KubeCon EU 2023 Recap – GitOps Sessions on Flux with OCI, Liquid Metal CI/CD Platforms & Telco Cloud Platforms

[weaveworks]

The Weaveworks and Flux team were in Amsterdam at the recent KubeCon EU 2023 event and participated in several informative sessions. Presented talks zeroed in on CI/CD Platform, featuring a demo showcasing the Liquid Metal Project - one of the highly anticipated and registered talks at KubeCon (~1700 registrations). Other talks featured GitOps, FluxCD & OCI, and Helm. The videos of these sessions are now available on YouTube, and you can find links to them below in this blog.

In addition, the Flux team joined the CNCF Graduated Project Celebration along with our ArgoCD friends. We also participated in the OpenGitOps Project meeting and the Flux Project Meeting.

<p></p><h3>A CI/CD Platform in the Palm of Your Hand - MicroVms, Liquid Metal</h3><p>Despite being an essential part of cloud-native operations, many organizations often treat continuous integration (CI) infrastructure as an afterthought. The providers available for CI infrastructure tend to use legacy infrastructure, creating bottlenecks during the incremental build, test, and release processes.</p><p></p><p>Additionally, containerized builds raise concerns about the security of privileged docker-in-docker runs, forcing a compromise between security and slow spin-up times. The cost and environmental overheads associated with maintaining a hot pool of nodes add to the challenges.</p><p></p><p>However, the solution here is going old school - using bare-metal and MicroVms which offer the speed and flexibility of containers combined with the security of regular VMs.</p><p></p><p>Liquid Metal is a project that has gained popularity due to the promise of more performant and cost-effective CI models.</p><p></p><p>Claudia Beresford, Weaveworks’ Senior Software Engineer, presented a case study of an experimental system combining Kubernetes with on-demand MicroVMs, demonstrating it live on a Raspberry Pi cluster.</p><p></p><p>Talk outline:</p><ul><li>Intro to MicroVms (min 0:27)</li><li>Liquid Metal Project (min 1:55)</li><ul><li>Flintlock (min 2.46)</li><li>Cluster API Provider MicroVM (min 3.11)</li><li>Firecracker & Cloud Hypervisor (min 3.41)</li><li>Containerd (min 4.18)</li></ul><li>Architecture (min 4.43)</li><li>Liquid Metal Use Cases (6:12)</li><ul><li>Edge Computing</li><li>Low resource systems (like homelabs)</li><li>Bare metal</li><li>CI self-hosted runners</li></ul><li>Demo Background & Intro (min 7:05)</li><li>Use Case: CI/CD platform</li><li>Action Runner Controller (min 7:45)</li><li>MicroVM Action Runner (min 8:12)</li><li>Benefits of setting up a separate CI System (min 9:03)</li><li>The Setup (min 13:10)</li><li>The Network (min 14:15)</li><li>The Hackery (min 15:12)</li><li>The POC (min 17:10)</li><li>Demo (min 18:37)</li><li>Learnings (min 31:40)</li></ul><p></p><p>Watch the entire talk here:</p><p></p><iframe src="https://www.youtube.com/embed/2g_TXw5bkLY" allowfullscreen="yes" frameborder="0" width="740" height="410"></iframe><h3>Panel: Looking Ahead to the Future with Project Sylva, Energy Efficiency & Telco Cloud Platforms</h3><p></p><p>Project Sylva was announced by the Linux Foundation Europe in November 2022. The code name of the project, which is derived from the word “sylva,” meaning “the forest trees growing in a particular region,” reflects its focus on energy efficiency and environmental sustainability.</p><p></p><p>The project aims to create a cloud-native, open-source, production-grade telco stack in collaboration with leading European carriers and vendors. In addition, it aims to consolidate the Telco Cloud model’s operating model with cloud-native patterns while addressing regulatory challenges and opportunities.</p><p></p><p>In this panel discussion, held on Cloud-Native Telco Day, experts discussed the innovations in the Telco Cloud ecosystem in Europe and beyond and the challenges and opportunities for telcos in the cloud-native ecosystem, including the use of operating models such as GitOps.</p><p>​</p><p>The panelists were:</p><ul><li>Jonne Soininen, Head of Open Source Initiatives, Nokia</li><li>Tim Irnich, Distinguished Product Manager Edge for Telco, SUSE</li><li>Philippe Ensarguet, Chief Technology Officer, Orange</li><li>Niki Manoledaki, Software Engineer, Weaveworks</li></ul><p></p><p>Watch the entire talk:</p><p></p><iframe src="https://www.youtube.com/embed/wnI0orAsJWI" allowfullscreen="yes" frameborder="0" width="740" height="410"></iframe><p></p><h3>Flux Beyond Git: Harnessing the Power of OCI</h3><p>In this Flux maintainer track session, Stefan Prodan, a Principal Engineer, and Hidde Beydals, Senior Software Engineer, discussed the latest developments of Flux around the Open Container Initiative (OCI). They zeroed in on how OCI can be used as the single source of truth for application code (container images) and configuration (OCI artifacts).</p><p></p><p>The demo portion of the video shows how you can build a secure delivery pipeline leveraging Flux integrations with GitHub Actions and keyless signatures from Sigstore Cosign.