.
B
So
a
little
bit
about
foundations
of
this
and
folks
have
seen
this.
Just
a
reminder
is
probably
the
third
or
fourth
time
you'll
see
this
today
so
get
ops
is
this
is
the
definition
from
open,
getups,
declarative,
versioned
and
immutable?
It's
pulled
automatically
and
it's
continuously
reconciled.
B
And
this
is
important
because
all
of
those
components
together,
I
think,
are
necessary
to
really
get
the
the
full
advantages
of
get
ops.
So
all
four
of
those
for
to
start
at
the
most
basic
level.
I
always
like
to
show
folks
thermostats
right
so
thermostat.
B
You
declare
what
you
want
the
temperature
to
be
in
the
room
or
in
the
house,
as
the
case
may
be,
and
then
there's
a
process
of
monitoring
through
a
sensor,
the
the
temperature,
the
current
temperature
and
it
tries
to
reconcile
what
you've
declared
and
what
the
current
state
is
and,
of
course,
this
harkens
back
to
cybernetics,
which
is
the
science
of
communication
control.
B
Theory,
that's
concerned,
especially
with
the
comparative
study
of
automatic
control
systems
such
as
the
nervous
system
and
the
brain
and
mechanical
electrical
communication
systems,
that's
from
merriman
webster
merriam-webster,
and
it
was
defined
in
the
early
1900s
by
norbert
weiner
in
the
book
of
the
same
name,
cybernetics,
and
it
can
be
applied
to
systems
great
and
small,
and
the
control
mechanisms
and
feedback
loops
defined
in
cybernetics,
align
with
git
ops
or
vice
versa.
B
And
so
that's
the
appeal
to
me
of
git,
ops
and
so
cloud
native
computing
and
isr,
how
we,
how
we
got
where
we
are
and
and
the
need
for
git
ops,
so
the
problems,
although
development
was
done
within
git,
the
changes
were
not
accurately
synchronized
with
the
cluster
continuously.
B
There
was
drift
between
what
people
were
submitting
and
what
actually
was
in
the
cluster.
Microservices
were
not
deployed
in
unison
for
applications,
the
promotion
of
applications
through
the
stages.
B
B
So
disaster
recovery
very
important,
the
ability
you
know
provisioning
and
disaster
recovery,
the
ability
to
provision
clusters
within
the
state
that
you
want
very
quickly
and
efficiently
and
restore
them
to
the
state,
keep
them
in
that
state
over
time.
B
So
the
solutions
in
a
general
sense.
We
separated
out
our
application
code
from
the
deployment
code.
We
create
code
to
define
external
dependency,
configuration
and
I'll,
be
talking
more
about
that.
We
store
the
microservice
code
and
cluster
configuration
in
the:
u
of
m's
git
lab
repository
and
we
created
helm,
charts
for
the
services
and
for
the
infrastructure
configuration
and
we
automated
the
process
of
loading
computer
code
and
cluster
configuration
continuously
with
argo
cd.
B
So
a
little
bit
about
what
we
have
for
infrastructure,
we
have
kubernetes
clusters
and
development
is
okd,
which
is
the
upstream
of
the
commercial
openshift
product.
We
use
that
for
development
and
the
quality
assurance
stages
and
for
production
we
use
ocp
for
our
user
acceptance,
testing
and
production
stages
and
in
terms
of
deployment
resources.
What
we've
done
is
we've
separated.
We've
created
separate
repositories
for
each
microservice
deployment.
B
Each
repository
for
the
deployment
has
a
helm
chart
for
the
respective
image
and
environmental
variables
and
whatnot
and
the
helm
charts
are
packaged
and
published
to
registering.
This
is
a
step
that
not
everyone
does,
but
we
like
the
ability
to
move
things
around
and
not
be
reliant
directly
on
the
repository.
So
we
actually
do
the
help
chart
packages
and
pull
the
packages
down.
