We Are Developers 2025 - Progressive Delivery with Argo Rollouts

Transcript

1. @kevindubois.com Kevin Dubois Sr Principal Dev Advocate, Red Hat Next-Gen

   CI/CD with GitOps and Progressive Delivery

2. @kevindubois.com Kevin Dubois ★ Sr. Principal Developer Advocate at Red

   Hat ★ Java Champion ★ Technical Lead, CNCF DevEx TAG ★ From Belgium 󰎐 / Live in Switzerland 󰎤 ★ 🗣 English, Dutch, French, Italian youtube.com/@thekevindubois linkedin.com/in/kevindubois github.com/kdubois @kevindubois.com

3. @kevindubois.com How it started…

4. @kevindubois.com

5. @kevindubois.com

6. @kevindubois.com CI / CD

7. @kevindubois.com CI / CD Build Test Security Checks Release Deploy

   Stage Deploy Prod Continuous Integration Continuous Delivery Manual

8. @kevindubois.com Every 4 months Every week/day/hour 8

9. @kevindubois.com Continuous Developer Flow Outer loop Inner loop Pull/Merge Request

   Production Build / Package Code Push Debug Code Review Build Deploy Security Tests Compliance Inner loop Outer loop Developer Test

10. @kevindubois.com CI - CD - CD Build Test Security Checks

    Release Deploy Stage Deploy Prod Continuous Integration Continuous Delivery Continuous Deployment Manual Auto

11. @kevindubois.com GitOps

12. @kevindubois.com What is GitOps? Treat everything as code Git is

    the single source of truth Operations through Git workflows

13. @kevindubois.com CI/CD Engines Jenkins Spinnaker Tekton Concourse CI …... CI/CD

    versus GitOps Desired State Cluster State Observe State Take Action GitOps Engines ACM, ArgoCD, FluxCD Razee, Faros Desired State Cluster State

14. @kevindubois.com ArgoCD Sync Monitor Detect drift Take action Argo CD

    is a declarative, GitOps continuous delivery tool for Kubernetes. Cluster and application configuration versioned in Git Automatically syncs configuration from Git to clusters Drift detection, visualization and correction

15. @kevindubois.com GitOps Application Delivery Model Push Pull Request Source Git

    Repository Image Registry Config Git Repository Kubernetes Deploy Monitor Detect drift CD Take action Pull

16. @kevindubois.com By default: a big bang / all or nothing

    release

17. @kevindubois.com Progressive Delivery

18. @kevindubois.com What is Progressive Delivery? • No Big Bang •

    Deploy != Release • Metrics • Subset of Users

19. @kevindubois.com Why Progressive Delivery? • Decreases Downtime • Limits the

    Tragedy • Deploy & Release to Production faster • Less mocking or setting up unreliable ‘fake’ services

20. @kevindubois.com Delivery Techniques

21. @kevindubois.com Blue Green Deployment • All Or Nothing • Quick

    Rollback

22. @kevindubois.com Canary Releases • Small Percentage • Increase depending on

    metrics

23. @kevindubois.com Dark Launches • Mirroring Traffic • Dark Canaries •

    Feature Flags

24. @kevindubois.com 24

25. @kevindubois.com The New Pyramid?

26. @kevindubois.com How to accomplish Progressive Delivery

27. @kevindubois.com Accomplishing Progressive Delivery with

28. @kevindubois.com Blue - Green apiVersion: v1 kind: Service metadata: name:

    my-service labels: app: mystuff spec: ports: - name: http port: 8000 selector: inservice: mypods type: LoadBalancer apiVersion: apps/v1 kind: Deployment metadata: name: mynode-deployment spec: replicas: 1 selector: matchLabels: app: mynode template: metadata: labels: app: mynode spec: containers: - name: mynode image: quay.io/rhdevelopers/mynode:v1 ports: - containerPort: 8000 kubectl label pod -l app=mynode inservice=mypods

29. @kevindubois.com Canary Releases $ kubectl scale deployment myapp-v1 --replicas=3 $

    kubectl scale deployment myapp-v2 --replicas=1

30. @kevindubois.com Controlling Microservices with a Service Mesh Code Independent (Polyglot)

