Let's Talk DevOps

Real-World DevOps, Real Solutions

Tag: DevOps

Implementing CI/CD with Kubernetes: A Guide Using Argo and Harbor
Why CI/CD?

Continuous Integration (CI) and Continuous Deployment (CD) are essential practices in modern software development, enabling teams to automate the testing and deployment of applications. Kubernetes, an open-source platform for managing containerized workloads and services, has become the go-to solution for deploying, scaling, and managing applications. Integrating CI/CD pipelines with Kubernetes can significantly enhance the efficiency and reliability of software delivery processes. In this blog post, we’ll explore how to implement CI/CD with Kubernetes using two powerful tools: Argo for continuous deployment and Harbor as a container registry.

Understanding CI/CD and Kubernetes

Before diving into the specifics, let’s briefly understand what CI/CD and Kubernetes are:
- Continuous Integration (CI): A practice where developers frequently merge their code changes into a central repository, after which automated builds and tests are run. The main goals of CI are to find and address bugs quicker, improve software quality, and reduce the time it takes to validate and release new software updates.
- Continuous Deployment (CD): The next step after continuous integration, where all code changes are automatically deployed to a staging or production environment after the build stage. This ensures that the codebase is always in a deployable state.
- Kubernetes: An open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery.
Why Use Argo and Harbor with Kubernetes?
- Argo CD: A declarative, GitOps continuous delivery tool for Kubernetes. Argo CD facilitates the automated deployment of applications to specified target environments based on configurations defined in a Git repository. It simplifies the management of Kubernetes resources and ensures that the live applications are synchronized with the desired state specified in Git.
- Harbor: An open-source container image registry that secures artifacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted. Harbor integrates well with Kubernetes, providing a reliable location for storing and managing container images.
Implementing CI/CD with Kubernetes Using Argo and Harbor

Step 1: Setting Up Harbor as Your Container Registry
1. Install Harbor: First, you need to install Harbor on your Kubernetes cluster. You can use Helm, a package manager for Kubernetes, to simplify the installation process. Ensure you have Helm installed and then add the Harbor chart repository:
```
   helm repo add harbor https://helm.goharbor.io
   helm install my-harbor harbor/harbor
```
1. Configure Harbor: After installation, configure Harbor by accessing its web UI through the exposed service IP or hostname. Set up projects, users, and access controls as needed.
2. Push Your Container Images: Build your Docker images and push them to your Harbor registry. Ensure your Kubernetes cluster can access Harbor and pull images from it.
```
   docker tag my-app:latest my-harbor-domain.com/my-project/my-app:latest
   docker push my-harbor-domain.com/my-project/my-app:latest
```
Step 2: Setting Up Argo CD for Continuous Deployment
1. Install Argo CD: Install Argo CD on your Kubernetes cluster. You can use the following commands to create the necessary resources:
```
   kubectl create namespace argocd
   kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
```
1. Access Argo CD: Access the Argo CD UI by exposing the Argo CD API server service. You can use port forwarding:
```
   kubectl port-forward svc/argocd-server -n argocd 8080:443
```
Then, access the UI through http://localhost:8080.
1. Configure Your Application in Argo CD: Define your application in Argo CD, specifying the source (your Git repository) and the destination (your Kubernetes cluster). You can do this through the UI or by applying an application manifest file.
```
   apiVersion: argoproj.io/v1alpha1
   kind: Application
   metadata:
     name: my-app
     namespace: argocd
   spec:
     project: default
     source:
       repoURL: 'https://my-git-repo.com/my-app.git'
       path: k8s
       targetRevision: HEAD
     destination:
       server: 'https://kubernetes.default.svc'
       namespace: my-app-namespace
```
1. Deploy Your Application: Once configured, Argo CD will automatically deploy your application based on the configurations in your Git repository. It continuously monitors the repository for changes and applies them to your Kubernetes cluster, ensuring that the deployed applications are always up-to-date.
2. Monitor and Manage Deployments: Use the Argo CD UI to monitor the status of your deployments, visualize the application topology, and manage rollbacks or manual syncs if necessary.
Wrapping it all up

Integrating CI/CD pipelines with Kubernetes using Argo for continuous deployment and Harbor as a container registry can streamline the process of building, testing, and deploying applications. By leveraging these tools, teams can achieve faster development cycles, improved reliability, and better security practices. Remember, the key to successful CI/CD implementation lies in continuous testing, monitoring, and feedback throughout the lifecycle of your applications.

