 Fredrick Harper is a prisonable developer advocate at Kube first. He helps developers and develops Be successful with their Kubernetes journey. He has also shares his passion for technology on the stage at various events He's helped build successful and healthy community communities at Microsoft digital ocean and Fitbit He's also the author of a personal a book personal branding for developers at a press Behind the extrovert and his passion individual who builds in the power of communication and cat videos Thank you for listening without further ado meet Frederick Harper. I usually don't need a mic, but I think you're recording That is luxury having an intro. Thanks. Thanks. Thanks. Appreciate that. That's gonna be a quiet day So you're gonna have like a private talk just for you folks Super excited to be here. My name is for the day Harper as I forgot your name. I'm really bad with name Come on. Yeah, so thanks for the intro My name is Fred. Super happy to be here. Actually, that is my first time at scale second talk yesterday I don't know if some of you were in the talk yesterday. I give a talk about like what the heck is Kubernetes? basically an introduction about like, you know that word that we hear quite often and Sometimes we may not know what it is about Has the intro said I'm a principal developer advocate at Kube first. What does that mean? My job is to give love to developers. I'm the friendly social approachable technical face of the company and During the talk feel free if you're on Twitter, I'm not gonna say X. I'm still calling that Twitter. There is no way I'm gonna call this X. Yeah, I know it's just like a stupid branding. Anyway, that's my opinion But I'm f-harper on Twitter. So feel free to tweet stuff that I share Disagree with things that I'm gonna say take pictures of the slides of my beautiful face Whatever you want. Let's connect on Twitter. Let's connect on LinkedIn and on that note today I'm gonna talk about our go CD basically introducing you to our go CD and talking a little bit more about like her go CD waves Which is the title of the talk surfing the our go CD way Which which is a little bit weird because I don't surf But still that's gonna be the talk today We only have an hour together. I could probably talk about our go CD for a longer time than that so today when I was creating that talk my goal was to Introduce you to what is our go CD has a tool that will help you in your cloud native journey and trying to Help you to get started with our go CD so you can go back at home you can go back at work and Try the application try the technology or at least try to get your hands dirty a little bit with the Technology so obviously we won't see everything about our go CD today But hopefully that's good enough to hear tell you like hey That's the technology that makes sense for me or yeah No, what Fred told us for the last 45 minutes bullshit. It's not interesting to me So you decide what makes sense, but I'm super excited about that technology for this talk I expect some basic knowledge of some technology So we can move faster to the rest So I expect that you have a little bit of knowledge about communities So I'm not gonna go in details. You don't need to be an expert. You need to know a little bit how it's working how it is What is Kubernetes? But don't be afraid if you're not like Someone who's using Kubernetes every day. You still got to get good information about our go CD I Expect you to have a little bit of knowledge about helm again not that important actually I should probably even have removed that on that like warning slide Because I'm gonna I'm not even gonna use helm. I think I don't remember actually my talk So but I assume I don't use it that much a little bit of knowledge about get or things like get up and YAML because again, I'm not gonna explain the YAML But I'm gonna show some YAML file where I'm gonna explain a little bit the content of those file again Those are really you just need to have like high level knowledge about those technology to really be able to follow that talk You do not need to be an expert Specifically about things like YAML. I was saying in my talk yesterday when I started to Go in the cloud native way. Good. I hated YAML. I was a Jason person YAML was like a pain in my heart That was terrible. I hated it so much and now now it took me a while It took me a while But now I'm a huge fan. I don't have to put brackets everywhere I don't have to put double quotes everywhere. It seems like it's a it's a little bit cleaner when you have to define something With that said, let me start. Oh, let me start with a quick introduction about get ups because That's gonna be important to understand a little bit just really again high level the get ups principle to understand what I'm gonna show you when it comes to our go CD because Even before explaining our growth CD. Let me just do a quick introduction so What we used to do Has developer We have her code We put her code on get somewhere or if you've been doing that for a long time prior to get you were doing that on like SVM SVN or like was it see CVS or CSV? I don't remember. That's a long time ago. I Still have nightmare say that again Which one oh god, no, please no no no no or what was the Microsoft technology to Yeah, yeah that thing Gave me nightmares Like as much as like when I again with every technology I think we have like a little bit like oh no things are changing But like once you get used to it like I get used to get and I was like oh my god That is so much better on so many level like it's a little bit more complicated to get the grasp out of it But once you have it anyway, I'm going in all direction So we put our code on get whatever get up get lab something internally We have a CI CD pipeline that basically deploy your stuff and we put this on the cloud Whatever the cloud means that could be on-prem that could be a server in your word work Word Rob I don't know why I struggle