Implementing GitOps with Kubernetes: Automate, manage, scale, and secure infrastructure and cloud-native applications

Implementing GitOps with Kubernetes
Contributors
About the authors
About the reviewers
Preface
   Who this book is for
   What this book covers
   Download the example code files
   Conventions used
   Get in touch
   Share Your Thoughts
   Download a free PDF copy of this book
Part 1: Understanding GitOps via Uncomplicated Orchestrations/ Kubernetes
1
An Introduction to GitOps
   Technical requirements
   GitOps unveiled – reshaping development culture and practices
      Traditional CI/CD with DevOps against GitOps
   The fundamentals of GitOps and the advantages of adopting it for platform engineering
   Why GitOps?
   The integration between GitOps, IaC, and Kubernetes
      GitOps and IaC
      GitOps and Kubernetes
      Kubernetes and Argo CD
      Kubernetes and Flux CD
   Summary
   Further reading
2
Navigating Cloud-native Operations with GitOps
   Technical requirements
   An overview of the integration of GitOps and cloud-native technology
   An introduction to Kubernetes
      What is Kubernetes?
      Kubernetes architecture
   Exploring K3s as a lightweight Kubernetes distribution
      Local cluster setup
      K3s setup and installation verification
      Kubernetes manifest
      Our first deployment with K3s
      Port forwarding
   Getting started with containers
      Docker setup
      Docker alternatives
      Dockerfile
   Sample workflow – effortless CD with Docker and K3s
      Local development
      Dockerizing the application and running it locally
      Publishing the image to a container registry
      Deploying to K3s
   Summary
   Further reading
3
Version Control and Integration with Git and GitHub
   Technical requirements
   Exploring version control systems – local, centralized, and distributed
   Why Git?
      Git setup
      Creating and cloning a Git repository
      The basics of Git
   Exploring GitHub
      GitHub’s ecosystem
      GitHub flow
   Integrating GitOps and GitHub
   Summary
   Further reading
4
Kubernetes with GitOps Tools
   Technical requirements
   Overview of popular GitOps tools
   A deep dive into Helm and Kustomize
      Helm
      Kustomize
   Argo CD integration with Kubernetes
      Argo CD setup
   Flux integration with Kubernetes
      Flux setup
      Deploying to Kubernetes with Flux
   Comparing Argo CD and Flux
   Summary
Part 2: Harnessing Advanced Orchestrations, Culture, and Control in GitOps Practices
5
GitOps at Scale and Multitenancy
   Technical requirements
   Traditional CI/CD versus GitOps CD
   Platform engineering versus IDPs
   Understanding the App of Apps approach
      Use cases of App of Apps combined with examples
      The ApplicationSets approach
      Which approach should be used?
   Understanding multi-cluster management
      One cockpit to rule them all
      One cockpit – multiple fleet and commander concept
   Understanding effective Git repository strategies
      Environment branches
      Environment per Git
      Folders for environments
      Scaling with ApplicationSet generators
   Building a service catalog for Kubernetes
      Building the service catalog
   Exploring native multitenancy with Argo CD
   Exploring multitenancy with vCluster and Argo CD
      Bonus – simplified connection to multiple vClusters – a handy bash script
      Limitations solved in multitenancy with GitOps – a review
   Wrapping up – insights and lessons from multitenancy experiences
   Summary
   References
6
GitOps Architectural Designs and Operational Control
   Exploring diverse GitOps architectural frameworks for Kubernetes environments
   Examining the impact of architectural choices on GitOps’ effectiveness
      Architectural choices impacting GitOps
      Making informed architectural decisions
   Tailoring designs for scalability, resilience, and efficiency in cloud-native deployments
      Scalability in cloud-native architectures
      Resilience through redundancy and isolation
      Efficiency with proactive optimization
      Tailoring designs with GitOps
   Centralized control – managing clusters with a solo Argo instance
      The approach – centralized control
      When to use the centralized control approach
      When to avoid the centralized control approach
   Dedicated instances – instance per cluster with Argo CD
      When to use dedicated Argo CD instances
      When to avoid dedicated Argo CD instances
   Dedicated instances – instance per cluster with Flux CD
   The middle way – instance per logical group with Argo CD
      When to use the middle-way approach
      When not to use the middle-way approach
   The cockpit and fleet approach with Argo CD
      Delving deeper into the approach
      Operational dynamics
      When to use the cockpit and fleet approach
      When not to use the cockpit and fleet approach
      Choosing the right approach for your GitOps needs
   Centralized Kubernetes cluster creation – leveraging Cluster API and Argo CD for streamlined cluster deployment
      Introduction to Cluster API
      How Cluster API is leveraged by different companies
   A deep dive into Cluster API and GitOps – hands-on
      Initializing the management cluster
      Creating your first workload cluster
   Summary
   References
7
Cultural Transformation in IT for Embracing GitOps
   Treating infrastructure as an application
      Understanding IaC
      Understanding infrastructure as applications in Argo CD’s GitOps framework
      Embracing infra-as-apps – bridging GitOps and infrastructure management
      How IaC can be used to deploy infrastructure
      Why infra-as-apps is a game-changer?
