Managing Kubernetes Environments with GitOps and CTO.ai

GitOps and CTO.ai provide an efficient method for managing Kubernetes environments. GitOps uses Git as a central source of truth for declarative infrastructure and application management, while CTO.ai automates deployment processes. This blog outlines the setup of a Kubernetes management system with GitOps principles and CTO.ai.

GitOps and CTO.ai

• GitOps is a modern approach that applies Git's version control system to manage infrastructure and applications. Changes in the infrastructure are implemented through pull requests, ensuring accountability and reviewability.
  
• CTO.ai is a Continuous Integration/Continuous Deployment (CI/CD) platform that automates your software delivery process, enhancing both the efficiency and reliability of your deployments.
  
  

Prerequisites

• CTO.ai Account and CTO.ai CLI installed
• Docker installed on your local machine
• Access to a DigitalOcean Account & DigitalOcean CLI installed on your machine
• Terraform Account
  

Organize Kubernetes Configurations in Git

• Initialize Your Git Repository: Keep all Kubernetes YAML configuration files in a dedicated Git repository. This includes deployments, services, and other Kubernetes objects.
  
• Structure Your Configuration: Organize your repository for clarity. Separate configurations for different environments (like production and staging) into different directories.
  
  

In this tutorial, we will be using the CTO.ai DigitalOcean Kubernetes CDKTF workflow. The DigitalOcean workflow is a PaaS workflow with GitOps / ChatOps features that support DO K8S, VPC, Spaces, LetEncrypt TLS, Container Registry & CDN via CDKTF.

Set up DigitalOcean Infrastructure

The DigitalOcean workflow is open-source on GitHub, and you can install it by cloning the repository.

git clone [email protected]:workflows-sh/do-k8s-cdktf.git


cd do-k8s-cdktf

Before starting, you must create your API and SPACES keys on DigitalOcean. These keys will be required for your workflow when writing your ops.yml file. In setting up the DigitalOcean Infrastructure, we’ll create five keys, the DigitalOcean Token from the Application API, the Terraform Token from your Terraform workspace, DigitalOcean Spaces Access, and the Secret key from the spaces token on the DigitalOcean UI, and the GitHub Token from GitHub.

CTO.ai will use these API keys to authenticate, request, and create your DigitalOcean Workflow.

• Next, after creating your API keys and Tokens, add them to your secrets vault on CTO.ai.

• Next, you can set up your DigitalOcean Infrastructure using ops run -b .  and set up your DigitalOcean resources. You can see all the stacks and packages created when you set up your DigitalOcean Infrastructure in the infrastructure repo src directory.

Using the predefined commands and configurations on CTO.ai, teams can automate the setup of their Kubernetes infrastructure on DigitalOcean. Below is a snippet of a CTO.ai configuration that aims to define commands for setting up, deploying, and managing services on DOKS.

Configure CTO.ai

• CTO.ai Configuration: In your Git repository, create an ops.yml file. This file defines the CI/CD processes in CTO.ai.
  
  
• Define Jobs and Workflows: Your ops.yaml should include jobs for Kubernetes deployments. Use kubectl within these jobs to apply your configurations. A simple example:

version: "1"
pipelines:
- name: kubernetes-deployment-pipeline:0.2.5
description: Deploy Kubernetes configurations using CTO.ai
env:
static:
- DEBIAN_FRONTEND=noninteractive
- STACK_TYPE=k8s-deployment
- ORG=cto-ai
- GH_ORG=workflows-sh
- REPO=kubernetes-configs
- BIN_LOCATION=/tmp/tools
- KUBE_CONFIG_BASE64= # Your base64 encoded kubeconfig file
secrets:
- GITHUB_TOKEN
- DO_TOKEN
events:
- "github:workflows-sh/kubernetes-configs:pull_request.opened"
- "github:workflows-sh/kubernetes-configs:pull_request.synchronize"
- "github:workflows-sh/kubernetes-configs:pull_request.merged"
jobs:
- name: kubernetes-deployment-job
description: Apply Kubernetes configurations
packages:
- git
- wget
- tar
steps:
- mkdir -p $BIN_LOCATION
- export PATH=$PATH:$BIN_LOCATION
- ls -asl $BIN_LOCATION
- KUBECTL_DL_URL='https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl' # Get latest kubectl
- wget $KUBECTL_DL_URL -O $BIN_LOCATION/kubectl
- chmod +x $BIN_LOCATION/kubectl
- echo $KUBE_CONFIG_BASE64 | base64 --decode > $BIN_LOCATION/kubeconfig
- export KUBECONFIG=$BIN_LOCATION/kubeconfig
- $BIN_LOCATION/kubectl version
- git clone https://oauth2:[email protected]/$GH_ORG/$REPO
- cd $REPO && ls -asl
- git fetch -a && git checkout "${REF}"
- $BIN_LOCATION/kubectl apply -f k8s-configs/staging/
services:
- name: kubernetes-service:0.1.6
description: Kubernetes deployment service
run: node /ops/index.js
port: ['8080:8080']
sdk: off
domain: ""
env:
static:
- PORT=8080
events:
- "github:workflows-sh/kubernetes-configs:pull_request.opened"
- "github:workflows-sh/kubernetes-configs:pull_request.synchronize"
- "github:workflows-sh/kubernetes-configs:pull_request.merged"
trigger:
- build
- publish
- start

Implement GitOps Workflow

• Branching Strategy: Use a feature branching strategy for development. New features are developed in branches and merged into the main branch when ready.
  
• Pull Requests: Implement changes in the Kubernetes environment through pull requests for code review.
  
• Automated Deployment: Merging changes to the main branch triggers CTO.ai to automatically deploy them to Kubernetes, as defined in ops.yml file.

Conclusion

Integrating GitOps with CTO.ai for Kubernetes management creates an automated, transparent deployment pipeline. This method enhances operational efficiency and deployment security, making Kubernetes management more effective and adaptable. Every change is tracked in Git and deployments automated through CTO.ai, resulting in a well-organized, scalable Kubernetes environment.

Ready to introduce CTO.ai to your team and enhance your workflows? Book a demo today!