with that we're in English at your house. You just put your code somewhere actually your Like countries delivery platform will put the code out there and this is basically what we were doing Mostly at the beginning when we're talking about DevOps slowly and Part of get ups we are heading infrastructures code, you know things like terraform where you define your infrastructure with code Which is a thing of beauty. I love that so much So you may have done that in there in your DevOps journey or has developer But now it's really part of get up. So now it's an important part you have to do infrastructures code And you're also going to put your configuration So you put everything in get get become your source of truth But there's also a difference in the way that you're going to deploy your application So, you know that CI CD we always say CI CD like they're like brothers or sisters and like they are need to stick together Now we separate them Because at the beginning there are two different things, but we always talk about CI CD But now you still have your continuous integration You still have like that CI pipeline that do some testing that really some like new versions you new chart new images Do whatever you have to do in your CI pipeline, but now we decouple the CI in the CD pipeline and Another thing that is different is that prior to that Get was pushing things to the CD platform mostly and the CD platform was doing thing deploying and stuff like that But now when it comes to get ups the CD platform will and please if there is a better way to put that in a diagram Like the pulling image I tried to do it But like the CD will go and get pull the information and bring you back to the CD platform Why? To deploy that to Kubernetes cluster so get ups is really a way of doing things that is really specific to cloud native some pieces of it Are part of like what we used to do every day, but they're put together And why the CDD is pulling the information from the get now It's because on your cluster you have an Argo CD agent that basically Plown your git repo and I will talk a little more about that why it is happening So again give become your source of through where you put everything in your git repository And this is get ups in a nutshell You don't have to understand everything about what I just said if you're new about get ups Just understand that there's there's a little bit of difference between how we were doing things when it comes to DevOps And how we do things when it comes to get ups But now There are some benefits about using get ups. I'm not just saying that because like that's the way I prefer to do things It use familiar tools and processes use git or Whatever git server you're gonna use get on git lab, whatever you just use git So if you're used to get in your day-to-day processes You are basically good to go with get ups It also use maybe infrastructures go you may not be new to add to that It's not you to get ups. It's a technology don't we was in for a couple of years so like people doing DevOps They're still gonna use things like terraform to create their infrastructure So you're familiar with the tool and the processes it helps you to do faster deployment and iteration and it's easily reproducible Because git is your source of truth So no more things that are running only on the server anymore Your source of truth is git. It's not the server anymore So it ends up like you won't have like oh it's working on my machine or it's working on my server And it's not working on the other server or we change things Directly on the server like everything is on git which bring no cluster drift. What is it? You know we've all done it if you said no, you're probably lying. There's something wrong on the server What are we gonna do? We're gonna go quickly on the server to try to fix things We're gonna fix things on the server and we say you know what I'm gonna refactor that later I'm gonna put that like in your source code later and later usually never happen What's happening with get ups because git becomes your source of truth And I will tell you a little more about like the sync status of our go CD But like what's gonna happen is that our go CD is gonna look in your git It's gonna look in the cluster and it's gonna say like hey Like there is something different on the server or the other way around Depending if you're a positive or negative person like our go CD will lack and like hey There is something different between the git repo and the server and will try to reconcile that so the server Reflect what is in your source of truth in git? It brings greater collaboration Because everything needs to go to git and with that Hopefully you have a proper review process Meaning that like if I want to change something on my communities cluster I'm gonna have to go and get I'm gonna have to do a pull request. I'm not gonna commit directly on main I'm gonna do a pull request and hopefully Someone on the team is gonna review my pull request approve it decline it has me for changes It may be a pain if you don't have proper process But I feel like you should have those processes in place having someone to review your pull request and because now again I'm gonna be tiring with that everything is in git You can use that process of like pull request review to be sure that it brings from a point of view greater collaboration and better quality of whatever you're gonna put on your server it brings I Should go with that one in English. I really need to find a synonym, but like auditability Yeah, okay English is not my first language French is so auditability Because again everything is in good. So you have the git logs. You did a pull request. You've seen who approved it It's not about blaming people. It's just easier to understand What are the changes that happen in the server contrary to like? Hey Bob went on the server on the Friday night to fix things that we don't know about now Everything is visible