Bret's Cloud Native DevOps #12
What's new this week
🔴 Live show: Cloud Native Runtime Security with Falco (Ep 210)
Thursday, Apr 6, 10am Pacific, 1700 UTC
Join Matt and me Thursday to learn Falco! We'll welcome Jason Dellaluce and Luca Guerra from Sysdig to talk about Falco, a tool I recommend for production clusters and knowing about any bad behavior on your servers.
What I'm working on
✅ Autodeploy course: Cohort 1 finished - lessons learned ✅
Well, we finished our first cohort of Automate Your Deployments on Kubernetes with GitHub Actions and Argo CD GitOps. Phew! 😮💨 It's always very satisfying to complete a project you've worked so hard on. We learned a ton about running these live courses and we're already applying those lessons to the next cohort we'll hold (likely in 2-4 months). We're thankful to the 14 students in this beta version and their patience with our hiccups.
I'm already applying more production lessons and architectures to the GitHub Actions examples and the Argo CD deployment options for the next round of engineers (get on the waitlist if you're interested). One interesting output of these "beta testers" is that many came for one tool or the other. This tells me you don't have to be "new to both tools" to get a lot out of the course. GitHub Actions and Argo CD are two sides of the CI/CD coin.
GitHub Actions examples
You've seen my growing set of GitHub Action examples, right?
Learning from that first cohort of students, I am working on a few more examples for container DevOps.
First, I just merged this one showing how you can reuse a Docker build+push workflow for a PR workflow, and how you can "promote" that image to a different registry by reusing the same workflow in a different job of the same workflow.
A GitHub Action example that links your CI image builds to your CD
Coming soon: One workflow example I thought would help teams trying to create a unified CI+CD workflow for containers was to have a GitHub Action job that will wait for your image to build+push and then auto-create a GitOps PR with that new image tag. I haven't seen teams do this extra "glue" step yet, often using the Argo CD Image Updater instead, which is limited and only partial-GitOps IMO (since it updates Kubernetes before it makes a git commit).
What do you think? Would a GitHub Actions Workflow that PRs your YAML with a new prod image help you? I'm seeking feedback and thumbs up on a new GH Issue proposing this idea for a workflow.
🐦 Tweet of the week
Here's a good reminder that every container runtime (and orchestrator) I've used won't shutdown or restart a healthy container by default. I call it the container runtime oath of "first, do no harm."
👀 In case you missed it
(headlines from last week's newsletter that you can skip if you already read it)
🔴 Monthly cloud native DevOps AMA (Ep 209), Mar 30, 2023
🐳 UPDATE: Docker no longer sunsetting Free Org on Docker Hub
Docker announced on March 24 they are canceling their plans for Free Org sunsetting on Docker Hub and refunding money anyone spent to upgrade. The open source maintainer community was vocal on their confusing plans weeks back, and docker heard their message and stopped all plans to change Hub plans. 🥳
🚀 Podcast
Ep 128: Calico Networking for Kubernetes and More
We released a podcast where I talk with Calico's Tomas Hruby from Tigera. We discuss how Calico can be used in many places, including Linux, Windows, containers, bare metal, eBPF, or IP tables mode. And many of us have learned about it through the Kubernetes CNI program.
Thinking of becoming a paying member?
Have you thought about my Membership Subscriptions? You can support all my free content and also get benefits on bretfisher.com/members.
★Join my community elsewhere★
Best coupons for my Docker and Kubernetes courses
Chat with me and fellow students on our Discord Server DevOps Fans
Grab some merch at the Loot Box
Homepage bretfisher.com
Glad you're here, and I'll see ya next week 👋