B
We
create
application
level,
repos
and
application
helm
charts
to
allow
for
quickly
collecting
the
microservices
into
an
application
and
deploying
them
as
a
whole,
and
I
created
a
helm
chart
library
in
icpsr
that
allows
us
to
very
quickly
assemble
helm,
charts
from
reusable
template
components
and
the
deployment
repositories
also
have
pipelines
and
pipeline
runs
for
external
dependencies,
such
as
databases,
so
spinning
up
databases
in
aws,
for
example,
and
things
of
that
nature,
so
that
if
as
we
deploy
an
application
freshly
into
a
a
next
stage
or
into
a
new
cluster,
that
the
dependent
resources
are
spun
up
as
well,
and
then
this
plays
into
the
reconciliation
process
with
that
and
whoops.
B
So
here's
the
deployment
repositories.
Here
we
have
my
ubiquitous
testing
deployment,
helm
chart,
which
is
called
taco.
B
I
always
use
that
for
testing,
I
love
tacos
and
then
we
have
applications,
and
these
are
all
helm,
charts
repositories
with
helm,
charts
and
the
associated
resources
and
you'll
notice
that
one
of
them
is
the
app
deployment
and
then
the
there's
other
ones
that
are
the
api,
the
ui
etc.
So
these
are
all
in
individual
helm,
charts,
but
then
the
application
one
assembles
them
and
here's
an
example
of
the
application
helm
chart.
B
So
we
have
the
on
the
left
side
here
you
can
see
a
typical
helm
chart
a
folder
with
the
respective
values
and
testing
scripts
and
and
whatnot,
and
then
on.
The
right
side,
you
can
see
is
a
is
a
zoom
in
of
a
reveal
of
the
chart.yaml
file.
B
This
is
the
file
in
a
helm,
chart
that
defines
your
dependencies
and,
as
you
can
see
here,
we're
pulling
in
the
helm
packages
of
the
micro
services-
and
you
know
christian
actually
has
a
name
for
these
they're,
basically
empty
helm,
charts
right
so
there's
no.
B
There
are
no
templates
or
very
few
templates
in
this
top
level.
Helm,
chart
they're
basically
used
as
a
reference
to
all
of
the
micro
services,
and
this
is
the
library
that
I
wrote,
which
basically
has
yaml
files
that
allow
us
to
very
quickly
assemble
some
common
manifests
in
our
helm,
charts,
elastic
search,
credentials,
database,
credentials,
data
site,
oauth
credentials
for
node
applications
and
then
oauth
for
java
applications.
B
You
know
which
has
slightly
different
needs
and
you
can
see
also
in
there
an
s2i
build
config,
utilizing
openshift's
s2i
build
technology,
so
we
have
actually
build
configs
that
are
templates
as
well.
B
And
the
cluster
configuration
helm
charts
contain
much
of
our
day
two
configuration
or,
as
I
call
it
hour
two
because
you
spin
up
the
cluster
and
you
have
these
helm
charts
and
you
have
your
argo
cd
and
you
just
get
things
running
very
quickly.
Manifests
within
these
helm.
Charts
are
active
directory,
binding,
backup
configuration
project
templates
links
that
go
in
the
in
the
console.
B
The
gui
console
of
of
open
shift,
setting
things
like
session
timeouts
to
meet
our
security
requirements,
configuring,
the
cluster
monitoring
operator
and
more
and
these
cluster
configuration
helm,
charts,
allow
us
to
configure
to
to
have
consistent
configuration
across
our
clusters
and
to
organize
those
resources
in
a
way
that
they
can
be
very
easily
continuously
monitored
and
then
there's
the
pipelines
that
make
all
of
this
happen
right.
B
B
So
basically,
we
have
new
pipelines
that
we
created
with
techton,
which
allows
for
easy
pipeline
creation,
there's
the
gui
tool
that
allows
our
developers
and
all
of
the
devops
to
be
able
to
very
easily
create
their
own
pipelines
and
insert
new
tests
and
tools,
and
these
are
used
for
modifying
the
deployment
resources
such
as
the
helm,
charts
like
the
image
tag
in
a
helm
chart
also
for
modifying
terraform
and
other
pipeline
components,
like
other
pipelines,
components
and
more,
and
we
automated
the
publishing
of
helm,
chart
packages
so
that
those
packages
are
up
in
a
helm
registry
and
also
deploying
container
images
to
different
projects
and
registries.