to everyone also which bring also more security and the simplification of access control Because now I don't need to give access to every developer on my team that I don't trust developer I'm a developer myself, but I don't need to give access to everybody on my team to my server I don't even need to give access to everybody to our go CD or I can give them access like just to view only What I give access to people is to my get repo On top of that my CD pipeline doesn't need to have access to my server Sometimes we're gonna need to like have a connection not sometime all the time We're gonna have to you're gonna need a connection between my CD pipeline to my server So my CD can push things to the server now because there is that agent in the Kubernetes cluster You need that agent to have access to your get repo, but from my point of view I think it's a little more secure I'm not a security expert, but I feel like it's a little more secure to do it that way It's cost saving for all those reasons and it's easily Revertable you can do rollback changes because it's just a question of hey, you know what? We're gonna like revert the code that we did in the previous pull request Or we're gonna rebase the history and remove a commit or do stuff like that And once it in get the server will pick up the change and you're gonna be good to go And lastly because of all those things you bring a simple stateless disaster recovery model my cluster goes boom for whatever reasons now what I can do I created a new Kubernetes cluster and I Reinstall or redeploy everything that was in my get repo. I'm not screwed I'm not concerned about like having backups. I'm not concerned about all those things I'm not concerned about the changes that again. Is there any Bob in the room? Okay, I didn't want to be mean to Bob in the room But like it's not it's not about like Bob making the change on Friday evening on the server that again Nobody knows about because I fix something and now we need to redeploy for whatever reasons We don't have that change anywhere. It was specifically on the server But like I lost the access on that server So a lot of reasons to think about get ups when you do your cloud native journey So it's not the only way but it's the way that When I talked to people about starting a cloud native journey, I said like you probably need to think about get up Why was talking about that? because Argo CD is Was created you don't have to use it has a get ups CD pipeline But it was created with get ups in mind and this is part of where the power of Argo CD come from There about that. It's pretty cold there I mean, I'm Canadian and like I feel like it's cold in the conference center. Oh Yeah, is it like colder or like to us steamy? Okay, okay. Yeah, so anyway, I was just like I said it was like just me Maybe I'm I caught something or like no, but like again, I'm Canadian So I know cold and that should not be cold. So anyway now let's move to the main topic Argo CD That is oh That is the beautiful mascot of Argo CD hard note. I just just love it So while of Argo CD, it's not the only CD pipeline CD tool CD system Whatever you call that CD application that you can use in your cloud native journey There is a lot of like more traditional CD platform that you could use. There is also a CNCF project called flux Argo CD it's open source Also, it's not part of the CNCF project, but like it's open source it's free and It's part of Argo project which have also other tools like Argo workflow Hargo Evans But Argo CD as I said, it's free. It's open source I'm a terminal person. I don't know for you. I love the terminal I love to do things in my terminal, but I'm not against a beautiful UI once in a while or to make things easier And because there is a lot of information about things that I deploy in my cluster having a nice UI is pretty cool And the Argo CD UI is Nearly flawless and again, I'm not a designer. I'm not a UI expert, but I just just just love it Which when I do things with Argo CD they have a CLI I Do think most of the time in the UI because I love it so much I love I'm gonna show you like the graphical interface that show you like the sync status and basically What's happening within your cluster? It's also easier to manage permission I was telling you before hey for whatever reasons it's not because you don't trust your developers But you're a big organization you need to manage permission in different ways than let's say a small startup I can give like just a view access to people to Argo CD and my developer can see like hey, I release a new version and It is in the get-ups repository. That is my source of truth. I want to see if it's deploying I want to see like the sync status on our go CD. You can give those different access as I said before Argo CD was created With clown native in mind, so it's not like a previous platform that was there before communities was a thing It was created for communities. It was created for I can I say Standard communities usage, but really with get-ups in line. So again, you can use it for Without using the get-ups principle when you go call native But if you do and this is part of like why I'm giving that talk This is where you get all the benefits of the Argo CD platform One of the main feature one of the biggest benefit is the real-time status. So what's gonna happen? You deploy something you had an application you Update an application in your get repository our go CD as I said has an agent in your cluster It will check to see like hey Like is there something every by defaults every three minutes is gonna check the get repo Actually, he's gonna clone the get repo to the latest version gonna check like hey Is there something that change based on the previous get version that I have and now and if something change Is it gonna start to do whatever you tell like in your probably YAML file what to do on your cluster? And you're gonna have access to the same status You're gonna have