Continuous Delivery to Kubernetes using Helm

Adnan Abdulhussein - @prydonius

Agenda•CI/CD on Kubernetes•Helm recap•Demo

CI/CD•Run Unit/Functional Tests… also for PRs•Automatically Build and Push Images•Rollout New Version

Code/config change

Build

Test

Push Docker image

Staging/QA deployment

Production deployment

Manual verification

Code/config change

Build

Test

Push Docker image

Staging/QA deployment

Production deployment

Manual verification

Kubernetes Resource Definitions

MongoDB

Serviceresource

Database tier

Secretresource

Deploymentresource

Application

Serviceresource

Backend tier

Config Mapresource

Deploymentresource

Nginx

Serviceresource

Frontend tier

Deploymentresource

Example: Kubernetes resourceapiVersion: v1kind: Deploymentmetadata:

name: my-appspec:

replicas: 1template:

metadata:labels:app: my-app

spec:containers:- name: my-appimage: prydonius/node-todo:v1.0.0ports:- containerPort: 80livenessProbe:

httpGet:path: /port: http

initialDelaySeconds: 120timeoutSeconds: 5

kubectl apply -f manifests/

sed -i.bak 's#prydonius/node-todo:v1.0.0#${imageTag}#' deployment.yaml

Tool for managing resources as asingle unit

● Reuse resources

● Logically group app resources

● Manage app lifecycles

Charts(packages)

Application definitions

Consist of

Metadata (Chart.yaml)

Documentation

Kubernetes templates

Configuration file (values.yaml)

Can depend on other charts

helm install my-app --set image.tag=${imageTag}

Demo!

Pipeline Stages: Build

environment {IMAGE_NAME = 'prydonius/node-todo'

}

stage('Build') {agent any

steps {checkout scmsh 'docker build -t $IMAGE_NAME:$BUILD_ID .'

}}

Pipeline Stages: Push

stage('Image Release') {agent any

when {expression { env.BRANCH_NAME == 'master' }

}

steps {withCredentials([[$class: 'UsernamePasswordMultiBinding',

credentialsId: 'dockerhub',usernameVariable: 'DOCKER_USERNAME', passwordVariable:

'DOCKER_PASSWORD']]) {sh '''

docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORDdocker push $IMAGE_NAME:$BUILD_ID

'''}

}}

Only release master builds

Pipeline Stages: Staging Deployment

stage('Staging Deployment') {...environment {

RELEASE_NAME = 'todos-staging'SERVER_HOST = 'todos.staging.k8s.prydoni.us'

}

steps {sh '''

. ./helm/helm-init.shhelm dependencies build ./helm/todohelm upgrade --install --namespace staging $RELEASE_NAME ./helm/todo \

--set image.tag=$BUILD_ID,ingress.host=$SERVER_HOST'''

}}

Pipeline Stages: Manual Verification

stage('Deploy to Production?') {when {expression { env.BRANCH_NAME == 'master' }

}

steps {// Prevent any older builds from deploying to productionmilestone(1)input 'Deploy to Production?'milestone(2)

}}

Pipeline Stages: Production Deployment

stage('Production Deployment') {...environment {

RELEASE_NAME = 'todos-production'SERVER_HOST = 'todos.k8s.prydoni.us'

}

steps {sh '''

. ./helm/helm-init.shhelm dependencies build ./helm/todohelm upgrade --install --namespace production $RELEASE_NAME ./helm/todo \

--set image.tag=$BUILD_ID,ingress.host=$SERVER_HOST'''

}}

Helm Community• Over 140 contributors

• Helm 2.4.1 released last week!

• Slack channel: Kubernetes #helm-users

• Public dev meetings: Thursdays @ 9:30 pacific (5:30pm BST)

• Weekly updates & demos at SIG-Apps meetings:Mondays @ 9am pacific (5pm BST)

Join

us!

Thank You