In this video, Dan Gordan, Manager at GitLab talks about reinventing your pipelines with GitLab, Kubernetes, and Amazon EKS (Elastic Kubernetes Service).
In this session, you will learn how deploying pipelines can be made easier by GitLamb automated CI/CD configuration modes. In addition, this video will also illustrate how GitLab integrated Kuberted can be used efficiently.
At 1:09, Dan states that GitLab has a belief that everyone can contribute, be it a naive or well-trained developer. It is strongly believed that DevOps will ensure there is a tight and a rapid iterative process for the deployment of the changes.
The speaker also adds that in recent years, devops has become more popular. DevOps is basically the method of building and delivering software of the highest quality. With this process, both the development and the operational activities can be brought together. At 7:37, Mr.Dan begins the demo by briefing about a simple application that already runs on a server and is accessible through GitLab.
A Person who is a project administrator or a group administrator or an administrator of the entire instance will have the permission to choose the ‘Operations’ menu and access the Kubernetes. You can choose any of the clusters from the Kubernetes cluster dashboard. Once you click the cluster, you can view the cluster health, usage metrics, and memory usage metrics data. While adding a new Kubernetes cluster with a connection to GitLab, make sure to choose the option ‘Creating a cluster on EKS’.
Process of reinventing your pipeline
At 15.08, the speaker mentions that once the app is live and running, the site speed IO will be run. The site speed IO test will baseline on the first install. This will help the customers to analyze if the recent code change has resulted in an increase in latency or has slowed down the user experience by some percentage. The merge request will keep updating itself with the latest pipeline.
The output of the code quality scan, vulnerability scan also will be provided by GitLab. If the recent code change has resulted in a security vulnerability, the developer can click on the specific vulnerability to know more details about it. You can know the severity of the vulnerability, possible actions, and also the link of the code that is possibly causing the security vulnerability.
This will enable the developers to fix the problem as early as possible. In addition, the developer also has an option to create an issue for the vulnerability for tracking purposes. The developer also has the option to dismiss a vulnerability by providing a comment. This information will be reported in the team’s dashboard.
At 17:16, Dan mentions that the developer can also view the report of licenses. Some code changes might result in new licenses while some code changes don’t. The report will provide you detailed analysis in case of new licenses.
The developers will also have the ability to manage the licenses, add or remove licenses. The team can set permission policies to allow controlled access by the developers to modify the license. Team leads or managers can flag certain vulnerabilities so that the members of the team know the severity of a vulnerability while the code scan happens.
We can also set the approval rules, code review rules to ensure the code changes made are safe to be merged and deployed. Team managers or people who have authority for code review can decline to approve to ensure the code is never merged to the mainline branch.
Once the tests are executed successfully and approved, you can merge the code changes. This will kick off the release pipeline. In this phase, the tests and scans are executed again to ensure there was no code change done between the time we deploy and the last run.
This is then followed by Dasht validation and then the changes are sent to the staging environment. Once the changes reach the staging phase, someone from the team can review the changes manually, validate and give it a manual rollout. At 20:12, Mr. Allan explains that the developers can now see the environments where the changes are deployed in their environments dashboard.
He adds that DevOps is not just about creating software and putting it up on servers but also deals with what happens once the users are using the application. Monitoring is made possible using ‘Prometheus’. By default, you can view the throughput, error rates, latency graph metrics, and also information on your infrastructure and cluster resources. In this video, Mr.Dan has clearly illustrated how the code changes can be made easily with GitLab, Kubernetes and Amazon EKS.