access to the current state. So the current state of the Cluster right now. So what's the current state of my cluster, but also what's the desired state? So if there is a cluster drift if there is something different between our go CD and like get repo I'm gonna have access to that but on top of that I'm also gonna have access to the app help and I'm gonna explain actually. I'm gonna show you this right now right after talking about Reposters, so one way to make our go CD behave like a get ops platform for your cloud native is to have a repository So there is an option in our go CD where you can say like hey I'm gonna point to you to my search of truth that should be reflected in my cluster And you do that by pointing in our go CD to get repo So at Q first what do we do? We call this like simply get ops repo and that becomes our source of truth for our Intercase production server development server or whatever the Server that we want to deploy the cluster. I want to deploy if I want to be transparent because I want to be transparent It's also possible for you to point repos to a helm repo But I would suggest to point this to get repo because of get ops. It makes really your life more easier So let me show you Here Actually, I'm gonna use key 3d I'm gonna create a new cluster Actually Qt 3d I said There is also a technology called key 3s, but Qt 3d is basically I don't know like mini cube or kind Helps you create like a Kubernetes cluster locally on your machine it use Docker in that case So if I go in Docker here, I actually should probably have created that before to talk But it's gonna take two seconds. I'm gonna have Containers running with basically quote-unquote Kubernetes here, then actually that's not what I'm gonna do in that demo. Let me switch to Another cluster that I have so it's a cluster that I created in Civo. I Don't know if you know canines That's the that's my best friend I mostly don't use cube CTL anymore for most of the things actually I started to forget how to do things with Cube CTL or cube cut all if you say it wrong So QCTL canines is just like the way of living for me and something's happening on my cluster But it doesn't matter. It's gonna be good enough So now right now I'm showing all the pods that I have in that cluster and what I'm gonna do I'm gonna be just a little bit tricky. I'm gonna install or go nip wrong icon I'm gonna go in VS code here And I'm gonna deploy customize our go CD for one reasons And actually, you know what I'm gonna explain that to you a little bit later Why it makes sense but right now if I close that thing You're gonna see I'm basically Creating namespace or go CD namespace. I'm gonna use The manifest to install our go CD. So the one provided by our go CD here if I go here This is what I'm doing so or go CD. I'm making this Here I'm creating the namespace or go CD and That's kind of it. So, oh, no, actually there is this one this one. I'm gonna explain it later It's customization or go CD, but you could just basically do helm install and use our go CD. So what I'm gonna do here I'm gonna do Let me go to manifest and I'm gonna do Like actually I'm gonna use the one I have in the workshop. So I'm gonna apply to manifest to install Our go CD in my cluster. So What's gonna happen now? I'm gonna install any our go CD in my cluster I'm gonna show you a hem tea our go CD cluster, but after that bear with me I'm gonna show you a full-fledged production ready one with a lot of things in it. So While it's doing that actually, let me show you the other one. So I created a cluster It's not to talk about Q first but I've created a cluster with Q first. It's a free open source platform It's what we do. We help you to create actually Production ready full-fledged platform because you know creating a cluster is the easy part But after that, you're not quite ready to deploy application You know, you probably want something to manage your secrets You won't have like a CD pipeline You need something to manage like the certificate that you're gonna need to access your application outside You need something to maybe if you really wanted to get ops have Atlantis Which is a tool that's gonna help you to manage to reform apply within your get processes So what do we do is that with that tool? You select the public cloud you create a cluster that give you that beautiful interface But my point is let me go to our go CD here and Now this is like a really Nice our go CD that I need to connect to So what do we do also when we create the cluster we install vault? We use it like as a Hawaii DC platform for SSO connection with other services So it's why you are go see you were directing me to vault. It's not gonna happen in the default Installation on ergo CD. So here I'm just logging with my username password now. I'm gonna be in our go CD What do we do at Q-first? We use a half of apps pattern Meaning that like there is one application that I call registry here and let me make that a little bit bigger And here this is what I'm gonna see. I'm gonna see how my application everything that is deployed in my half top app. It's gonna be here. I don't know if it's big enough, but You're gonna see here. There's that little heart It basically saying that like hey my ingress engine next component my application here is LT I have the check mark here. It's green. It means that it's sink. So I have here Make it bigger So here I have like the latest Comet that I have in my get-ups repo. I have what was sink and right now everything is LT Everything is synced the repository that I was talking about before is in settings I have repository and what I've done I connected my ergo CD to my get-ups repository So now everything that I'm gonna do in my get-ups repo is gonna be reflected here And let me show you my get-ups repo if I go here So the thing would get ups it's not really How to call that Standard per se there is a there's a group a working group working on defining the principle