I recently was a guest on StreamingClouds. StreamingClouds is a multicloud live stream by Microsoft CSA Kevin Evans and Microsoft MVP Robin Smorenburg. With topics ranging from cloud native to hybrid, security, architecture, strategy, careers, personal development, and more.
StreamingClouds is more than just a live stream podcast its also a diverse community where the members can all learn from each other.
To highlight what we covered in the episode, we discussed how to effectively use Microsoft’s AKS documentation, reference architectures, scripts, and tools for your AKS project. We also touched on GitOps, Fleet Management, Platform Engineering and more.
Here is a full description of what we covered on the episode: Starting an AKS project soon or in the middle of one and lost? Have you tried to use the Microsoft AKS documentation, reference architectures, scripts, and tools but feel stuck on what to use and when to use it? Let’s talk about it and get you the guidance you need. There is a formula and framework to using these AKS artifacts from Microsoft.
In 2022 I wrote a couple of blog posts that give guidance on how to utilize the Microsoft AKS artifacts and tools. In these blog posts I baked in experience from my days delivering AKS projects to Fortune 500 enterprises. We thought it would be a good idea to dive into the content from these live on the podcast talking through these topics to help listeners who are embarking on an AKS journey. Here aforementioned blog posts for reference:
Architecture Design: Baseline architecture for an Azure Kubernetes Service (AKS) cluster AKS Secure Baseline with Private Cluster AKS baseline for multi-region clusters AKS regulated cluster for PCI Advanced Azure Kubernetes Service (AKS) microservices architecture
Deployment: AKS landing zone accelerator AKS Construction Helper AKS Baseline Automation Azure Draft for AKS
Operation: Operations management considerations for Azure Kubernetes Service Azure Kubernetes Services (AKS) day-2 operations guide
I am kicking off the new year as a guest on the “AzureTalks” podcast by Rolf Schutten. Rolf is a Microsoft MVP based out of the Netherlands. The AzureTalks podcast is a free-form conversation with experts and advocates around the industry discussing various topics on Azure, its services, and integration points with Azure. Some of the topics also get into strategy career, personal development, and more. You can listen to podcast episodes on Google Podcasts, Spotify, and YouTube. You can find the website for this podcast here: www.azuretalks.com
The episode I am a guest on is #004 titled “Containerize apps to AKS with Azure Draft, and Hybrid with Azure Arc“.
In this episode, we discuss how developers can utilize Azure Draft to streamline taking their non-containerized app from code to running on AKS. Azure Draft takes you through the entire process from creating the container, the files needed to run on Kubernetes manifests, Helm charts, or Kustomize, pushing up to an Azure Container Registry, and deploying to AKS.
We also dive into GitHub, GitOps, the differences between push and pull methods with continuous deployment, and even we even touched on hybrid cloud strategies and what role Azure Arc plays in this space. Listen to the audio version of the podcast episode here:
I am excited to announce that I published a Python course on Pluralsight! This course is titled “Python for Linux System Administration“. This is my 17th course with Pluralsight overall and 6th for 2022. It will teach you how to utilize Python to administer Linux servers. This course is suitable for system administrators, DevOps engineers, and anyone working with servers running on cloud.
In this course, Python for Linux System Administration, you’ll learn the core of the Python language, various Python admin modules, & how to combine python scripts with other Linux tools for administration.
Here are some of the major topics that are covered in this course:
Gaining an understanding of the many benefits of using Python for systems administration.
What goes into setting up a Python environment and what IDE’s are the best options to assist you with your Python scripting.
How to install and use Python to Interact with the Linux System.
How to utilize Python modules such as the OS module & psutil to perform various administrative functions.
When you’re finished with this course, you’ll have the skills and knowledge about the core of Python, how it can be used for administration, why you would use it for administration, how to get setup for Python scripting, insight into Python administrative modules & scripts, as well as some real-world examples of administering Linux servers with Python.
I hope you find value in this new Python for Linux System Administration course. Be sure to follow my profile on Pluralsight so you will be notified as I release new courses!