B
Icpsr
has
a
lot
of
security
requirements
that
require
a
lot
of
redundancy
and
a
lot
of
sort
of
siloed
configurations
between
different
stages
and
between
projects.
So
we
often
do
a
lot
of
copy
of
containers
to
different
projects
and
registries,
as
opposed
to
just
allowing
cross
communication
and,
of
course,
argo
cd
to
continuously
monitor
the
helm,
charts
and
other
resources
and
reconcile
them
as
needed.
Here's
an
example
of
a
helm
chart
for
managing
pipeline
resources,
and
it
groups
pipeline
resources
based
on
function
and
allows
for
clear
version.
B
Management
and
argo
cd
can
reconcile
against
the
chart
for
full
get
ups.
This
is
an
example
of
a
tecton
pipeline
with
a
a
web
hook,
so
you
have
the
binding
and
the
listener,
which
is
basically
what
listens
for
the
incoming
connections
and
then
maps
that
and
then
directs
that
to
a
route
which
then
directs
that
to
a
pipeline,
and
so
we
actually
have
this
in
a
help
chart
and
then
a
values
file
allows
us
to
tweak
on
have
particular
values
when
this
chart
gets
deployed,
and
then
configuring
and
managing
external
resources.
B
We
have
repositories
that
contain
external
configuration
components
which
are
applied
via
the
pipeline
for
terraform
for
aws
email
templates
for
amazon's,
ses
service
schema
for
databases
schema
for
apache,
solar
and
a
lot
more,
and
so
we're
getting
to
the
point
where
the
promotion
of
a
get
commit.
Hash
means
not
just
the
code,
but
the
developers
are
working
on
the
devops
engineers
are
working
to
make
it.
So
it's
all
of
the
resources
that
git
commit
hash
represents.
B
Everything
is
ready
for
all
of
the
resources
necessary
to
go
to
the
next
step
and
we
do
use
customize.
We
use
customize
via
pipeline.
B
I
found
it's
best
suited
for
reg
for
singular
resources,
things
that
aren't
part
of
a
collection
that,
where
there
aren't
multiple
things
that
need
to
be
collected
for
this
to
work,
I
modify
pipeline
runs
existing
in
the
deployment
configuration
repositories
and
I
modify
files
that
require
only
very
small
changes
like
one
value
as
it
were,
and
here's
an
example
of
a
pipeline
that
we
have
in
our
git
ups
process.
B
So
we
have
a
what's
called
a
comment
gate
and
so
I'm
starting
to
build
sort
of
a
bot,
basically
infrastructure,
where
using
sort
of
a
chat,
ops
model
commands
can
be
issued
from
the
git
repository
to
trigger
the
pipelines,
and
so
we
have
a
comment
gate.
I
wrote
this
to
filter
comments
and
you
can
set
what
comment
you
want
to
look
for
and
who
it
should
come
from
and
that
allows
the
rest
of
the
pipeline
to
run,
and
so
we've
got
a
git
clone.
B
We've
got
a
a
to
generate
a
new
helm
chart
and
then
pack
package
and
then
publish
that
package
up
to
the
registry
and
so
here's
our
process.
Basically,
we've
got
developers
and
devops
working
together
with
helm,
charts,
get
lab
open
shift,
ocp,
argo
cd,
all
of
this
running
on
top
of
aws,
and
you
can
sort
of
see
a
little
bit
of
the
flow
there.
Obviously
there's
a
lot
more
nuance
going
on,
but
that's
the
basic
process
and
the
results
of
git
ops
of
implementing
git
apps.
B
The
microservices
can
be
reused
quickly
and
efficiently.
Speeding
up
the
creation
of
new
web
applications,
configuration
for
external
dependencies
is
deployed
consistently.