and Like sharing some kind of like best practices, but like there is no one way to like define your get-ups repo So what we do here? We have the terraform folders where we put different terraform files So this is how we structure get-ups repo I shared that because that could be interesting to understand that like if I go here I have a couple of terraform files. So I have a sievo folder because I created my Cluster in sievo if you don't know sievo, it's a smaller cloud provider a little bit like digital ocean What is nice is that you know what you pay for you don't have like surprise Billing at the end of the moon, but I'm gonna have my terraform file here and I also use terraform because there is like get-up provider to create the repos that are connected to Whatever I want to deploy in my cluster. So I have the repos here And I'm gonna have like the repositories that I created which is only two with my Q first deployment But you get the guess everything isn't my terraform folder What becomes oh even users actually we even manage users. So here, let's say I have not this one I even create users in Involved so my users can have access to Different part of my ecosystem that I deployed but also I use that to have like a developer and hand-meaned groups So the get-up repos theories that I'm gonna create part of my projects I'm gonna be able to give them different access So if I would like to have a user like this one right now I would just uncomment that or like basically create a new model But again everything is part of my get-ups repos, but now let's go to the more interesting stuff Here I have the registry and We define that with different environments, but also different clusters because when I created my clusters I created like my what I call my management cluster, which is what you've seen, but also created like a production Staging and development clusters That were actually virtual clusters. So that's a nice technology If you don't know there is v cluster a technology from left sh that give you the opportunity to create virtual cluster And they're nearly identical to like physical cluster. So that's perfect for testing stuff to giving some like more ephemeral clusters to your team The only thing is that your vehicle your v cluster lives inside a physical cluster So their resources depends on like the resources from your physical cluster, but I'm going in another direction Here I have a basically what I've shown you which is my app of apps pattern I have my registry YAML. I don't know if that big enough at my registry YAML that define that basically say like Hey, you know what like everything you need to deploy from my app of apps is in That folder which is the one that I'm in. So if I go here I have all my application that have been all the definition of my application that have been deployed with our go CD and I'm going to show you how to basically deploy an application But just before that, let me see I should have on my other cluster. I should now have our go CD and stole And I have our go CD install. Let me just port for Here, which is probably not what I want to do in production but for demo. That's good enough And now I have a beautiful not really sexy our go CD So I basically you could do like a helm install having our go CD and you're good to go And what would be the next step for me is if I want to do it the get-ups ways go in repository Connect to repo here or connect a helm our repository But I suggest again I get repo and how would have our go CD become my CD pipeline for my cluster But there's other way to install application I'm going to show you that a little bit more further in the talk. So it's good so far that's kind of like a lot of information, but I Think that's the way to go to at least get out of here after an hour and kind of like understand What is the tool so there's a couple of ways to deploy application if You want to do get ups the way to go is to define your YAML file Put your YAML file in your get ups repo and have our go CD sing death for you You can also use the interface so within our go CD interface I can do had new application and I can define my application that will play that would point to a home chart That would point to you get repository that would point to a specific File that I want to deploy in my application if I do that though our go CD won't come in stuff to your get ups repo So that's not my preferred way to do that But again, that's a talk about our go CD not just get up So I want to show you all the opportunities are all the ways to do tap these and the third way is you can use the CLI our go CD has a CLI so in your terminal you can install with your We with you CLI in the our go CD CLI in Your communities cluster sorry Actually, you're totally right. I never put the API here because Most people don't want to go to the API route when you have the UI and the CLI But you're totally right. Actually, this is what the CLI is doing is basically like doing like that in between Like our go CD and you is connecting to the API to access But yeah, I should probably even had that to the talk because you may want to do that If you want to do some Automation that maybe you cannot do with the CLI but the CLI is pretty good though You can basically do mostly everything you want with the CLI So with that said, let's deploy an application, but the get ups wait So here that is so zoom. I'm gonna go back here No, I'm not in the right place. Let me go back to my get ups repo here And what I'm gonna do, I'm in my registry folder So again, this is the architecture that we decided to use for or get ups repo You don't have to do the exact same way, but what I'm gonna do here Good to go. Oh my god. I cannot Understand at that size. Let me just for a second. That's way too much. So I'm gonna create a new file call whatever YAML and I'm gonna cheat here. So What's gonna happen is that I'm creating an application. I'm heading a YAML file in my get ups repository