</p><p></p><p>Weaveworks engineers and Flux Maintainers delve into the following during the session:</p><ul><li>Flux Project Overview (min 0.46)</li><li>Flux: Ecosystem News (min 2.55)</li><ul><li>New adopters and vendors</li><li>Latest Integrations and Extensions</li></ul><li>Open Container Initiative (min 5:21)</li><li>Flux: GitOps Workflow (min 7:28)</li><li>CI/CD Workflow for OCI artifacts (min 8:52)</li><li>Source APIs (min 10:33)</li><li>OCI Support for:</li><ul><li>Kubernetes Configs (min 13:23)</li><li>Terraform Modules (min 14:01)</li></ul><li>Flux: Push Changes to clusters from CI safely (min 14:15)</li><li>Flux: OCI custom media types (min 15:48)</li><li>OCI Support for Helm Charts (min 17:29)</li><li>Benefits of OCI Compared to Git (min 18:22)</li><li>Authentication Towards Registries (min 19:20)</li><li>Integrity Verification of OCI Sources (min 20:00)</li><li>OCI Use Cases (compared to Git) (min 20:50)</li><li>OCI Resources (min 24:25)</li><li>Demo and Q&A (min 25:50)</li></ul><p></p><p>Watch the entire talk:</p><p></p><iframe src="https://www.youtube.com/embed/gKR95Kmc5ac" allowfullscreen="yes" frameborder="0" width="740" height="410"></iframe><p></p><h3>Panel: How GitOps Changed Our Lives & Can Change Yours Too!</h3><p></p><p>For those who are contemplating GitOps or already implementing it, this talk is for you. A panel of GitOps project experts who’ve used popular GitOps tools such as Flux, Argo, and other projects in the GitOps ecosystem shared their journeys and experiences.</p><p></p><p>The panelists included:</p><ul><li>Christian Hernandez, Senior Principal Product Manager, Red Hat</li><li>Leigh Capili, Staff Developer Advocate, VMware</li><li>“Pinky” Ravi, Developer Experience Engineer, Weaveworks</li><li>Roberth Strand, Principal Cloud Engineer, Amesto Fortytwo</li><li>Filip Jansson, Strålfors</li></ul><p></p><p>All of the panelists are members of the GitOps Working Group and OpenGitOps Project. They discussed the origins of GitOps as a natural progression of Kubernetes and DevOps best practices and how it has improved their deployment and security practices. The panelists also addressed the usability and complexity issues associated with various tools and solutions, as well as the pain points, struggles, and barriers to adoption. In addition, they have shared lessons learned, benefits, and how GitOps has transformed their work.</p><p></p><p>Watch the entire talk:</p><p></p><iframe src="https://www.youtube.com/embed/hd7VkCLnTWk" allowfullscreen="yes" frameborder="0" width="740" height="410"></iframe><h3>Learn the Helm Code Base and PR Review Process</h3><p>Helm is the most efficient method to package, discover, distribute, and utilize software on Kubernetes. Due to its user-friendly interface and its compatibility with other projects, products, and solutions, Helm has gained widespread popularity in the cloud-native community. Although Helm offers a range of useful features, even more exciting features could be incorporated into the project in the future.</p><p></p><p>In this session, the maintainers of Helm showcased upcoming improvements and explained how users could assist in accelerating their implementation. This will involve an overview of the Helm codebase and a breakdown of the community Pull Request review process, including how to select an open PR for review, reproduce the original problems, and test proposed solutions. Community members are encouraged to take advantage of opportunities to advance up the contributor hierarchy by joining the Helm team and becoming a “Triage Maintainer” and more.</p><p></p><p>This talk was led by:</p><ul><li>Scott Rigby, Developer Experience Engineer, Weaveworks</li><li>Andrew Block, Senior Principal Consultant, Red Hat</li><li>Karena Angell, Senior Principal Product Manager, Technical, Red Hat</li></ul><p></p><p>Watch the entire talk here:</p><p></p><iframe src="https://www.youtube.com/embed/ULw33QRMuNE" allowfullscreen="yes" frameborder="0" width="740" height="410"></iframe><p></p><h2>Until Next KubeCon</h2><p>KubeCon EU 2023 was another great event that brought together industry leaders, developers, and enthusiasts from around the world to explore the latest advancements in the Kubernetes ecosystem. The Weaveworks and Flux team gave exceptional talks around FluxCD and OCI, GitOps, Helm, MicroVMs and Liquid Metal. With the rapid evolution of the Kubernetes ecosystem, the future looks brighter than ever for the world of cloud-native computing. Until the next KubeCon, let’s continue to harness the power of Kubernetes and propel the industry forward together.</p><p></p><p>If you’re using Flux and the GitOps family of projects, you may be interested in our latest solution offering: Weave GitOps Assured – a 100% open-source solution that provides hands-on technical support from the creators of Flux. Weave GitOps Assured allows you to build your production environments with flexibility, all while providing enterprise assurance when you need it most. Contact Us to learn more.</p><p></p>

View the full article