ãã¦ãã¦ãä»å¹´ãæ®ãã¨ãããã¨ãããã§ãã~âð
OpenShift Advent Calendar 2023 ã®6æ¥ç®ã¯ãOpenShiftã®æè¡å¶æ¥ã®ããªããã¦ããåå±±ãããå±ããã¾ãã¼ã
ä»å¹´ãæ¥ã
ã®ææ¡ãã¬ãã¸ããå±ãã£!!ã¨æã£ãã®ã§ãããä»åã¯ã¡ããã© cdCon Japan ã«åå ããæ©ä¼ãé ããã®ã§ãç¾å°ã¬ãã¼ãããéããã¾ãã
ã¨ããã§çæ§ã¯ã Open Source Summit Japan 2023 ã«åå ããããã¨ã¯ããã¾ãã§ãããã?? ã¯ã©ã¦ããã¤ãã£ãçéã ã¨CNCFã®KubeConãæåã©ããã§ãããOpen Source SummitãLinux Foundationã«ãã£ã¦éå¬ããã¦ãããªã¼ãã³ã½ã¼ã¹ã®å½éã¤ãã³ãã®ä¸ã¤ã§ããæ¯å¹´æ¬§å·ãåç±³ã¨åãããæ¥æ¬ã§ãéå¬ããã¦ããè²´éãªã¤ãã³ãã§ã2023å¹´ã¯ãå°å ´(Ariake Central Tower Hall & Conference)ã§è¡ããã¾ãããå®ã¯æ¯å¹´ãåã ããå½ç£SIä¼æ¥æ§ã¨ä¸¦ãã§Red Hatãã¹ãã³ãµã¼ãã¦ããã§ããã£!?
ãã®ä½µè¨ã¤ãã³ãã¨ãã¦ãä»å¹´ãcdCon Japanãå§ãã¨ããããã¤ãã®ã¤ãã³ããåãå ´æã§éå¬ããã¾ããã ã
- Hyperledger Member Summit Tokyo : ã¨ã³ã¿ã¼ãã©ã¤ãºã°ã¬ã¼ãã®ãããã¯ãã§ã¼ã³æè¡ã«é¢ããã¤ãã³ã
- cdCon Japan : ç¶ç¶çããªããªã¼ã«é¢ããã¤ãã³ã
- OpenSSF Day Japan : ãªã¼ãã³ã½ã¼ã¹ã»ãã¥ãªãã£ã«é¢ããã¤ãã³ã
- Open Compliance Summit : ã³ã³ãã©ã¤ã¢ã³ã¹ã«é¢ããã¤ãã³ã
ä»åç´¹ä»ããcdConã¯ãLinux Foundaionã®åä¸ã«ããContinuous Delivery Foundation(CDF)ã«ãã£ã¦éå¶ããã¦ããã«ã³ãã¡ã¬ã³ã¹ã§ãã
Continuous Delivery Foundation(CDF)ã®ããã¸ã§ã¯ã
CDFã¯ãç¶ç¶çã¤ã³ãã°ã¬ã¼ã·ã§ã³ãç¶ç¶çããªããªã¼(CI/CD)ã®çºå±ã«ä¼´ããããã¸ã§ã¯ãéçºè
ãã¨ã³ãã¦ã¼ã¶ã¼ãã¾ããã³ãã¼éã®ä¸ç«çãªã³ã©ãã¬ã¼ã·ã§ã³ãä¿é²ãã¦ãCI/CDã®æ¥çä»æ§ãæ¨é²ããå£ä½ã§ãã
2023/12æç¹ã§CDFããã¹ããã¦ãããªã¼ãã³ã½ã¼ã¹ããã¸ã§ã¯ãã«ã¯ã以ä¸ã®ãã®ãããã¾ãã
詳細: Continuous Delivery Landscape
ãã¤ã®éã«ãå¢ãã¦ãã¾ãããã~ããããã®ããã¸ã§ã¯ãã®é¸å®ã¯ãCDFã®æè¡æ¦è¦å§å¡ä¼(TOC)ã«ãã£ã¦æ¡æããã¦ãã¾ãã