Want more? Just ask in the comments.
March 6, 2024
Declarative vs Imperative Operations in Kubernetes: A Deep Dive with Code Examples
Kubernetes, the de facto orchestrator for containerized applications, offers two distinct approaches to managing resources: declarative and imperative. Understanding the nuances between these two can significantly impact the efficiency, reliability, and scalability of your applications. In this post, we’ll dissect the differences, advantages, and use cases of declarative and imperative operations in Kubernetes, supplemented with code examples for popular workloads.

Imperative Operations: Direct Control at Your Fingertips

Imperative operations in Kubernetes involve commands that make changes to the cluster directly. This approach is akin to giving step-by-step instructions to Kubernetes about what you want to happen. It’s like telling a chef exactly how to make a dish, rather than giving them a recipe to follow.

Example: Running an NGINX Deployment

Consider deploying an NGINX server. An imperative command would be:
```
kubectl run nginx --image=nginx:1.17.10 --replicas=3
```
This command creates a deployment named nginx, using the nginx:1.17.10 image, and scales it to three replicas. It’s straightforward and excellent for quick tasks or one-off deployments.

Modifying a Deployment Imperatively

To update the number of replicas imperatively, you’d execute:
```
kubectl scale deployment/nginx --replicas=5
```
This command changes the replica count to five. While this method offers immediate results, it lacks the self-documenting and version control benefits of declarative operations.

Declarative Operations: The Power of Describing Desired State

Declarative operations, on the other hand, involve defining the desired state of the system in configuration files. Kubernetes then works to make the cluster match the desired state. It’s like giving the chef a recipe; they know the intended outcome and can figure out how to get there.

Example: NGINX Deployment via a Manifest File

Here’s how you would define the same NGINX deployment declaratively:
```
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.17.10
```
You would apply this configuration using:
```
kubectl apply -f nginx-deployment.yaml
```
Updating a Deployment Declaratively

To change the number of replicas, you would edit the nginx-deployment.yaml file to set replicas: 5 and reapply it.
```
spec:
  replicas: 5
```
Then apply the changes:
```
kubectl apply -f nginx-deployment.yaml
```
Kubernetes compares the desired state in the YAML file with the current state of the cluster and makes the necessary changes. This approach is idempotent, meaning you can apply the configuration multiple times without changing the result beyond the initial application.

Best Practices and When to Use Each Approach

Imperative:
- Quick Prototyping: When you need to quickly test or prototype something, imperative commands are the way to go.
- Learning and Debugging: For beginners learning Kubernetes or when debugging, imperative commands can be more intuitive and provide immediate feedback.
Declarative:
- Infrastructure as Code (IaC): Declarative configurations can be stored in version control, providing a history of changes and facilitating collaboration.
- Continuous Deployment: In a CI/CD pipeline, declarative configurations ensure that the deployed application matches the source of truth in your repository.
- Complex Workloads: Declarative operations shine with complex workloads, where dependencies and the order of operations can become cumbersome to manage imperatively.
Conclusion

In Kubernetes, the choice between declarative and imperative operations boils down to the context of your work. For one-off tasks, imperative commands offer simplicity and speed. However, for managing production workloads and achieving reliable, repeatable deployments, declarative operations are the gold standard.

As you grow in your Kubernetes journey, you’ll likely find yourself using a mix of both approaches. The key is to understand the strengths and limitations of each and choose the right tool for the job at hand.

Remember, Kubernetes is a powerful system that demands respect for its complexity. Whether you choose the imperative wand or the declarative blueprint, always aim for practices that enhance maintainability, scalability, and clarity within your team. Happy orchestrating!
November 10, 2023
Leveraging Automation in Managing Kubernetes Clusters: The Path to Efficient Operation
Automation in managing Kubernetes clusters has burgeoned into an essential practice that enhances efficiency, security, and the seamless deployment of applications. With the exponential growth in containerized applications, automation has facilitated streamlined operations, reducing the room for human error while significantly saving time. Let’s delve deeper into the crucial role automation plays in managing Kubernetes clusters.

The Imperative of Automation in Kubernetes

The Kubernetes Landscape

Before delving into the nuances of automation, let’s briefly recapitulate the fundamental components of Kubernetes, encompassing pods, nodes, and clusters, and their symbiotic relationships facilitating a harmonious operational environment.

The Need for Automation

Automation emerges as a vanguard in managing complex environments effortlessly, fostering efficiency, reducing downtime, and ensuring the optimal utilization of resources.

Efficiency and Scalability

Automation in Kubernetes ensures that clusters can dynamically scale based on the workload, fostering efficiency, and resource optimization.