Yesterday a new article titled “Build and deploy apps on AKS using DevOps and GitOps” was published. This is an article I was working on for a while and it is the first item of work that I can share publicly since joining Microsoft. I am working on many other things I can’t share publicly at the moment. :-)!
The article is a part of the Azure Architecture Center. This article is about modernizing end-to-end app build and deploy using containers, continuous integration (CI) via GitHub Actions for build and push to an Azure Container Registry, as well as GitOps via Argo CD for continuous deployment (CD) to an AKS cluster.
The article explores deploying a Python and Flask based app via two CI/CD approaches push-based and pull-based (GitOps). It is complete with a pros and cons comparison of both approaches and architecture diagrams for each that you can download. Here is a screenshot of the pull-based (GitOps) architecture:
The technologies used in this article and scenario include:
I hope that you find all of this useful. Now go check out the article and deploy the app using the approaches. Stay tuned for more from me at Microsoft and for more blog posts here!
With Kubernetes you will eventually, have the need to run stateful applications in Kubernetes. This is more common than you think. If you have never run stateful apps on Kubernetes before this can be a scary thing adding more moving parts to a Kubernetes cluster, deploying the app, as well as managing your stateful application/s on Kubernetes when it requires state.
In this blog post I am going to take you on a short journey to gain an understanding of Stateless vs Stateful applications, how storage works in Kubernetes touching on volumes, storage classes, persistent volumes (PC), and persistent volume claims (PVC), what Stateful Sets are, about Persistent state with pods, and good practices for running Stateful Apps on Kubernetes.
Stateless
A stateless app is an application program that does not save client data generated in one session for use in the next session with that client.
Stateful
A stateful app is a program that saves client data from the activities of one session for use in the next session.
The data that is saved is called the application’s state. Here is a visual covering the differences between Stateless and Stateful applications:
Volumes
Here is a breakdown of what volumes are:
A volume is a directory, typically with data in it, that is accessible to the containers in a pod.
A volume represents a way to store, retrieve, and persist data across pods through an applications lifecycle.
Volume modes in Kubernetes supports are Filesystem or Block.
Volumes are backed by different types of storage such as NFS, iSCSI, or other cloud storage (i.e. awsElasticBlockStore, azureDisk, gcePersistentDisk etc..).
When pods ceases to exist, Kubernetes destroys ephemeral volumes; however, Kubernetes does not destroy persistent volumes.
StorageClasses
Here is a breakdown of what volumes are:
Define types of storage tiers like Premium and Standard through Storage Classes in Kubernetes.
Give K8s admins a way to describe the “classes” of storage they offer.
StorageClasses define the provisioner, parameters, and reclaimPolicy used when a PersistentVolume is provisioned.
When a pod is deleted the underlying storage resource can either be deleted or kept for use with a future pod.
A reclaim Policy controls the behavior of the underlying storage resource when pod & the its persistent volume are no longer required.
Example of a configuration file for a StorageClass:
Allows for manual reclamation of the resource. The PV is not available for another claim due to previous claimant’s data remaining on the volume. A K8s admin must manually reclaim the volume.
Delete –
The delete reclaim policy removes the PV resource from the K8s cluster, & the associated storage asset such as cloud storage, NFS etc…
Recycle –
Performs a basic scrub on the volume & makes it available again for a new PVC.
Persistent Volumes (PVs)
Here is a breakdown of what Persistent Volumes are:
A persistent volume (PV) is a storage resource created and managed by the Kubernetes API that can exist beyond the lifetime of an individual pod.
A Persistent Volume can be manually provisioned by an Kubernetes admin or dynamically provisioned using Storage Classes by the Kubernetes API server.
Dynamic provisioning uses a StorageClass to identify what type of storage (NFS, iSCSI, or cloud-based) needs to be created.