ãã®ããã¸ã§ã¯ããè¦ãã¨ãOpenShift GitOpsã§ãå©ç¨ããã¦ããArgoCDã¯ãªãã®ï¼ãã¨æãæ¹ãããã£ãããããããã¾ããããArgoCDã¯CNCFã«å¯è´ããã2022/12ã«Graduated Projectã¨ãã¦èªå®ããã¦ãã¾ãã
ãã®ããã«ãªã¼ãã³ã½ã¼ã¹ããã¸ã§ã¯ãã²ã¨ã¤ã¨ã£ã¦ããCNCFãCDFãªã©ãã©ãã®å£ä½ã«æå±ããã®ãã¨ãã£ãè°è«ã ãã§ãªããcdConã¨ã¯å¥ã«ArgoConãFluxConã¨ããããã«ããã¸ã§ã¯ãç¬èªã®ã«ã³ãã¡ã¬ã³ã¹ãè¡ãéãããã¾ããããããããã¸ã§ã¯ãã®ã¤ããããã¤ã¤ããGitOpsã¯Continuous Deliveryã«ã¯æ¬ ãããªãæè¡è¦ç´ ã¨ãã¦cdConã®ã»ãã·ã§ã³ã«ãããã§ã¦ãã¾ãã
ãã¨ãã°ãRed Hatã®Kevinã®ã»ãã·ã§ã³ã§ã¯ãQuarkus製ã®ã¬ã¼ã·ã³ã°ã²ã¼ã ãç´¹ä»ãããä¼å ´ã¿ããªã§ArgoCDã使ç¨ãããªãªã¼ã¹ãä½é¨ãã¾ããã
cdCon Japan 2023ã®æ°ã«ãªã£ãã»ãã·ã§ã³
ãã¦ãåå ããã»ãã·ã§ã³ã®ä¸ããæ°ã«ãªã£ã以ä¸ã®ã»ãã·ã§ã³ã«ã¤ãã¦ãç°¡åã«ã¡ã¢ã
注1. è³æã®å©ç¨è¦ç´ãé æ ®ããä»åã¯ä¸è¨ããpdfãç´æ¥DLãã ããã
注2. æ¬ç·¨ã®Pipelineã¯ãTekton Pipelinesã= CRD: Pipelinesã示ãã¾ãã
"Pipeline as Code" Journey
Date: Monday, December 4 ⢠16:10 - 16:40
Presenter: Jun Makishi & Kasuki Aizawa, NTT Communication
Agenda Link: https://sched.co/1TzRl
Presentaion: "Pipeline as Code" Journey
ã»ãã·ã§ã³æ¦è¦
NTT Communicationããã®ä¸ã§ä½¿ããã¦ããTekonãã¤ãã©ã¤ã³ã管çããããã« Pipeline as Code ãå®è£
ãããã話ã§ãã
ããã§ã¯ docomo business RINK ã¨ãããµã¼ãã¹ãå®å®çã«ãããã¤ããããã®ããã¤ãã©ã¤ã³ããåçã«æä¾ããSREã¨ãã¦ã®åãçµã¿ãçºè¡¨ããã ãã¾ããã
Journey 1 : Pipeline as Code the moderate way
ããã¾ã§ã¯ãSREãã¼ã ãæ¨æºçãªPipelineãæä¾ãããã¨ãåæã¨ããéç¨ã
- Step#0: First development flow of Pipeline as Code
SREå´ã§æ¨æºçãªPipelineãä½æãããã«ãªã¯ã¨ã¹ãã§ã®å¤æ´ã«ãã£ã¦ãã¤ãã©ã¤ã³ã管çãã¢ããªã±ã¼ã·ã§ã³å´ã§PipelineRunãå®è¡ã - Problem: Disturbing application teamâs activity
