SlideShare a Scribd company logo

Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Your CI/CD

Nico Meisenzahl
Nico Meisenzahl

Learn how to eliminate any dependencies on your CI/CD build nodes and don’t bother yourself with multiple versions of your toolchain and any corresponding constraints. Walk away with knowledge and best practices that will help you to optimize your builds and deployments with containerized pipelines! Use containerized GitLab CI/CD pipelines and Kaniko to move your build and deployment workloads into your Kubernetes cluster. Build your apps and infrastructure without any external dependencies and constraints. If you are building a Go project, deploying an app to Kubernetes or just building your infrastructure. It doesn’t matter, anything is possible! Join Nico on a deep dive into the secrets of building hassle-free containerized build and deployment pipelines with GitLab CI/CD, Kubernetes and Kaniko.

Technology
1 of 18
Download to read offline
How Containerized Pipelines and Kubernetes Can Boost Your CI/CD GitLab Virtual Meetup, July 2020
Nico Meisenzahl • Senior Cloud & DevOps Consultant at white duck • GitLab Hero, Microsoft MVP & Docker Community Leader • loves Kubernetes, DevOps and Cloud © white duck GmbH 2020 Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org
Agenda • GitLab and Kubernetes • containerized pipeline – why? • pipeline workload on Kubernetes with GitLab CI/CD • container image builds on Kubernetes with Kaniko © white duck GmbH 2020
GitLab & Kubernetes A perfect fit! • Gitlab hosted on Kubernetes • containerized pipelines • monitoring & tracing stack • functions and serverless apps • Review Apps • Auto DevOps © white duck GmbH 2020
Containerized Pipelines – Why? • for the same reasons why you should use containers • isolation • dependencies • scalability • immutability • example: your new project needs version X all others still require Y • you can include any kind of build / deploy dependency • NodeJS, .NET Core, Go, Terraform, Ansible… you name it © white duck GmbH 2020
docker run • running Docker on build hosts is a familiar pattern • but: docker run pipeline jobs have some issues • containers are immutable • you will end up managing caching and artifacts on your own • (and we're not even talking about building containers) © white duck GmbH 2020
GitLab Runner Kubernetes executor • a Gitlab Runner that is aware of Kubernetes • integrates your CI/CD with Kubernetes • runs itself within your Kubernetes Cluster (as pod) • schedules pipeline jobs as pods • allows you to share your compute and scale your pipelines • easy deployment • one-click • production ready Helm deployment • via CI/CD (alpha) © white duck GmbH 2020
Cloning, Caching and Artifacts • GitLab Runner Kubernetes executor runs service containers within the pipeline job pod to handle cloning, caching and artifacts • every pipeline job contains out of these stages • prepare → creates pod with build and service containers • pre-build → clones repo, restore cache, download artifacts • build → user build steps • post-build → creates caches and upload artifacts © white duck GmbH 2020
Advanced topics • supports advanced configurations like • resource limits for build jobs • CI services for build dependencies • node selectors for runners • … © white duck GmbH 2020
Demo: GitLab Runner Kubernetes executor • GitLab Kubernetes Integration • GitLab Runner Kubernetes executor deployment © white duck GmbH 2020
Pipeline job image • contains everything a single pipeline job needs • binaries, libraries, tools, ... • provide all external dependencies • use a pipeline to build/rebuild it periodically (security fixes!) • you should define fix versions for your dependencies • use caching to speed up your builds © white duck GmbH 2020
Pipeline job image © white duck GmbH 2020
Demo • containerized deploy pipeline • https://gitlab.com/gitlab-commit-demo/containerized-appdeploy-sample © white duck GmbH 2020
Container Image builds on Kubernetes • you may used Docker-in-Docker to build containers in containers • DinD has some issues • exposing Docker socket • mounting /var/lib/docker • privileged mode • those might be acceptable on a build host but not in a Kubernetes cluster © white duck GmbH 2020
Image builds with Kaniko • image builds without the need of any privileges or dependencies • runs in a container (gcr.io/kaniko-project/executor) • easy to use • you should think about caching to speed up your pipeline • layer caching (layers get pushed pushed to a registry) • base image caching (GitLab cache) © white duck GmbH 2020
Image builds on Kubernetes with Kaniko © white duck GmbH 2020
Demo • containerized image builds on Kubernetes with Kaniko • https://gitlab.com/gitlab-commit-demo/containerized-jobimage-sample © white duck GmbH 2020
Questions? Slides: https://www.slideshare.net/nmeisenzahl Demos: https://gitlab.com/gitlab-commit-demo Nico Meisenzahl (Senior Cloud & DevOps Consultant) Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org © white duck GmbH 2020