Example of a configuration file for the PersistentVolume:
Let’s take a look at how the lifecycle of volumes and claims flow:
StatefulSets
Here is a breakdown of what Stateful Sets are:
StaefulSets are Kubernetes objects that are used when we need each pod to have its own independent state & use its own individual volume.
With StatefulSets each pod is assigned a unique name & the unique name stays with it even if the pod is deleted & recreated.
Headless services are primarily used when we deploy statefulset applications. Headless services don’t operate like load balancers. Headless services are not assigned IPs like a regular service is.
StatefulSets are typically used when the following is needed:
unique network identifiers for pods
persistent storage for retaining data
Ordered, graceful deployment, & scaling of pods
Ordered, & automated rolling updates of the app
Some Good Practices When Running Stateful Apps on Kubernetes
That wraps up this blog post! Thanks for reading and stay tuned to my blog for more content on Kubernetes soon.
Recently Codefresh launched the 1st certification in its GitOps certification path. This one is called “GitOps Fundamentals“. You can find it here: https://codefresh.learnworlds.com .
It takes you through the basics of GitOps to gain theoretical knowledge, and how to utilize Argo CD as the GitOps operator to gain hands-on knowledge. You will learn about both and will have questions on both in the quizzes and final exam.
They also touch on Argo Rollouts to go over Progressive Delivery with topics such as blue/green deployments and canary deployments. This is the 1st ever GitOps certification and it’s free! They do have plans for GitOps at Edge and GitOps at Scale certifications.
You can find more information about the GitOps certification and Codefresh’s future plans for it on this blog by Hannah Seligson (one of the authors of the course and exam) here: https://codefresh.io/blog/get-gitops-certified-argo.
I jumped all over this opportunity to get certified on GitOps, by signing up for the course, taking the training, and the exam! I passed and now I am GitOps certified.
Here is the certification:
GitOps is gaining adoption more and more every day in the Kubernetes space. Also, Argo CD is growing extremely fast as one of the top if not the top GitOps operator. I recommend you check this Codefresh GitOps certification out and get GitOps certified as this pattern and the technology behind it are growing at a super fast rate.
Also note, it looks like Weaveworks is planning to launch a “Certified GitOps Practitioner (CGP)” certification soon. I would guess the Weaveworks GitOps certification will contain content on Flux another GitOps operator. You can learn more about their coming GitOps certification here: https://www.weave.works/certified-gitops-practitioner
Also for more training on GitOps and Argo CD be sure to check out my GitOps and Argo CD courses on Pluralsight here:
I am very excited to be a part of a new Microsoft Azure Hybrid Cloud Study Hall series. This is a free fourteen-part weekly series that starts in April running through June.
In this study hall, you will learn how you can manage your on-premises, edge, and multi-cloud resources, and how you can deploy Azure services anywhere with Azure Arc and Azure Stack.
In this series, each session covers working with hybrid cloud resources using Azure services and hybrid cloud technologies. In these sessions we will:
Answer your questions live
Walk-through how to configure hybrid cloud resources
Walk-through how to deploy hybrid cloud resources
Walk-through how to manage hybrid cloud resources
In these sessions, together with you, we will work through Microsoft Learn modules focused on Azure Arc and Azure Stack HCI.
We have a solid lineup of speakers from Microsoft and the community! And I will be co-delivering two sessions myself.
Some of the speakers and moderators
Check out this video Microsoft marketing made where I talk about the sessions:
This was a fun podcast with Jez Ward, and Dave Chapman of Cloudreach. They run a podcast called Cloudbusting. On the podcast they focus on transformation, leadership, ways of working and emerging technology they explore the significant impact that cloud is having on people and businesses.
On this podcast episode, we set out to answer very important questions such as what are Jucy Lucy’s?, what are root Canals like today? oh, and yeah we also spend some time talking about what Containers, Kubernetes, & GitOps are and how they fit in the cloud.
With the growth of Kubernetes, the complexity & needs have also grown. IT Professionals need help with the operational & security challenges of managing Kubernetes clusters across multiple clouds, on-premises, & the edge.