ãã ããPipelineã®ä½æã失æããã¨ã¢ããªã±ã¼ã·ã§ã³å´ã§PipelineRunãå®è¡ã§ããã¹ã¿ãã¯ãã¦ãã¾ãã - Step#1: Pipeline end-to-end testing
ãã®ããããã¤ãã©ã¤ã³å®è¡ç¢ºèªå°ç¨ã®ãã¤ãã©ã¤ã³ãã¹ãç°å¢ãä½æã - Problem: Firefighting pipeline troubles
ç°ãªãã¢ããªã±ã¼ã·ã§ã³ã§ã¯ç°ãªããã¤ãã©ã¤ã³æ§ç¯ãå¿ è¦ã§ãããåå¥ã«ã¹ã¿ãã¤ãºãè¦æ±ãããã¨Pipelineéçºè ã«ä¾åãã¦ãã¾ãã - Step#2: Scaled pipeline with standardization
ãã¤ãã©ã¤ã³ä½æã®ã¹ã¿ã³ãã¼ãåããªã³ãã¼ãã£ã³ã°ãåãã¼ã ã§å®æ½ããã¼ã ãã«ãã£ã³ã°ã«ãã£ã¦å¯¾å¿ã
Journey 2: Pipeline as Code the hard way
ããããã¯ãSREãã¼ã ãPipeline Templateçæãã¼ã«ç®¡çããåã¢ããªã±ã¼ã·ã§ã³ãã¼ã å´ã§Pipelineãçæããéç¨ã
- Problem: One-size-fill-all Pipeline
ãã¹ã¦ã®ã¢ããªã±ã¼ã·ã§ã³ãã¼ã ãæ¨æºPipelineã«ç°ãªããã©ã¡ã¼ã¿ã¼ãå ¥ããã¨ããã©ã¡ã¼ã¿ã¼ãå¤ããã - Step#3: Composable pipeline
ãã³ãã¬ã¼ãã¨ã㦠CUE Lang ã使ããPipelineãã®ãã®ãçæã§ãããComposable pipelineãã®ä»çµã¿ãæ§ç¯ - Pipeline generation at glance
ãComposable pipelineãã®ä»çµã¿ã«ãã£ã¦ãPipelineçæã®å½¹å²ã¯ã¢ããªã±ã¼ã·ã§ã³ãã¼ã å´ã«ç§»è²ã
ã¢ããªã±ã¼ã·ã§ã³ãã¼ã ã¯å¿ è¦ãªã¿ã¹ã¯ãé¸ã¶ã ãã§ãããã«å¿ããPipelineãçæã§ããã - Implementing packages with tests
SREãã¼ã ã¯ãComposable pipelineãã®ä»çµã¿ããã¹ãããããã«ãæå¾ ãããããã§ã¹ãã¨ãCUEã«ãã£ã¦çæããããããã§ã¹ããæ¯è¼ãã¦ãã¹ãã - Problem: unstable packages
ä¸ã¤ã®ç°å¢ã§ãã¹ããã¦ãããããç°ãªãKubernetesãã¼ã¸ã§ã³ãã¯ã©ã¦ãAPIã«ãããã¹ãã«ãã¬ãã¸ãå°ãªãã£ãã - Step#4: Pipeline package testing Golangã«ãããã¹ããã¼ã«ãä½æããç°ãªãKubernetes APIã®ãã¹ããã§ããç¨ã«ãã¹ãã«ãã¬ãã¸ãå¢å¼·ã
- Demo
æå¾ã«DEMOã®å®æ½ãè¿æ¥Demoã³ã¼ããå ¬éäºå®!!
