{"id":13549972,"url":"https://github.com/stefanprodan/gitops-app-distribution","last_synced_at":"2025-04-02T23:31:30.456Z","repository":{"id":72481551,"uuid":"211805788","full_name":"stefanprodan/gitops-app-distribution","owner":"stefanprodan","description":"GitOps workflow for managing app delivery on multiple clusters","archived":true,"fork":false,"pushed_at":"2019-10-01T13:01:04.000Z","size":87,"stargazers_count":23,"open_issues_count":0,"forks_count":6,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-11-03T19:37:30.444Z","etag":null,"topics":["flagger","fluxcd","gitops","istio","kubernetes","kustomize","linkerd","progressive-delivery"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stefanprodan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2019-09-30T07:52:41.000Z","updated_at":"2024-08-22T00:31:37.000Z","dependencies_parsed_at":"2023-03-10T22:30:13.408Z","dependency_job_id":null,"html_url":"https://github.com/stefanprodan/gitops-app-distribution","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stefanprodan%2Fgitops-app-distribution","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stefanprodan%2Fgitops-app-distribution/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stefanprodan%2Fgitops-app-distribution/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stefanprodan%2Fgitops-app-distribution/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stefanprodan","download_url":"https://codeload.github.com/stefanprodan/gitops-app-distribution/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246910976,"owners_count":20853652,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["flagger","fluxcd","gitops","istio","kubernetes","kustomize","linkerd","progressive-delivery"],"created_at":"2024-08-01T12:01:27.600Z","updated_at":"2025-04-02T23:31:27.713Z","avatar_url":"https://github.com/stefanprodan.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"# gitops-app-distribution\n\nAs a software vendor I want to distribute my application in a reliable manner to service providers\nthat will host the app on their own Kubernetes clusters e.g. EKS, AKS/Linkerd, GKE/Istio.\n\nThe application is composed of several containerized micro-services: [frontend](dist/base/frontend),\n[backend](dist/base/backend), [cache](dist/base/cache) and [database](dist/base/database).\nEach micro-service receives periodically updates via container image releases and configuration changes.\nThese updates should be tested in isolation with automated e2e testing. \nOnce the updates are made available to service providers, the release on production clusters\nshould be gated by conformance tests.\n\nIn order to ensure that the service providers SLAs are not being broken by new releases,\nthe release process will expose a micro-service new version to live traffic in a progressive manner,\nwhile measuring the service level objectives (SLOs) like availability, error rate percentage and average response time.\nIf a drop in performance is noticed during the SLOs analysis, the release will be automatically rolled back\nwith minimum impact to end-users.\n\nService providers should have the option to customize the app to fit their SLAs e.g. set different \nresources requests and limits, tweak the auto-scaling thresholds or manual approval of canary releases.\n\nTechnical solution:\n* create a repository with the manifests required to distribute the app on Kubernetes\n* create a dedicated distribution for each service provider environment type\n    * [Kubernetes without a service mesh](dist/app-kubernetes/README.md)\n    * [Kubernetes with Istio](dist/app-istio/README.md)\n    * [Kubernetes with Linkerd](dist/app-linkerd/README.md)\n* use Kustomize to build each environment type (distribution) while keeping the YAML duplication at minimum\n* use GitHub Actions and Kubernetes Kind to validate changes\n    * [validate manifests](ci/e2e-kubeval.sh) with kubeval\n    * [end-to-end testing](.github/workflows/main.yml) for Kubernetes, Istio and Linkerd distributions\n* use [Flux](https://fluxcd.io) to distribute changes on the service providers clusters\n    * reconcile a target cluster with an app distribution\n    * monitor the base distribution and update the target cluster on spec changes\n* use [Flagger](https://flagger.app) to automate the production releases on the service providers clusters\n    * run conformance tests before exposing an updated micro-service to live traffic\n    * run canary style deployments with progressive traffic shifting for _frontend_ and _backend_ micro-services\n    * run blue/green style deployments for _cache_ and _database_ micro-services\n\n## Distribution\n\n![GitOps](docs/diagrams/gitops-dist-overview.png)\n\nA service provider will use Kustomize and FluxCD to deploy the app on production clusters.\n\nGit repository structure:\n```\napp/\n├── .flux.yaml\n└── kustomization.yaml\n```\n\nThe service provider will use one of the distributions as the kustomization base:\n`dist//app-kubernetes` or `dist//app-istio` or `dist//app-linkerd`.\n\nkustomization.yaml\n```yaml\napiVersion: kustomize.config.k8s.io/v1beta1\nkind: Kustomization\nnamespace: app\nbases:\n  - github.com/stefanprodan/gitops-app-distribution/dist//app-istio?ref=1.0.0\n```\n\nThe service provider can further customize the application installation, for example on an Istio cluster, the ingress \ncould be replaced with Istio Gateway and on a Linkerd cluster the ingress could be replaced with Gloo.\n\n.flux.yaml\n```yaml\nversion: 1\ncommandUpdated:\n  generators:\n    - command: kustomize build .\n```\n\n## Change management\n\nLet's assume the vendor wants to release a new frontend version that requires \nconfiguration changes as well as a container image update.\n\nVendor workflow:\n* the frontend team releases a new container image tagged `frontend:v2.0.0`\n* the frontend teams creates a PR with the frontend image tag and configuration file changes\n* the PR is being validated in CI with e2e tests for all distributions (Kubernetes, Istio, Linkerd)\n* the PR is merged into master followed by a GitHub release e.g. `1.1.0`\n\nService provider workflow:\n* the provider is notified about the update\n* the provider create a PR on one of the production cluster git repos and changes the base to `dist//app-istio?ref=1.1.0`\n* the PR is being validated in CI with e2e tests for the Istio distribution\n* the PR is merged into master\n* Flux detects the changes in git and fetches the upstream manifests\n* Flux applies the kustomization on the cluster\n* Flagger detects that the frontend image and configuration file has changed\n* Flagger runs the conformance tests for the frontend micro-service\n* Flagger starts to gradually shift traffic towards the new frontend version\n* Flagger runs the canary analysis and validates the service level objectives (SLOs)\n* Flagger promotes the new frontend version by upgrading the config and rolling the v2 image in production\n* Flagger notifies the service provider on Slack or MS Teams that frontend was updated\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstefanprodan%2Fgitops-app-distribution","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstefanprodan%2Fgitops-app-distribution","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstefanprodan%2Fgitops-app-distribution/lists"}