My new course will teach you how to use Rancher for multi-Kubernetes cluster management, streamlining Kubernetes cluster deployments, & unified multi-Kubernetes cluster app management. When you’re finished with this course, you’ll have the skills and knowledge of Rancher needed for multi-K8s cluster management.
There is a learning path on Pluralsight focused on Kubernetes management. This is my 3rd course in the Kubernetes Management pathtitled “Kubernetes Tooling and Techniques” on Pluralsight. My other courses in the path are: “GitOps: The Big Picture” and “Getting Started with Argo CD“. You can get to the path using this link: https://app.pluralsight.com/paths/skills/kubernetes-tooling-and-techniques
I hope you find value in this new Getting Started with Rancher course. Be sure to follow my profile on Pluralsight so you will be notified as I release new courses related to Kubernetes and other topics!
As Kubernetes adoption continues to grow so does GitOps. GitOps has been increasing in adoption and popularity among enterprises at a fast rate as well. Here is what GitOps is: “GitOps is an operating model pattern for cloud-native applications & Kubernetes storing application & declarative infrastructure code in Git as the source of truth used for automated continuous delivery.” GitOps puts Git at the center of continuous delivery making git the Source of Truth describing the desired state of your entire system. For a deeper dive into GitOps check out my GitOps course on Pluralsight here: https://app.pluralsight.com/library/courses/gitops-the-big-picture
In the GitOps model, you need GitOps operators. GitOps Operators are software agents that continuously monitor your apps running on your Kubernetes clusters comparing the live state of your app against the desired state you have defined in your Git repository. These GitOps Operators ensure the desired state is in place on your Kubernetes clusters performing create, update, delete activities on your Kubernetes clusters as needed.
This is where Argo CD comes into the picture. Argo CD is one of the top GitOps Operators. It provides declarative, continuous delivery to your Kubernetes clusters. It was created by a team at Intuit in 2018 and later open-sourced. I am going to write a few blogs exploring the use of Argo CD with AKS. This will be the first of the series walking through the deployment of Argo CD to AKS. In the next post, we will deploy an app to Kubernetes using Argo CD and see where the topic goes from there. Now let’s dive into deploying Argo CD to AKS. Here are the steps:
Connect to your AKS cluster from the Azure Cloud Shell by running the following:
# Set your subscription
az account set –subscription YOURSUBSCRIPTIONIDHERE
# Connect to your KS cluster
az aks get-credentials –resource-group YOURRESOURCEGROUPNAME –name CLUSTER NAME
Next let’s create a namespace for Argo CD to deploy all of its components in. To do this run:
kubectl create namespace argocd
Next we can install Argo CD into the new namespace we created. We will reference Argo CD’s GitHub repository for the latest Argo CD operator. Run the following:
You should end up with many objects in the Argo CD namespace.
By default, the Argo CD is not accessible externally. It is deployed with a service type of ClusterIP.
Leaving it at ClusterIP is fine but for the purposes of this blog/lab and getting started lets change this so we can easily access the ArgoCD Server website. # Change the argocd-server service type to LoadBalancer. To do this run the following:
Now you will be able to see that the argocd-server service type has been changed to a LoadBalancer type. This means that it now has a public Azure load balancer attached to it with an external IP.
NOTE: This is not recommended in production environments. Only use in a lab or dev environment. In production environments, it is recommended to use an ingress for the Argo CD API server that is secured.
Argo CD auto generated a password during the deployment. We need to get the Argo CD password so we can log into it. To get the password run the following:
You will see the password in readable format so you can copy it such as shown in the screenshot.
Note the default Argo CD username is admin.
To access the Argo CD web portal you need to access the Argo CD API Server. To do this you can either do this from the external IP of the argo-cd object or the via the Argo CD CLI using the following:
argocd login <ARGOCD_SERVER>
The Argo CD web portal will look like:
That’s it! You have Argo CD deployed on your AKS cluster. In the next post, I will walk through deploying a simple app to your Kubernetes cluster via Argo CD.
