Sunday, 2019 April 07

My website has been up and running on Kubernetes for about three months now and it's been great. But I'm still a long way from automating deploys. I decided to take the first step this weekend. My goal: make it so that changes to my beta website will end up being automatically deployed after I push them to GitLab.

Some key steps were already in place. Critically, I already had a CI pipeline set up in my website repository in GitLab. This means that pushes result in a Docker image being built automatically. However, after this point everything was manual.

  1. After the image is built, I'd need to go to GitLab to learn the tag that was applied.
  2. I would then need to edit the image tag in the appropriate YAML file in my Kubernetes configuration to reflect this.
  3. Push this to GitLab.
  4. Then SSH into my master node and do a git pull. This requires retrieving my password from my password manager.
  5. Finally, run kubectl apply -f website/beta-website.yaml to actually get things updated.

I was aware of flux from my day job. It seemed like the logical place to start.

Installing it was very straightforward.

  1. Clone the repository onto my master node.
  2. Configure it by editing deploy/flux-deployment.yaml. The only changed I needed was to update the --git-url parameter.
  3. kubectl apply -f deploy
  4. Download fluxctl (a separate utility)
  5. Use fluxctl to retrieve the public key that flux created.
  6. Add that public key to GitLab as a deploy key in my configuration repository (not the website repository). Note that for automation purposes I needed to enable write access.

Reviewing the flux logs (kubectl logs deployment/flux) revealed that I had some problems with my setup; these are immaterial to the matter at hand, but I'm glad to have discovered and fixed them now.

At this point flux was capable of recognizing changes to my configuration repository; if I manually updated the image tag, flux would recognize this and automatically deploy the new image (e.g. I had automated steps 4 and 5 in my original process). This was a solid first step, but I wanted to fully automate everything. I knew this was possible with flux, but how?

I actually found the documentation to be quite lacking, but by clicking through and reading I discovered the magic incantation - you have to tell flux to enable automation. Once this is done, everything "just works".

After verifying the name of my workload via fluxctl list-controllers, a simple fluxctl automate -c default:deployment/beta-website-deployment was all it took. I had pushed a change to my website earlier and knew that there was a new image available. Flux recognized this, updated the Kubernetes spec, applied it, and committed and pushed that change back to my configuration repository. This is exactly what I wanted - I can now push a change to my website and, within ten minutes, it's automatically running in Kubernetes and my configuration repository correctly reflects reality.

I still need to manually update the configuration for my production website. I probably won't automate this for a while as I still want to manually review changes before promoting them, but now I'm starting to wonder how I can make this go as well.

Friday, 2019 March 01 Wednesday, 2019 July 03