In this blog post, we will be using GitOps to deploy a sample Helidon application into Verrazzano. GitOps is a practice of using modern source control techniques to manage the source of record for a system, either infrastructure or applications, or both. This practice has become common in managing the desired state of Kubernetes clusters. Using an agent or controller within the Kubernetes cluster to watch for changes within a git repository, then applying those changes to the cluster is a secure way to achieve GitOps. Verrazzano is a hybrid, multicloud Kubernetes-based Enterprise Container Platform for running both cloud-native and traditional applications. Verrazzano deploys Rancher Fleet by default. We can use Fleet to deploy applications within Verrazzano via GitOps.
We will deploy the sample Helidon application hello-helidon using the resources from git found here.
First, we need to create the namespace for the application and label it to be managed by Verrazzano and Istio with these two commands:
$ kubectl create namespace hello-helidon
$ kubectl label namespace hello-helidon verrazzano-managed=true istio-injection=enabled
Second, we need to define a git repository to watch for content to persist to Verrazzano. The following describes the YAML representation of that git repository:
—
kind: GitRepo
apiVersion: fleet.cattle.io/v1alpha1
metadata:
name: hello-helidon
namespace: fleet-local
spec:
repo: https://github.com/verrazzano/verrazzano
revision: fleet-blog
paths:
- examples/gitops-fleet
- examples/hello-helidon
targets:
- name: local
clusterSelector:
matchLabels:
name: local
—
We save the preceding YAML to a file named hello-helidon-repo.yaml and run the following command:
$ kubectl -n fleet-local apply -f hello-helidon-repo.yaml
The documentation for Rancher Fleet resources are found here.
Following the creation of the gitrepo resource, there is a watch placed on the git repository, and the resources defined in the repository will be persisted to Verrazzano. In this case, the Application Configuration and Component resources are created in the hello-helidon namespace. The following are commands and sample output that display the resources created.
$ kubectl -n fleet-local get gitrepo
NAME REPO COMMIT BUNDLEDEPLOYMENTS-READY STATUS
hello-helidon https://github.com/verrazzano/verrazzano acd16af41d524fca3a6f436ab0c896202f0c931d 2/2
$ kubectl -n hello-helidon get appconfig
NAME AGE
hello-helidon-appconf 11m
$ kubectl -n hello-helidon get components
NAME WORKLOAD-KIND AGE
hello-helidon-component VerrazzanoHelidonWorkload 11m
$ kubectl -n hello-helidon get all
NAME READY STATUS RESTARTS AGE
pod/hello-helidon-deployment-5f59b4864d-x7w7v 1/1 Running 0 12m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/hello-helidon-deployment ClusterIP XX.XX.XX.XX <none> 8080/TCP 12m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/hello-helidon-deployment 1/1 1 1 12m
NAME DESIRED CURRENT READY AGE
replicaset.apps/hello-helidon-deployment-5f59b4864d 1 1 1 12m
By using GitOps with Verrazzano and Fleet, we have declared the desired state of the sample Helidon application in git. We set a watch upon the repository with the Rancher Fleet gitrepo resource. Fleet persisted the watched resources from git to Verrazzano, and Verrazzano created Kubernetes resources based on the Application Configuration and Components.
Now we edit the hello-helidon sample application to scale the Helidon workload to 2 replicas. This is completed by editing the Application Configuration in the source code and adding a ManualScalerTrait, setting the replicaCount to 2. Then we push that commit to the git repository.
apiVersion: core.oam.dev/v1alpha2
kind: ApplicationConfiguration
metadata:
name: hello-helidon-appconf
namespace: hello-helidon
annotations:
version: v1.0.0
description: "Hello Helidon application"
spec:
components:
- componentName: hello-helidon-component
traits:
- trait:
apiVersion: oam.verrazzano.io/v1alpha1
kind: MetricsTrait
spec:
scraper: verrazzano-system/vmi-system-prometheus-0
- trait:
apiVersion: oam.verrazzano.io/v1alpha1
kind: IngressTrait
metadata:
name: hello-helidon-ingress
spec:
rules:
- paths:
- path: "/greet"
pathType: Prefix
becomes:
apiVersion: core.oam.dev/v1alpha2
kind: ApplicationConfiguration
metadata:
name: hello-helidon-appconf
namespace: hello-helidon
annotations:
version: v1.0.0
description: "Hello Helidon application"
spec:
components:
- componentName: hello-helidon-component
traits:
- trait:
apiVersion: core.oam.dev/v1alpha2
kind: ManualScalerTrait
spec:
replicaCount: 2
- trait:
apiVersion: oam.verrazzano.io/v1alpha1
kind: MetricsTrait
spec:
scraper: verrazzano-system/vmi-system-prometheus-0
- trait:
apiVersion: oam.verrazzano.io/v1alpha1
kind: IngressTrait
metadata:
name: hello-helidon-ingress
spec:
rules:
- paths:
- path: "/greet"
pathType: Prefix
The following are commands and sample output that display the resources created:
$ kubectl -n fleet-local get gitrepo
NAME REPO COMMIT BUNDLEDEPLOYMENTS-READY STATUS
hello-helidon https://github.com/verrazzano/verrazzano d215861508f498f29f3044f604721e22a138f567 2/2
$ kubectl -n hello-helidon get all
NAME READY STATUS RESTARTS AGE
pod/hello-helidon-deployment-6b8ccf45b7-s977d 2/2 Running 0 83s
pod/hello-helidon-deployment-6b8ccf45b7-z4pxw 2/2 Running 0 80s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/hello-helidon-deployment ClusterIP XX.XX.XX.XX <none> 8080/TCP 85s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/hello-helidon-deployment 2/2 2 2 85s
NAME DESIRED CURRENT READY AGE
replicaset.apps/hello-helidon-deployment-6b8ccf45b7 2 2 2 85s
Now we see the gitrepo shows an updated commit and there are two pods running the hello-helidon sample application. We have successfully made a change in the git repository and that change resulted in the desired state changing in Verrazzano via GitOps.