I. Background
In recent years, Kubernetes quickly became the de facto open source standard container arrangement. And different virtual machines, Kubernetes while abstract reliable large-scale infrastructure layout container, which can help developers to separate the complex nature of the workload and infrastructure. Kubernetes is CI / CD ideal for automation because it provides many built-in features that make application deployment to standardize and reuse, improve developer productivity, and accelerate the adoption of cloud native application.
Platform9 was founded in 2013 cloud service provider can provide the industry's only hybrid cloud SaaS management solutions, allowing users to quickly adopt cloud technology and deployment in the private or public cloud infrastructure in any consistently manage VM, Kubernetes and non-server functions. Kubernetes solutions Platform9 provides also a leader in the industry.
In KubeCon + CloudNativeCon 2019 General Assembly held in Barcelona, Platform9 with more than 1,000 participants interacted with nearly 500 attendees participated in the survey related to the Kubernetes. The figure below shows the survey results for the most common Kubernetes application scenarios:
Among these, CI / CD is the most extensive automation Kubernetes use case focused on helping developers build and deliver applications. However, running in a production environment with automatic and repeatable CI / CD of the pipeline Kubernetes (k8s) and ongoing security checks will bring new challenges, including integration complexity, continuous product update / rollback, self operation and maintenance, life-cycle management.
To address these challenges and without difficulty imagine, this article describes how Platform9 use JFrog products quickly implement CI / CD automation and extended to the entire organization method on Kubernetes.
Second, the use of 5 steps Artifactory and Helm Kubernetes CI / CD pipeline
in Scheme Platform9 provided, as Artifactory JFrog Docker micro service registry (or registry), is constructed CI / CD integral part of the pipeline. At the same time, the use of Artifactory as Helm Chart repository, the article further provides warehouse management vessel will be deployed to integrate all the resources needed to k8s cluster.
Artifactory can also serve as a remote warehouse agent depend, for example npm, Maven, Gradle and Go, to achieve security Kubernetes registry, allows you to track system end to end content, dependencies, and relationships with other Docker image.
Step 5 realize Kubernetes CI / CD line:
Step 1. to develop micro Artifactory proxy service uses the registry. Generated application package may be .war or .jar files;
Step 2. On Ubuntu Tomcat Java-8 and to create a base image Docker frame. This image pushed to Artifactory in Docker registry, JFrog Xray will be scanned to ensure the safety and license compliance.
Step 3. .war or by adding frame Docker .jar files to create a micro mirror Docker services, push the mirror Artifactory Docker in registry, and scans through the Xray.
Step 4. Create the Chart Helm micro service, and push them to the Helm Artifactory repository.
Step 5. Use Helm Chart micro security service deployment from Docker registry to Kubernetes cluster.
In the pipeline which, in addition to products responsible for warehouse management, Artifactory also provide auditable quality because it captures all the wealth of valuable metadata for the entire CI / CD produced in the process, include:
building and environmental information
Module dependence
CI server, such as Jenkins, the information provided
publishing module and its dependencies detailed license analysis
publish historical information, etc.
Artifactory use, tracking can be responsible for generating the application layer (e.g. WAR file) CI task, the application layer is part of the mirror layer Docker. Constructed by comparing the two, you can display the differences between the building, making it easy to keep track of which build a release layer which mirrored Docker, near and continue to follow the code submission.
Third, the pipeline property analysis
3.1 JFrog Artifactory and Xray ensure delivery automation software
Artifactory is a generic product warehouse management platform, regardless of the organization's micro-services run where it can meet the needs of all CI / CD's. Artifactory Docker by providing full compatibility enables developers to deploy container of micro-services to Kubernetes cluster. After the application package pushed to Artifactory warehouse, you can develop, test and release phases continue to verify and upgrade your vessel, and finally deploy it to Kubernetes in production clusters. As in the previous analysis, Artifactory also provides complete auditability and traceability for all application packages.
JFrog Xray image scan performed recursively depth Docker, and all layers and identify vulnerabilities dependent items. It also checks to ensure that all the software components of the licenses are in line with policies of the organization. This helps prevent non-compliant software into production. Moreover, continuous scanning capability Xray provided, may find new issues to ensure the continuing safety of the time or change strategy.
3.2 Helm Charts the CI / CD deployment automation tools
once your Kubernetes infrastructure up and running, Kubernetes Helm will enable you to pass easily install, update, and delete to quickly and reliably configure the container application. It provides a tool for packaged applications and share it with Kubernetes community for developers. It enables software vendors to provide the touch of a button of its container application. By a command or a few clicks of the mouse, users can develop a test or production environment that Kubernetes install the application. Most popular CI / CD set of tools are available through the Helm chart.
Platform9 application directory provides push-button deployment accessible to Helm chart. You can use the App Catalog UI to select and deploy your favorite CI / CD line tools (for example, Jenkins, Spinnaker, Artifactory, Xray, etc.). You can search, one-click deployment or configure it.
Four, Platform9 hosting Kubernetes service eliminates the complexity of the operation
main business problem if you want to solve, and improve developer productivity, software to market faster, and reliable operation in a production environment-related applications, then Do you worth the time and trouble handling the complexity of the operation and maintenance of Kubernetes? Do you have the people and skills to work and operation and maintenance of large Kubernetes clusters?
Operation and maintenance of your own large-scale infrastructure Kubernetes daunting. The consequences of the wrong choice is permanent and will affect the availability, performance and agility of the application. Although the internal construction of the solution in the short term may be cheaper, but the quality of your design may be low, or there are some flaws. These defects will be aware of when you go into production, which ultimately will cost more money.
While the installation and management Kubernetes not drive the business forward, but our customers to quickly deploy new applications and versions can. For developers, Kubernetes end users, platform availability is the key. They do not care who built it or how to build it: they just want hands-on it, and make it work well.
Although developers do not care about the implementation details or operation and maintenance status of the cluster, but still need someone to carry out the operation and maintenance work to ensure that the cluster is the latest health and safety. Platform9 Kubernetes manage your environment, to provide you with fully automatic operation and maintenance, and to achieve a 99.9% SLA on bare metal, VMware, public cloud, or edge node. This allows your DevOps team can free up time to focus on important things: to respond to customer needs by building better applications faster.
V. Summary
Through the above Platform9 recommended solution point of view, based on the JFrog Artifactory and Xray, combined with Helm Chart, easily and quickly, clearly applies to build large-scale Kubernetes cluster CI / CD self