    • Chaos: Fault Injection • Resilience: Circuit Breakers • Observability & Telemetry: Metrics and Tracing • Security: Encryption & Authorization • Fleet wide policy enforcement • Intelligent Routing and Load-Balancing • Smarter Canary Releases • Dark Launch

31. @kevindubois.com

32. @kevindubois.com Canary Release apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: recommendation

    spec: hosts: - recommendation http: - route: - destination: host: recommendation subset: version-v1 weight: 75 - destination: host: recommendation subset: version-v2 weight: 25

33. @kevindubois.com Shadowing Traffic apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: recommendation

    spec: hosts: - recommendation http: - route: - destination: host: recommendation subset: version-v1 mirror: host: recommendation subset: version-v2

34. @kevindubois.com Dark Canary apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: recommendation

    spec: hosts: - recommendation http: - match: - headers: end-user: exact: Alexandra route: - destination: host: recommendation subset: version-v2 - route: - destination: host: recommendation subset: version-v1

35. @kevindubois.com Automated Progressive Delivery

36. @kevindubois.com Argo Rollouts

37. @kevindubois.com Argo Rollouts ArgoCD detects change rollout Monitors Data

38. @kevindubois.com Rolling out automatically apiVersion: argoproj.io/v1alpha1 kind: Rollout metadata: name:

    rollouts-demo labels: app: rollouts-demo spec: strategy: canary: steps: - setWeight: 20 - pause: duration: "1m" - setWeight: 50 - pause: duration: "2m" canaryService: rollouts-demo-canary stableService: rollouts-demo-backend trafficRouting: istio: virtualService: name: rollout-vsvc routes: - primary …

39. @kevindubois.com “Smart” Progressive Delivery Based on Metrics

40. @kevindubois.com Metrics Based Rollouts strategy: canary: analysis: args: - name:

    service-name value: rollouts-demo-canary.canary.svc.cluster.local templates: - templateName: success-rate canaryService: rollouts-demo-canary stableService: rollouts-demo-stable trafficRouting: istio: virtualService: name: rollout-vsvc routes: - primary steps: - setWeight: 30 - pause: { duration: 20s } - setWeight: 40 - pause: { duration: 10s } - setWeight: 60 - pause: { duration: 10s } - setWeight: 80 - pause: { duration: 5s } - setWeight: 90 - pause: { duration: 5s } - setWeight: 100 - pause: { duration: 5s }

41. @kevindubois.com apiVersion: argoproj.io/v1alpha1 kind: AnalysisTemplate metadata: name: success-rate spec: args:

    - name: service-name metrics: - name: success-rate interval: 10s successCondition: len(result) == 0 || result[0] >= 0.95 failureLimit: 2 provider: prometheus: address: https://internal:[email protected] r.local:9090 query: | sum(irate(istio_requests_total{ reporter="source", destination_service=~"{{args.service-name}}", response_code!~"5.*"}[30s]) ) Metrics Based Rollouts 41

42. @kevindubois.com Argo Rollouts Demo @kevindubois 🚀🚀🚀

43. @kevindubois.com Experiments strategy: canary: steps: - experiment: duration: 1h templates:

    - name: experiment-baseline specRef: stable weight: 5 - name: experiment-canary specRef: canary weight: 5

44. @kevindubois.com Final Notes • State is always hard ◦ start

    with stateless; work with features; non-destructive schema changes; event-driven architectures (use eg. Debezium to work with ‘classic’ DBs). • Step by Step • Embrace GitOps • If you haven’t automatically destroyed something by mistake, you aren’t automating enough • Demos ◦ https://argo-rollouts.readthedocs.io/en/stable/ ◦ https://github.com/kdubois/progressive-delivery ◦ https://github.com/redhat-developer-demos/bubbles-progressive-delivery ◦ https://dn.dev/istio-tutorial

45. @kevindubois.com Free Developer e-Books & Tutorials! developers.redhat.com/eventtutorials

46. Update confidential designator here Version number here V00000 [Insert QR

    code CTA message for attendees] Thanks for attending! Scan this QR code for a chance to win a pair of Ray-Ban Meta sunglasses Raffle details: Date: July 10 Time: 6:00PM Location: Red Hat booth Must be present to win

47. @kevindubois.com youtube.com/@thekevindubois kevindubois kdubois @kevindubois.com slides Thank you!