class: center, middle # Welcome to DevOps State College --- # Why DevOps State College? * Build a community and make connections * Exchange ideas * Learn * Promote DevOps culture * Fun * Not tied to one vendor/technology --- # What is DevOps? Grand unification of philosophy around how to manage Development (programmers, application analysts, application owners, project managers) and IT Operations (system admins, network admins, security, data center, storage, database admin) in a tightly-integrated way. DevOps is the belief that working together as a collaborative team will produce better results, and break down barriers and finger pointing. --- # Future Presentations * Daryl Wiest - RPM Packaging Pipeline * Sam Leathers - Nix, Nixpkgs, NixOS, NixOps series of talks * YOU!!! - Whatever devops cool thing you want to talk about --- # Job Opportunities * AppliedTrust * AppliedTrust is hiring in Philadelphia, Dallas and Boulder offices. * For more information, see https://www.appliedtrust.com/jobs/ or talk to me afterwards --- # NixOps and Kubernetes * Why NixOps for Kubernetes deployments? * Why Nix for container creation? --- # Disclaimer THIS IS MOST LIKELY NOT READY FOR PRODUCTION! But... it's close. --- # Why??? * Why NixOps for Kubernetes deployments? * Why Nix for container creation? --- # Why NixOps for Kubernetes deployments? * Reproducibility * Easily spin up an identical host * Easy patching * Works with AWS, Azure, VMWare, qemu, xen and much more! --- # Why Nix for container creation? * Size Ubuntu containers are 188 MB. If your using alpine, it's already 5 MB, so not a huge difference. That's just the base. If you need a build environment in your docker container for compiling say a python module, this can go up in size really fast. * Reproducibility Nix is reproducible. Even if the binary caches are gone, you can be 100% sure you can rebuild your container later, just knowing the commit hash you used for nixpkgs. * Security Updating package components for security updates is easy. --- # Architecture Overview * digital ocean because it's cheap and easy * 3 nodes: samdev-kube01, samdev-kube02, samdev-kube03 * flannel for network overlay * etcd for k/v storage (SSL client cert auth) * kube01 is only master, all 3 are worker nodes --- # Following along... * ` git clone https://github.com/disassembler/devops-kubernetes` * `nixops create -d devops-kubernetes ./devops-kubernetes.nix` * `nixops deploy -d devops-kubernetes` * `nixops ssh -d devops-kubernetes samdev-kube01` --- # Slide break - looking at the code for setting up kubernetes nodes --- # Building an image with nix * dockerTools.buildImage * specify name, contents, runAsRoot and config * packages are built via nix (locally) and added to the build image --- class: center, middle # LIVE DEMO --- # Hello World of kubernetes kubectl run kubernetes-bootcamp \ --image=docker.io/jocatalin/kubernetes-bootcamp:v1 --port=8080 export POD_NAME=$(kubectl get pods -o go-template --template \ '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}') kubectl expose deployment/kubernetes-bootcamp --type="NodePort" --port 8080 export SERVICE_URL=$(kubectl get services/kubernetes-bootcamp \ -o go-template='{{.spec.clusterIP}}:{{(index .spec.ports 0).port}}') curl $SERVICE_URL kubectl scale deployments/kubernetes-bootcamp --replicas=4 kubectl set image deployments/kubernetes-bootcamp \ kubernetes-bootcamp=jocatalin/kubernetes-bootcamp:v2