Upgrade to Pro — share decks privately, control downloads, hide ads and more …

We Are Developers 2025 - Progressive Delivery w...

Avatar for Kevin Dubois Kevin Dubois
July 04, 2025
0

We Are Developers 2025 - Progressive Delivery with Argo Rollouts

Avatar for Kevin Dubois

Kevin Dubois

July 04, 2025
Tweet

More Decks by Kevin Dubois

Transcript

  1. @kevindubois.com Kevin Dubois ★ Sr. Principal Developer Advocate at Red

    Hat ★ Java Champion ★ Technical Lead, CNCF DevEx TAG ★ From Belgium 󰎐 / Live in Switzerland 󰎤 ★ 🗣 English, Dutch, French, Italian youtube.com/@thekevindubois linkedin.com/in/kevindubois github.com/kdubois @kevindubois.com
  2. @kevindubois.com CI / CD Build Test Security Checks Release Deploy

    Stage Deploy Prod Continuous Integration Continuous Delivery Manual
  3. @kevindubois.com Continuous Developer Flow Outer loop Inner loop Pull/Merge Request

    Production Build / Package Code Push Debug Code Review Build Deploy Security Tests Compliance Inner loop Outer loop Developer Test
  4. @kevindubois.com CI - CD - CD Build Test Security Checks

    Release Deploy Stage Deploy Prod Continuous Integration Continuous Delivery Continuous Deployment Manual Auto
  5. @kevindubois.com What is GitOps? Treat everything as code Git is

    the single source of truth Operations through Git workflows
  6. @kevindubois.com CI/CD Engines Jenkins Spinnaker Tekton Concourse CI …... CI/CD

    versus GitOps Desired State Cluster State Observe State Take Action GitOps Engines ACM, ArgoCD, FluxCD Razee, Faros Desired State Cluster State
  7. @kevindubois.com ArgoCD Sync Monitor Detect drift Take action Argo CD

    is a declarative, GitOps continuous delivery tool for Kubernetes. Cluster and application configuration versioned in Git Automatically syncs configuration from Git to clusters Drift detection, visualization and correction
  8. @kevindubois.com GitOps Application Delivery Model Push Pull Request Source Git

    Repository Image Registry Config Git Repository Kubernetes Deploy Monitor Detect drift CD Take action Pull
  9. @kevindubois.com What is Progressive Delivery? • No Big Bang •

    Deploy != Release • Metrics • Subset of Users
  10. @kevindubois.com Why Progressive Delivery? • Decreases Downtime • Limits the

    Tragedy • Deploy & Release to Production faster • Less mocking or setting up unreliable ‘fake’ services
  11. @kevindubois.com Blue - Green apiVersion: v1 kind: Service metadata: name:

    my-service labels: app: mystuff spec: ports: - name: http port: 8000 selector: inservice: mypods type: LoadBalancer apiVersion: apps/v1 kind: Deployment metadata: name: mynode-deployment spec: replicas: 1 selector: matchLabels: app: mynode template: metadata: labels: app: mynode spec: containers: - name: mynode image: quay.io/rhdevelopers/mynode:v1 ports: - containerPort: 8000 kubectl label pod -l app=mynode inservice=mypods
  12. @kevindubois.com Controlling Microservices with a Service Mesh Code Independent (Polyglot)

    • Chaos: Fault Injection • Resilience: Circuit Breakers • Observability & Telemetry: Metrics and Tracing • Security: Encryption & Authorization • Fleet wide policy enforcement • Intelligent Routing and Load-Balancing • Smarter Canary Releases • Dark Launch
  13. @kevindubois.com Canary Release apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: recommendation

    spec: hosts: - recommendation http: - route: - destination: host: recommendation subset: version-v1 weight: 75 - destination: host: recommendation subset: version-v2 weight: 25
  14. @kevindubois.com Shadowing Traffic apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: recommendation

    spec: hosts: - recommendation http: - route: - destination: host: recommendation subset: version-v1 mirror: host: recommendation subset: version-v2
  15. @kevindubois.com Dark Canary apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: recommendation

    spec: hosts: - recommendation http: - match: - headers: end-user: exact: Alexandra route: - destination: host: recommendation subset: version-v2 - route: - destination: host: recommendation subset: version-v1
  16. @kevindubois.com Rolling out automatically apiVersion: argoproj.io/v1alpha1 kind: Rollout metadata: name:

    rollouts-demo labels: app: rollouts-demo spec: strategy: canary: steps: - setWeight: 20 - pause: duration: "1m" - setWeight: 50 - pause: duration: "2m" canaryService: rollouts-demo-canary stableService: rollouts-demo-backend trafficRouting: istio: virtualService: name: rollout-vsvc routes: - primary …
  17. @kevindubois.com Metrics Based Rollouts strategy: canary: analysis: args: - name:

    service-name value: rollouts-demo-canary.canary.svc.cluster.local templates: - templateName: success-rate canaryService: rollouts-demo-canary stableService: rollouts-demo-stable trafficRouting: istio: virtualService: name: rollout-vsvc routes: - primary steps: - setWeight: 30 - pause: { duration: 20s } - setWeight: 40 - pause: { duration: 10s } - setWeight: 60 - pause: { duration: 10s } - setWeight: 80 - pause: { duration: 5s } - setWeight: 90 - pause: { duration: 5s } - setWeight: 100 - pause: { duration: 5s }
  18. @kevindubois.com apiVersion: argoproj.io/v1alpha1 kind: AnalysisTemplate metadata: name: success-rate spec: args:

    - name: service-name metrics: - name: success-rate interval: 10s successCondition: len(result) == 0 || result[0] >= 0.95 failureLimit: 2 provider: prometheus: address: https://internal:[email protected] r.local:9090 query: | sum(irate(istio_requests_total{ reporter="source", destination_service=~"{{args.service-name}}", response_code!~"5.*"}[30s]) ) Metrics Based Rollouts 41
  19. @kevindubois.com Experiments strategy: canary: steps: - experiment: duration: 1h templates:

    - name: experiment-baseline specRef: stable weight: 5 - name: experiment-canary specRef: canary weight: 5
  20. @kevindubois.com Final Notes • State is always hard ◦ start

    with stateless; work with features; non-destructive schema changes; event-driven architectures (use eg. Debezium to work with ‘classic’ DBs). • Step by Step • Embrace GitOps • If you haven’t automatically destroyed something by mistake, you aren’t automating enough • Demos ◦ https://argo-rollouts.readthedocs.io/en/stable/ ◦ https://github.com/kdubois/progressive-delivery ◦ https://github.com/redhat-developer-demos/bubbles-progressive-delivery ◦ https://dn.dev/istio-tutorial
  21. Update confidential designator here Version number here V00000 [Insert QR

    code CTA message for attendees] Thanks for attending! Scan this QR code for a chance to win a pair of Ray-Ban Meta sunglasses Raffle details: Date: July 10 Time: 6:00PM Location: Red Hat booth Must be present to win