Conclusion
CUE Langã ã¨ã¡ã³ããã³ã¹ã§ãã人ãéããããããä»å¾ã¯CUEã§ã¯ãªãYAMLã§å¯¾å¿ã§ããããã«æ¤è¨ãTektonãã«ã¹ã¿ã Operatorã§æ¡å¼µãã¦ãããã¨ãæ¤è¨ã
My impressions
"Pipeline as Code"ã¨ããæ¦å¿µã¯ç¥ã£ã¦ãããã®ã®ãå®éã«Tekton Pipelinesã使ã£ã¦ããã¸ã§ã¯ããåãã¦ãã話ã¯åãã¦ã ã£ãã®ã§ãå人çã«è²ã
å¦ã¶ãã¨ãã§ãã¾ãããã¾ããããã§ã¹ãçææ¹æ³ã«é¢ãã¦ããæ®æ®µã¯KustomizeãHelm Chartã«æ
£ãã¦ãã¾ã£ã¦ãã¾ããããCUE Langã使ã£ã¦ããã®ãèå³æ·±ãã£ãã§ãã
ãã§ã«ãComposable pipelineãã®ä»çµã¿ã§ãããAdaptersã以ä¸ã«å
¬éããã¦ããã®ã§ãã½ã¼ã¹ã³ã¼ããããã¤ãã®ããã¦è¦ã¦ã¾ããã(ããã¾ã§è¦ããã ãã§ãããã¾ããwww)
ããã¤ãã®Adapters(Taskçæç¨ããªï¼)ããPipelineã®ä¸ã§ããããTaskãé¸ãã§ãCUEã§ã³ã³ãã¤ã«ãããã°Pipelineãçæãããã®ããªï¼ã¨å¦æ³ã
https://github.com/qmonus/official-cloud-native-adapters/tree/main/docs/cicd
ä¾: official-cloud-native-adapters/pipeline/scan/trivyGcp.cue
package trivyGcp import ( "strings" "qmonus.net/adapter/official/pipeline:utils" "qmonus.net/adapter/official/pipeline/tasks:trivyImageScanGcp" ) DesignPattern: { name: "imageScan:trivyGcp" pipelineParameters: { image: string | *"" shouldNotify: bool | *false } let _imageName = strings.ToLower(pipelineParameters.image) _scanTask: string if pipelineParameters.image != "" { _scanTask: { utils.#concatkebab input: [_imageName, "image-scan-gcp"] }.out } if pipelineParameters.image == "" { _scanTask: "image-scan-gcp" } â¦
社å
ãã¼ã«ã ãã§ã¯ãã£ãããªãã¨æã£ã¦ãã¾ãã»ã©ã¡ããã¨ããã¥ã¡ã³ãåãããã¦ããã®ã§ãSREã®ãªã³ãã¼ãã£ã³ã°ã®åãçµã¿ãç´ æ´ããããªãã¨æã£ã次第ã§ãã
Tektonã®ä¸ã«ã Pipeline as Code ã®ä»çµã¿ãããTektonHubããPipelinesçæãã§ããã®ã§ãä»å¾ã¯ãããããã¼ã«ã«ç½®ãæããã®ããªã¼ãã¨ãæå¾
ã
cdConå«ããããããã®æ¥çæ¨æºãè¦åãã¬ããã³ã¹ã確èªããCI/CDãã¤ãã©ã¤ã³ãæ´ã£ã¦ããã¨ãæ¥æ¬ã®Excel $ ç®grep
æåãæ¸ãã®ã«ãª~ãã¨æ¹ãã¦æããã¨ããã§ããã
ããã¾ãã
ãããã«
è²ã 宣ä¼ãããã
Pipelines with Tekton
ä»åç´¹ä»ããTektonã®ã¹ãã«ãã¹ããéå§ããã¾ãããæ¯éCDFã§ãGraduatedããã¸ã§ã¯ãèªå®ããã¦ãããTektonãããããã使ã£ã¦ããæ¹ã¯æ¯éææ¦ãã¦ã¿ã¦ãã ããã
https://cd.foundation/blog/2023/12/03/new-skillcred-pipelines-with-tekton/
CNCF Annual Survey
æ¯å¹´CNCFããæä¾ãããAnnual Surveyã§ãããæ¥æ¬ã®åççãæ¯å¹´ãããªã«å¤ããªãããã§ããæ¯éãã®æ©ä¼ã«åçã~ã
https://www.research.net/r/S5BY23R
Kubernetesãã¤ã¯ããµã¼ãã¹éçºã®å®è·µ
ãªãã¨ãªãã¨ãLINEã¤ãã¼æ ªå¼ä¼ç¤¾ãé»å¸¯ã®æ©å·ãããå·çããæ¸ç±ã2023/12/19ã«çºå£²ããã¾ãððð
æ¢åã¢ããªããKubernetesã«ãªãããã¦ããã!!ã¨ããæ¹åãã®ãã¦ãã¦ãã®ãã·ãªè©°ã¾ã£ãå¿
èªå³æ¸ã§ãã
Kubernetes CI/CDãã¤ãã©ã¤ã³ã®å®è£
Tekton & Argo ã®ä½¿ãæ¹ãä»çµã¿ãå·çãã¾ãã!! ãªããã ãã¶ã¾ã(è
æ¯éTekton & Argo(GitOps)ã®åå¼·ãªã©ã«ãæ´»ç¨ãã ãã!!
https://www.amazon.co.jp/dp/4295012750
Re: ããã¾ãã