   Understanding the principles of immutable infrastructure
      The essence of immutable infrastructure
      Integrating immutable infrastructure with GitOps
   Introducing DORA metrics
   Understanding the need for continual improvement in GitOps
   Overcoming cultural barriers to adopt GitOps
      A project’s story – exchange, experiences, and learnings
      Essential Q&A from another recent project
   Summary
   References
Part 3: Hands-on Automating Infrastructure and CI/CD with GitOps
8
GitOps with OpenShift
   Technical requirements
   Introduction to Red Hat OpenShift
      Red Hat OpenShift environment setup
      Troubleshooting OpenShift CRC setup issues
   Setting Up GitOps in Red Hat OpenShift
   Leveraging Red Hat OpenShift’s CI/CD for GitOps
   Automation and configuration best practices
   A comparison of Kubernetes Red Hat OpenShift
   Summary
9
GitOps for Azure and AWS Deployments
   Technical requirements
      Azure and AWS accounts
   Cloud GitOps essentials – Azure and AWS
      Azure GitOps essentials
      AWS GitOps essentials
   GitOps applications in cloud environments
      Cross-cloud strategies
   GitOps strategies for Azure and AWS deployments for Kubernetes
      Azure GitOps strategies
      AWS GitOps strategies
   Summary
10
GitOps for Infrastructure Automation – Terraform and Flux CD
   Technical requirements
   Introducing infrastructure automation with Terraform and Flux CD
   Setting up Terraform in a GitOps workflow
      Tofu Controller (formerly Weave TF-Controller)
      Getting started with the setup
   Exploring Flux CD – enabling CD in Kubernetes
   Combining Terraform and Flux CD for enhanced automation
      Providing new infrastructure by updating Terraform files
      Enhanced disaster recovery capabilities
      Creating and managing multi-stage environments
   Version control and automation with Terraform and Flux CD
      Security and best practices with Terraform and Flux CD
      Best practices for configuration and maintenance
      Best practices for managing multi-environment configurations
      Git workflow strategies
   Multi-environment management with Terraform and Flux CD
   Summary
11
Deploying Real-World Projects with GitOps on Kubernetes
   Technical requirements
   Establishing a GitOps and Kubernetes development environment
   Implementing CI/CD with GitOps
      Final objective and implementation
      CI/CD pipeline using GitHub Actions and Terraform
      Using Argo CD for the continuous deployment
   Designing for scalability and efficiency
      Architectural principles
      Resource management
      Testing for scalability
   Resources management and scalability
      Optimizing resource usage
      Implementing the HPA
      Testing for scalability – an example
   Monitoring and securing your application
      Monitoring
      Setting up Prometheus and Grafana
      Understanding Kubernetes security
   Summary
Part 4: Operational Excellence Through GitOps Best Practices
12
Observability with GitOps
   Exploring the fundamentals of SRE for GitOps and Kubernetes
      The intersection of SRE with GitOps
      SRE principles in a Kubernetes context
   Understanding internal (white box) versus external (black box) observability
      Internal or white box observability explained
      External or black box observability defined
      Balancing internal and external observability
   Exploring SLO-driven multi-stage performance with DORA
      Integrating SLOs with DORA metrics
      Applying a multi-stage approach
   Implementing distributed tracing in GitOps with Linkerd
   Implementing monitoring in GitOps with tools such as Uptime Kuma and OpenTelemetry
      Uptime Kuma – the external watchdog for your online services
      OpenTelemetry – a unified observability framework
   Looking at alerting strategies in a GitOps framework
      Some relevant alerting rules
      Diving deeper into node overcommitment in Kubernetes
   Scaling observability with GitOps
      Scaling observability components
      Organizational strategies for effective observability
      Selecting the right observability tools for specific use cases
      Enterprise-level best practices with observability and GitOps
   Summary
   References
13
Security with GitOps
   Hardening declarative GitOps CD on Kubernetes
      Addressing configuration vulnerabilities
      Enhancing password management and RBAC
   Committing everything to Git? What about Secrets?
      Sealed Secrets
      External Secrets
   Leveraging a policy engine for policy-as-code practices
      Integrating Kyverno and OPA
      Hands on – let’s put theory into practice [6]
   Automating security scanning and compliance
      KubeClarity
      Falco
   Keeping your platform catalog up-to-date
   Summary
   References
14
FinOps, Sustainability, AI, and Future Trends for GitOps
   Covering the fundamentals of FinOps
   Forecasting and monitoring costs with GitOps
      How GitOps complements FinOps
      Utilizing GitOps with FinOps
      OpenCost versus Kubecost with GitOps
   Optimization techniques for cloud spend
      Combining GitOps and Kubecost for cloud spend optimization
   Assessing carbon footprint and promoting green operations
      Assessing carbon footprint with kube-green
      Promoting green operations with Armada
      Assessing carbon footprint by integrating with GitOps
   Looking at GitOps and AI-driven automation
      Robusta.dev
   Future challenges and opportunities in GitOps
   The role of GitOps in emerging technologies
   Summary
   References
Index
   Why subscribe?
Other Books You May Enjoy
   Packt is searching for authors like you
   Share Your Thoughts
   Download a free PDF copy of this book