Recommended

Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Nico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
Nico Meisenzahl
 
FestiveTechCalendar2021 - Have Yourself An​ Azure Container Registry
FestiveTechCalendar2021 - Have Yourself An​ Azure Container RegistryFestiveTechCalendar2021 - Have Yourself An​ Azure Container Registry
FestiveTechCalendar2021 - Have Yourself An​ Azure Container Registry
Philip Welz
 
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureAzure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Nico Meisenzahl
 
GitHub Actions 101
GitHub Actions 101GitHub Actions 101
GitHub Actions 101
Nico Meisenzahl
 
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Nico Meisenzahl
 
Neues aus dem Docker-Universum
Neues aus dem Docker-UniversumNeues aus dem Docker-Universum
Neues aus dem Docker-Universum
Nicholas Dille
 

Recommended

Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Nico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
Nico Meisenzahl
 
FestiveTechCalendar2021 - Have Yourself An​ Azure Container Registry
FestiveTechCalendar2021 - Have Yourself An​ Azure Container RegistryFestiveTechCalendar2021 - Have Yourself An​ Azure Container Registry
FestiveTechCalendar2021 - Have Yourself An​ Azure Container Registry
Philip Welz
 
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on AzureAzure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Nico Meisenzahl
 
GitHub Actions 101
GitHub Actions 101GitHub Actions 101
GitHub Actions 101
Nico Meisenzahl
 
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Nico Meisenzahl
 
Neues aus dem Docker-Universum
Neues aus dem Docker-UniversumNeues aus dem Docker-Universum
Neues aus dem Docker-Universum
Nicholas Dille
 
EVE Microservices Platform
EVE Microservices PlatformEVE Microservices Platform
EVE Microservices Platform
Alaa Qutaish
 
Continuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack KubernetesContinuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack Kubernetes
Nico Meisenzahl
 
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open SourceEnhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Nico Meisenzahl
 
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
Nico Meisenzahl
 
Azure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service OperatorAzure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service Operator
Nico Meisenzahl
 
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...
Nico Meisenzahl
 
Docker Rosenheim Meetup: Policy & Governance for Kubernetes
Docker Rosenheim Meetup: Policy & Governance for KubernetesDocker Rosenheim Meetup: Policy & Governance for Kubernetes
Docker Rosenheim Meetup: Policy & Governance for Kubernetes
Nico Meisenzahl
 
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CDDevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
Nico Meisenzahl
 
DevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CDDevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CD
Nico Meisenzahl
 
Was ist ein Service Mesh und wie funktioniert es?
Was ist ein Service Mesh und wie funktioniert es?Was ist ein Service Mesh und wie funktioniert es?
Was ist ein Service Mesh und wie funktioniert es?
Cloud Native Rosenheim Meetup
 
azdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Clusterazdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Cluster
Nico Meisenzahl
 
Virtual Azure Community Day: Azure Kubernetes Service Basics
Virtual Azure Community Day: Azure Kubernetes Service BasicsVirtual Azure Community Day: Azure Kubernetes Service Basics
Virtual Azure Community Day: Azure Kubernetes Service Basics
Nico Meisenzahl
 
Die Evolution von Container Image Builds
Die Evolution von Container Image BuildsDie Evolution von Container Image Builds
Die Evolution von Container Image Builds
Nico Meisenzahl
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
Nico Meisenzahl
 
