The latest in a series of posts about how CloudGeometry enables platform engineering
It's hard to imagine successful software development today without DevOps. But DevOps has become increasingly complex, burdened by a zoo of tools and process gaps (think "silent tech debt"). At CloudGeometry, we have years of experience working through DevOps challenges for hundreds of client engagements, delivering high-quality releases into production – all day, every day.
Today, the market has begun to use "Platform Engineering" to refer to more robust approaches to DevOps. Yet even before the term was in common use, we were already taking a rigorous, repeatable approach to resolving DevOps problems by leaning into proven open-source technologies. We call this integrated toolchain CGDevX. It's our reference implementation for Platform Engineering. You'll find our ongoing efforts in our repo at GitHub.
Next-level DevOps requires more structured mechanisms for collaboration and feedback between the developers and the operations team – more than "DevOps culture" alone can deliver. To show how to better align the parts of your DevOps workstream, we've set up a "Cloud Native Quick Start Kit," which is essentially an extensible template to expose the essentials in the cloud-native delivery lifecycle. It demonstrates how you can put the CGDevX reference implementation to work in managing Kubernetes clusters and Cloud Native deployments and to take better advantage of cloud-native patterns.
Video Highlights
DevOps requires a mindset shift when working with Kubernetes clusters and Cloud Native deployments. Here, we highlight how to integrate CI/CD and GitOps into a comprehensive software delivery automation process, focusing on binary artifacts for reliable change management. Here's a detailed summary of how the CGDevX Open Source Platform Engineering Reference Implementation can help.
- Introduction to the Quick Start Kit: We showcase the Cloud Native Quick Start Kit, emphasizing its role in simplifying the management of Kubernetes clusters. The kit provides a unified approach to software delivery, integrating CI/CD and GitOps.
- Repository Setup and Inspection: Initially, we create two repositories: one for application code and another for application infrastructure code, automatically populated with necessary templates and configuration files. We then clone these repositories to inspect their contents.
- Application Repo Workflow: In the application repository, we explore Argo workflow definitions for the CI pipeline, including stages for building, publishing, and deploying the application. We also discuss GitHub action definitions and the Helm chart template that includes configurations for deployment and secrets management.
- GitOps Repository Management: We navigate to the main GitOps repository, which manages our platform infrastructure and workload registry. This includes setting up different values files for staging and production environments and configuring paths for secret management.
- Infrastructure and Secrets Configuration: In the application infrastructure GitOps repo, we utilize Terraform for provisioning and reference AWS resources like Vault. We make and commit changes to add environment-specific secrets and use Atlantis for pull request automation to manage these changes.
- Secrets Management with Vault: We create new secrets in Vault as per the application GitOps repo's defined path. These changes, once reviewed, are applied using Atlantis, which then automatically merges and closes the pull request.
- Application Definition and Deployment: We define the application using a demo app that demonstrates the Quick Start Kit's capabilities. The app reads secrets from environment variables and is deployed through our development delivery pipeline, triggering the Argo workflow.
- Global Registry and Environment-Specific Deployments: In our platform GitOps repository, we add new workloads like our demo app to a global registry. We then manage the application's deployment across development, staging, and production environments, noting the use of environment-specific secrets and the automatic updating of application versions.
What this approach gives you is a robust and flexible pattern for delivering application changes efficiently using well-organized GitOps delivery pipelines. By reducing uncertainties and minimizing errors, this method enhances the software delivery process. On the one hand, it facilitates quicker and more reliable deployment of software to users and customers; on the other hand, It helps all participants in DevOps work streams get a clearer, more complete view of what is working well, and where improvements are within reach.