Developers
can
spin
up
new
web
applications
without
server
admin.
B
Intervention,
including
building
one-off
instances
to
test
functionality
and
the
process
of
promoting
applications
through
development,
qa,
uat
and
production
stages
is
efficient
and
less
prone
to
errors
and
resource
usage
can
be
tracked
at
a
higher
rate
of
resolution
as
you're
as
you're
watching
things
get
synchronized
and
what's
needed
in
this
feedback
loop
to
get
pooled
and
what
gets
modified
in
the
git
repository
in
terms
of
deployment.
B
You
know
your
pods
cpu
changes
have
to
be
made
everything.
It's
all
part
of
this
bigger
picture
of
feedback
right
in
a
system
and
clusters
themselves
can
be
scaled
up
quickly
as
well
with
this
get
ops
model
so
suggested
next
steps.
B
If
you're
interested
in
getting
into
this
separate
out
your
deployment
from
your
service
code
strongly
recommended
it,
it
makes
things
a
lot
easier
in
terms
of
management
and
allows
you
to,
if
necessary,
sort
of
control,
access
to
these
things
and
and
separate
out
the
need
of
developers
necessarily
to
have
to
worry
about
learning,
helm
pipelines,
etc.
If
they
don't
want
to
and
or
worry
about,
making
changes
to
that
create
top
level
application
repos
in
git.
B
I
found
this
is
very
helpful,
create
a
an
application,
create
a
group,
a
git
group
within
that
an
application
level
repo,
and
then
your
micro
service,
repos
and
then
references
to
other
resources
if
necessary,
create
top-level
application.
Helm
charts,
as
I
showed
you,
those
sort
of
empty
helm,
charts
that
just
reference.
The
re
respective
microservices
clarify
delineation
of
software
for
an
application
and
software
to
multiple
applications.
So
start
thinking
about.
B
What's
going
to
be
used
once
an
api
or
a
microservice,
or
a
gui
microservice
or
whatever,
what's
going
to
be
used
once
in
this
application
or
what
will
be
used
in
multiple
applications
that
will
affect
some
of
your
design
decisions.
B
Health
checks
for
all
microservices
are
important
to
contribute
towards
sort
of
this
intelligent
life
cycle
of
pulling
information
and
then
modifying
git
resources
and
then
in
turn,
argo
cd
pulling
those
back
up
to
spin
spin
up
changes
as
needed,
and
also
a
mental
shift
to
providing
software
for
consumption
in
other
applications
and
think
and
communicate
in
terms
of
git
commit
hashes.
B
It's
counter-intuitive
to
some
traditional
developers
and
software
engineers
and
sysadmins
to
think
in
terms
of
git
hashes.
But
it's
it's
it's
helpful
because
once
you
start
going
into
this
model
of
git
having
everything
that
hash
is
the
point
in
time,
that's
all
of
the
resources
where
you
want
them
to
be
for
deployment
and
avoid
using
floating
tags.
B
If
you
can
it's,
you
want
a
single
source
of
truth
in
that
git
commit
hash,
improve
your
documentation,
such
as
readme
and
changes
files
to
better
understand
what
the
automation
has
done
and
is
happening,
and
that
will
help
folks
embrace
the
get
ops,
automation
and
reconciliation
process
when
it's
clearly
explained
to
them,
and
it's
explained
how
that
actually
works
in
terms
of
their
particular
software
projects.
B
I've
found
in
a
lot
of
my
work
in
in
leading
this
transition
in
icpsr
is
that
it
you
really
have
to
frame
it
in
reference
to
their
projects,
in
particular
here's
a
list
of
resources.
This
will
be
available
in
the
pdf
of
the
talk.
B
Thank
you
very
much,
and,
of
course,
none
of
this
could
be
done
without
the
hard
work
of
developers
and
devops
engineers
in
icpsr
and
the
support
of
the
get
ops
community,
christian
and
a
lot
of
other
folks
that
are
doing
the
great
work
to
flesh
out
these
ideas,
and
so
that's
my
presentation.
Thank
you
very
much.