Global Azure Virtual: Container & Kubernetes on Azure
Global Azure Virtual: Container & Kubernetes on AzureGlobal Azure Virtual: Container & Kubernetes on Azure
Global Azure Virtual: Container & Kubernetes on Azure
Nico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
Nico Meisenzahl
 
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Nico Meisenzahl
 
Global Azure Bootcamp: Container, Docker & Kubernetes Basics
Global Azure Bootcamp: Container, Docker & Kubernetes BasicsGlobal Azure Bootcamp: Container, Docker & Kubernetes Basics
Global Azure Bootcamp: Container, Docker & Kubernetes Basics
Nico Meisenzahl
 
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
Nico Meisenzahl
 
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasEffiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Nico Meisenzahl
 
Containerized Build & Deployment Pipelines
Containerized Build & Deployment PipelinesContainerized Build & Deployment Pipelines
Containerized Build & Deployment Pipelines
Nico Meisenzahl
 

More Related Content

What's hot

GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
Nico Meisenzahl
 
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CDDevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
Nico Meisenzahl
 
DevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CDDevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CD
Nico Meisenzahl
 
Was ist ein Service Mesh und wie funktioniert es?
Was ist ein Service Mesh und wie funktioniert es?Was ist ein Service Mesh und wie funktioniert es?
Was ist ein Service Mesh und wie funktioniert es?
Cloud Native Rosenheim Meetup
 
Die Evolution von Container Image Builds
Die Evolution von Container Image BuildsDie Evolution von Container Image Builds
Die Evolution von Container Image Builds
Nico Meisenzahl
 
Global Azure Virtual: Container & Kubernetes on Azure
Global Azure Virtual: Container & Kubernetes on AzureGlobal Azure Virtual: Container & Kubernetes on Azure
Global Azure Virtual: Container & Kubernetes on Azure
Nico Meisenzahl
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
Nico Meisenzahl
 

What's hot (19)

EVE Microservices Platform
EVE Microservices PlatformEVE Microservices Platform
EVE Microservices Platform
 
Continuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack KubernetesContinuous Lifecycle: Hijack Kubernetes
Continuous Lifecycle: Hijack Kubernetes
 
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open SourceEnhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
 
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
 
Azure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service OperatorAzure Rosenheim Meetup: Azure Service Operator
Azure Rosenheim Meetup: Azure Service Operator
 
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...
 
Docker Rosenheim Meetup: Policy & Governance for Kubernetes
Docker Rosenheim Meetup: Policy & Governance for KubernetesDocker Rosenheim Meetup: Policy & Governance for Kubernetes
Docker Rosenheim Meetup: Policy & Governance for Kubernetes
 
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CDDevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
 
DevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CDDevOpsCon London: How containerized Pipelines can boost your CI/CD
DevOpsCon London: How containerized Pipelines can boost your CI/CD
 
Was ist ein Service Mesh und wie funktioniert es?
Was ist ein Service Mesh und wie funktioniert es?Was ist ein Service Mesh und wie funktioniert es?
Was ist ein Service Mesh und wie funktioniert es?
 
azdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Clusterazdevcom - Hijack a Kubernetes Cluster
azdevcom - Hijack a Kubernetes Cluster
 
Virtual Azure Community Day: Azure Kubernetes Service Basics
Virtual Azure Community Day: Azure Kubernetes Service BasicsVirtual Azure Community Day: Azure Kubernetes Service Basics
Virtual Azure Community Day: Azure Kubernetes Service Basics
 
Die Evolution von Container Image Builds
Die Evolution von Container Image BuildsDie Evolution von Container Image Builds
Die Evolution von Container Image Builds
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDGitLab Commit: Enhance your Compliance with Policy-Based CI/CD
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
 
Global Azure Virtual: Container & Kubernetes on Azure
Global Azure Virtual: Container & Kubernetes on AzureGlobal Azure Virtual: Container & Kubernetes on Azure
Global Azure Virtual: Container & Kubernetes on Azure
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
 