Reduced Human Error

Automating repetitive tasks curtails the scope of human error, facilitating seamless operations and mitigating security risks.

Cost Optimization

Through efficient resource management, automation aids in cost reduction by optimizing resource allocation dynamically.

Automation Tools and Processes

CI/CD Pipelines

Continuous Integration and Continuous Deployment (CI/CD) pipelines are at the helm of automation, fostering swift and efficient deployment cycles.
```
pipeline:
  build:
    image: node:14
    commands:
      - npm install
      - npm test
  deploy:
    image: google/cloud-sdk
    commands:
      - gcloud container clusters get-credentials cluster-name --zone us-central1-a
      - kubectl apply -f k8s/
```
Declarative Example 1: A simple CI/CD pipeline example.

Infrastructure as Code (IaC)

IaC facilitates the programmable infrastructure, rendering a platform where systems and devices can be managed through code.
```
apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
  - name: mycontainer
    image: nginx
```
Declarative Example 2: Defining a Kubernetes pod using IaC.

Configuration Management

Tools like Ansible and Chef aid in configuration management, ensuring system uniformity and adherence to policies.
```
- hosts: kubernetes_nodes
  tasks:
    - name: Ensure Kubelet is installed
      apt: 
        name: kubelet
        state: present
```
Declarative Example 3: Using Ansible for configuration management.

Section 3: Automation Use Cases in Kubernetes

Auto-scaling

Auto-scaling facilitates automatic adjustments to the system’s computational resources, optimizing performance and curtailing costs.

Horizontal Pod Autoscaler

Kubernetes’ Horizontal Pod Autoscaler automatically adjusts the number of pod replicas in a replication controller, deployment, or replica set based on observed CPU utilization.
```
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
  name: myapp-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: myapp
  minReplicas: 1
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 50
```
Declarative Example 4: Defining a Horizontal Pod Autoscaler in Kubernetes.

Automated Rollouts and Rollbacks

Kubernetes aids in automated rollouts and rollbacks, ensuring application uptime and facilitating seamless updates and reversions.

Deployment Strategies

Deployment strategies such as blue-green and canary releases can be automated in Kubernetes, facilitating controlled and safe deployments.
```
apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp
spec:
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
  selector:
    matchLabels:
      app: myapp
  template:
    metadata:
      labels:
        app: myapp
    spec:
      containers:
      - name: myapp
        image: myapp:v2
```
Declarative Example 5: Configuring a rolling update strategy in a Kubernetes deployment.

Conclusion: The Future of Kubernetes with Automation

As Kubernetes continues to be the front-runner in orchestrating containerized applications, the automation integral to its ecosystem fosters efficiency, security, and scalability. Through a plethora of tools and evolving best practices, automation stands central in leveraging Kubernetes to its fullest potential, orchestrating seamless operations, and steering towards an era of self-healing systems and zero-downtime deployments.

In conclusion, the ever-evolving landscape of Kubernetes managed through automation guarantees a future where complex deployments are handled with increased efficiency and reduced manual intervention. Leveraging automation tools and practices ensures that Kubernetes clusters not only meet the current requirements but are also future-ready, paving the way for a robust, scalable, and secure operational environment.

References:
1. Kubernetes Official Documentation. Retrieved from https://kubernetes.io/docs/
2. Jenkins, CI/CD, and Kubernetes: Integrating CI/CD with Kubernetes (2021). Retrieved from https://www.jenkins.io/doc/book/
November 9, 2023
How to Create a Pull Request Using GitHub Through VSCode
Visual Studio Code (VSCode) has risen as a favorite among developers due to its extensibility and tight integration with many tools, including GitHub. In this tutorial, we’ll cover how to create a pull request (PR) on GitHub directly from VSCode. Given that our audience is highly technical, we’ll provide detailed steps along with screenshots and necessary code.

Prerequisites:
- VSCode Installed: If not already, download and install from VSCode’s official website.
- GitHub Account: You’ll need a GitHub account to interact with repositories.
- Git Installed: Ensure you have git installed on your machine.
- GitHub Pull Requests and Issues Extension: Install it from the VSCode Marketplace.
Steps:

Clone Your Repository

First, ensure you have the target repository cloned on your local machine. If not:
```
git clone <repository-url>
```
Open Repository in VSCode

Navigate to the cloned directory:
```
cd <repository-name>
```
Launch VSCode in this directory:
```
code .
```
Create a New Branch

Before making any changes, it’s best practice to create a new branch. In the bottom-left corner of VSCode, click on the current branch name (likely main or master). A top bar will appear. Click on + Create New Branch and give it a meaningful name related to your changes.