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
 
Global Azure Bootcamp: Container, Docker & Kubernetes Basics
Global Azure Bootcamp: Container, Docker & Kubernetes BasicsGlobal Azure Bootcamp: Container, Docker & Kubernetes Basics
Global Azure Bootcamp: Container, Docker & Kubernetes Basics
 

Similar to Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Your CI/CD

GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
Nico Meisenzahl
 
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasEffiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Nico Meisenzahl
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
Cloud Native Rosenheim Meetup
 
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native WayAzure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Nico Meisenzahl
 
ContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack KubernetesContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack Kubernetes
Nico Meisenzahl
 
Использование AzureDevOps при разработке микросервисных приложений
Использование AzureDevOps при разработке микросервисных приложенийИспользование AzureDevOps при разработке микросервисных приложений
Использование AzureDevOps при разработке микросервисных приложений
Vitebsk Miniq
 
Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools
Akihiro Suda
 
ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...
Nico Meisenzahl
 
Festive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networkingFestive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networking
Nico Meisenzahl
 

Similar to Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Your CI/CD (20)

GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
 
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt dasEffiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
 
Containerized Build & Deployment Pipelines
Containerized Build & Deployment PipelinesContainerized Build & Deployment Pipelines
Containerized Build & Deployment Pipelines
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
 
How to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being HackedHow to Prevent Your Kubernetes Cluster From Being Hacked
How to Prevent Your Kubernetes Cluster From Being Hacked
 
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being HackedKCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
 
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native WayAzure Service Operator - Provision Your Resources in a Cloud-Native Way
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
 
All Things Cloud Native Meetup: Azure Kubernetes Service Basics
All Things Cloud Native Meetup: Azure Kubernetes Service BasicsAll Things Cloud Native Meetup: Azure Kubernetes Service Basics
All Things Cloud Native Meetup: Azure Kubernetes Service Basics
 
Build pipelines with bitbucket for Magento
Build pipelines with bitbucket for MagentoBuild pipelines with bitbucket for Magento
Build pipelines with bitbucket for Magento
 
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
AzDevCom 2022 - YAMLize your infrastructure with the Azure Service Operator a...
 
Hijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a WalkthroughHijack a Kubernetes Cluster - a Walkthrough
Hijack a Kubernetes Cluster - a Walkthrough
 
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a WalkthroughContainer Days: Hijack a Kubernetes Cluster - a Walkthrough
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
 
Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline ...
Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline ...Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline ...
Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline ...
 
ContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack KubernetesContainerConf 2022: Hijack Kubernetes
ContainerConf 2022: Hijack Kubernetes
 
Использование AzureDevOps при разработке микросервисных приложений
Использование AzureDevOps при разработке микросервисных приложенийИспользование AzureDevOps при разработке микросервисных приложений
Использование AzureDevOps при разработке микросервисных приложений
 
Continuous Deployment with Kubernetes, Docker and GitLab CI
Continuous Deployment with Kubernetes, Docker and GitLab CIContinuous Deployment with Kubernetes, Docker and GitLab CI
Continuous Deployment with Kubernetes, Docker and GitLab CI
 
Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools
 
ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...ContainerConf 2022: Kubernetes is awesome - but...
ContainerConf 2022: Kubernetes is awesome - but...
 
Festive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networkingFestive Tech Calendar: Festive time with AKS networking
Festive Tech Calendar: Festive time with AKS networking
 
Platform Orchestration with Kubernetes and Docker
Platform Orchestration with Kubernetes and DockerPlatform Orchestration with Kubernetes and Docker
Platform Orchestration with Kubernetes and Docker
 

More from Nico Meisenzahl

Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsCloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Nico Meisenzahl
 

More from Nico Meisenzahl (6)

Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable WorkloadsCloud-Native & Sustainability: How and Why to Build Sustainable Workloads
Cloud-Native & Sustainability: How and Why to Build Sustainable Workloads
 
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being HackedContainer Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
 
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a WalkthroughKCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
 
Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...Cloud Love Conference: Kubernetes is awesome, but...
Cloud Love Conference: Kubernetes is awesome, but...
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
 
Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Recently uploaded (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 

Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Your CI/CD

  • 1. How Containerized Pipelines and Kubernetes Can Boost Your CI/CD GitLab Virtual Meetup, July 2020
  • 2. Nico Meisenzahl • Senior Cloud & DevOps Consultant at white duck • GitLab Hero, Microsoft MVP & Docker Community Leader • loves Kubernetes, DevOps and Cloud © white duck GmbH 2020 Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org
  • 3. Agenda • GitLab and Kubernetes • containerized pipeline – why? • pipeline workload on Kubernetes with GitLab CI/CD • container image builds on Kubernetes with Kaniko © white duck GmbH 2020
  • 4. GitLab & Kubernetes A perfect fit! • Gitlab hosted on Kubernetes • containerized pipelines • monitoring & tracing stack • functions and serverless apps • Review Apps • Auto DevOps © white duck GmbH 2020
  • 5. Containerized Pipelines – Why? • for the same reasons why you should use containers • isolation • dependencies • scalability • immutability • example: your new project needs version X all others still require Y • you can include any kind of build / deploy dependency • NodeJS, .NET Core, Go, Terraform, Ansible… you name it © white duck GmbH 2020
  • 6. docker run • running Docker on build hosts is a familiar pattern • but: docker run pipeline jobs have some issues • containers are immutable • you will end up managing caching and artifacts on your own • (and we're not even talking about building containers) © white duck GmbH 2020
  • 7. GitLab Runner Kubernetes executor • a Gitlab Runner that is aware of Kubernetes • integrates your CI/CD with Kubernetes • runs itself within your Kubernetes Cluster (as pod) • schedules pipeline jobs as pods • allows you to share your compute and scale your pipelines • easy deployment • one-click • production ready Helm deployment • via CI/CD (alpha) © white duck GmbH 2020
  • 8. Cloning, Caching and Artifacts • GitLab Runner Kubernetes executor runs service containers within the pipeline job pod to handle cloning, caching and artifacts • every pipeline job contains out of these stages • prepare → creates pod with build and service containers • pre-build → clones repo, restore cache, download artifacts • build → user build steps • post-build → creates caches and upload artifacts © white duck GmbH 2020
  • 9. Advanced topics • supports advanced configurations like • resource limits for build jobs • CI services for build dependencies • node selectors for runners • … © white duck GmbH 2020
  • 10. Demo: GitLab Runner Kubernetes executor • GitLab Kubernetes Integration • GitLab Runner Kubernetes executor deployment © white duck GmbH 2020
  • 11. Pipeline job image • contains everything a single pipeline job needs • binaries, libraries, tools, ... • provide all external dependencies • use a pipeline to build/rebuild it periodically (security fixes!) • you should define fix versions for your dependencies • use caching to speed up your builds © white duck GmbH 2020
  • 12. Pipeline job image © white duck GmbH 2020
  • 13. Demo • containerized deploy pipeline • https://gitlab.com/gitlab-commit-demo/containerized-appdeploy-sample © white duck GmbH 2020
  • 14. Container Image builds on Kubernetes • you may used Docker-in-Docker to build containers in containers • DinD has some issues • exposing Docker socket • mounting /var/lib/docker • privileged mode • those might be acceptable on a build host but not in a Kubernetes cluster © white duck GmbH 2020
  • 15. Image builds with Kaniko • image builds without the need of any privileges or dependencies • runs in a container (gcr.io/kaniko-project/executor) • easy to use • you should think about caching to speed up your pipeline • layer caching (layers get pushed pushed to a registry) • base image caching (GitLab cache) © white duck GmbH 2020
  • 16. Image builds on Kubernetes with Kaniko © white duck GmbH 2020
  • 17. Demo • containerized image builds on Kubernetes with Kaniko • https://gitlab.com/gitlab-commit-demo/containerized-jobimage-sample © white duck GmbH 2020
  • 18. Questions? Slides: https://www.slideshare.net/nmeisenzahl Demos: https://gitlab.com/gitlab-commit-demo Nico Meisenzahl (Senior Cloud & DevOps Consultant) Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org © white duck GmbH 2020