Make Your Changes

Once you’re on your new branch, make the necessary changes to the code or files. VSCode’s source control tab (represented by the branch icon on the sidebar) will list the changes made.

Stage and Commit Changes

Click on the + icon next to each changed file to stage the changes. Once all changes are staged, enter a commit message in the text box and click the checkmark at the top to commit.

Push the Branch to GitHub

Click on the cloud-upload icon in the bottom-left corner to push your branch to GitHub.

Create a Pull Request

With the GitHub Pull Requests and Issues Extension installed, you’ll see a GitHub icon in the sidebar. Clicking on this will reveal a section titled GitHub Pull Requests.

Click on the + icon next to it. It’ll fetch the branch and present a UI to create a PR. Fill in the necessary details:
- Title: Summarize the change in a short sentence.
- Description: Provide a detailed description of what changes were made and why.
- Base Repository: The repository to which you want to merge the changes.
- Base: The branch (usually main or master) to which you want to merge the changes.
- Head Repository: Your forked repository (if you’re working on a fork) or the original one.
- Compare: Your feature/fix branch.
Once filled, click Create.

Review and Merge

Your PR is now on GitHub. It can be reviewed, commented upon, and eventually merged by maintainers.

Conclusion

VSCode’s deep integration with GitHub makes it a breeze to handle Git operations, including creating PRs. By following this guide, you can streamline your Git workflow without ever leaving your favorite editor!
November 7, 2023
7 things all devops practitioners need from Git
Git is a powerful tool for version control, enabling multiple developers to work together on the same codebase without stepping on each other’s toes. It’s a complex system with many features, and getting to grips with it can be daunting. Here are seven insights that I wish I had known when I started working with Git.

The Power of git log

The git log command is much more powerful than it first appears. It can show you the history of changes in a variety of formats, which can be extremely helpful for understanding the evolution of a project.
```
# Show the commit history in a single line per commit
git log --oneline

# Show the commit history with graph, date, and abbreviated commits
git log --graph --date=short --pretty=format:'%h - %s (%cd)'
```
Branching is Cheap

Branching in Git is incredibly lightweight, which means you should use branches liberally. Every new feature, bug fix, or experiment should have its own branch. This keeps changes organized and isolated from the main codebase until they’re ready to be merged.
```
# Create a new branch
git branch new-feature

# Switch to the new branch
git checkout new-feature
```
Or do both with:
```
# Create and switch to the new branch
git checkout -b new-feature
```
git stash is Your Friend

When you need to quickly switch context but don’t want to commit half-done work, git stash is incredibly useful. It allows you to save your current changes away and reapply them later.
```
# Stash your current changes
git stash

# List all stashes
git stash list

# Apply the last stashed changes and remove it from the stash list
git stash pop
```
git rebase for a Clean History

While merging is the standard way to bring a feature branch up to date with the main branch, rebasing can often result in a cleaner project history. It’s like saying, “I want my branch to look as if it was based on the latest state of the main branch.”
```
# Rebase your current branch on top of the main branch
git checkout feature-branch
git rebase main
```
Note: Rebasing rewrites history, which can be problematic for shared branches.

The .gitignore File

The .gitignore file is crucial for keeping your repository clean of unnecessary files. Any file patterns listed in .gitignore will be ignored by Git.
```
# Ignore all .log files
*.log

# Ignore a specific file
config.env

# Ignore everything in a directory
tmp/**
```
git diff Shows More Than Just Differences

git diff can be used in various scenarios, not just to show the differences between two commits. You can use it to see changes in the working directory, changes that are staged, and even differences between branches.
```
# Show changes in the working directory that are not yet staged
git diff

# Show changes that are staged but not yet committed
git diff --cached

# Show differences between two branches
git diff main..feature-branch
```
The Reflog Can Save You

The reflog is an advanced feature that records when the tips of branches and other references were updated in the local repository. It’s a lifesaver when you’ve done something wrong and need to go back to a previous state.
```
# Show the reflog
git reflog

# Reset to a specific entry in the reflog
git reset --hard HEAD@{1}
```
Remember: The reflog is a local log, so it only contains actions you’ve taken in your repository.

Understanding these seven aspects of Git can make your development workflow much more efficient and less error-prone. Git is a robust system with a steep learning curve, but with these tips in your arsenal, you’ll be better equipped to manage your projects effectively.
November 6, 2023