If the kind is an application, but as you may see here, it's a little bit different than when you're gonna Do a YAML file that is specific to Kubernetes. So the API version is a little bit different But the rest is kind of a little bit the same information. I'm gonna give a name I'm gonna put it in the name space. I decided our go CD Here there's something interesting the sync wave So I'm gonna talk a little more about that later and this is one of the things that I really love about our go CD So bear with me. Let's keep it to zero. It's the default anyway The sync wave version and I'm gonna define here that I want to install a chart So I'm pointing to chart repo or pro story I am defining the version that I want to install the name of my chart and Sorry, and the rest is a little bit boilerplate except that I also had basically had to fight in one for the sake of the demo I install ingress controller. So we're gonna be able to access that Application that I'm installing on flappy on that URL. So just before I do anything I Install the application before The demo because hopefully I wanted DNS to be my friend because you know, it's never DNS It's always DNS So just to show you right now. It's not like working. I refresh it was working. Hopefully DNS will still be in the air And I'm gonna come it. I'm gonna do something that you shouldn't be at home. You shouldn't do this at home kids I'm gonna have directly in Maine Without having anyone reviewing my stuff because you know, it's Sunday. Nobody's at work So I'm gonna have that file. I'm gonna come at this directly again Should not do that and I'm gonna go back to our go CD here. Please please fast enough So I'm not missing what's gonna happen So, okay, let me zoom again in a way The zooming is bad Okay, so as you see here, the last thing is still my previous commit I removed the application before doing the talk. So now sync is okay the default sync Time is every three minutes But what I could do I could try to refresh here and our go CD is gonna say like, okay I need to refresh my stuff go check and get ops repo and it's gonna say like hey now. I'm checking stuff and Is gonna see like hey, you know what? There is that new application that is here if I click here and I think I was not fast enough. I could have seen Maybe next time I'm gonna put like a sleep job just so we can see but anyway I'm gonna show you the sync wave after there is the desired manifest, which is what is on my get repo There is the live manifest, which is what is now on my Cluster and we should have seen a difference from like basically everything because I just had the five of like let's say I do another commit. I upgrade the version of my chart I'm gonna come here once I'm gonna sing the difference gonna be like the chart version and now it's syncing So it's synced but now things are being deployed. So if I go back here And need to zoom down again because I'm gonna survive that If I go here No, not this one Flappy here my application I go here I have that beautiful view of like every community's object that was deployed to create my application You know, I have a deployment. I have like services. I Have A replica set I have my putt here and everything seems to be healthy So the heart again, it's because things are LT meaning that like the endpoint that I define it Or the default hem point like our go CDs like you know, the application is great and the check mark is because The sync is okay meaning that like what are go CD the last thing that our go CD saw and get the last thing That I refresh or that our go CD sync Automatically is the exact same thing. So now if the DNS are with me and I refresh that I have my new application Which is the basically what was the name of that game like flappy birds, which is Amazing and super frustrating game at the same time But how I deployed that I didn't go on the common line do, you know, K or cube CTL or cube cutter Whatever you call it apply applying my yaml file I even didn't go in our go CD because I told you I could go in here and say like new application and I could basically define myself what I want to install here my application I can point to get repo. I can point to a helm repo and I define the pad the branches I I Put the yaml file in my get-up super and our go CD did the rest of the job Which is what I really love about like the get-ups principle and that too a little trick about that If sometimes you're not too sure I know how much experience you have with communities But like if you're not too sure like how to define your yaml file for specifically Hargo CD to like deploy it correctly Sometimes you go here in the interface and once you input everything and send of like creating clicking create here and Really not doing it like doing your click ups way Which you should not from my point of view you can just go here edit as yaml copy and paste your stuff Create a yaml file in your get repo and you are doing this the get ups way So that's one way of deploying application. That is the get ups way That is the way that I really like to do and oh actually I'm gonna show you have time. Yeah let me do that in One minute actually if I go back here And I go flappy carry and I see delete the file Comment on main. Please don't quote me on that if I go back here. Not this one if I go back here Too many are go CDs. Oh And I go back to my registry and Again, I refresh Ten minutes I talk too much. Anyway, this is the part that's gonna refresh is gonna remove my application and it's not gonna work anymore The thing that I really want to share with you and I only have ten minutes because I talk way too much Most of the time is the phases and sync wave, which is the exciting thing for me. There is three Phases of seeing there is the precinct. There is the sync and there is the posting Exciting Meaning that like the sync is what we've done, you know, I had the application I click something is saying it is a stuff. I can't do things before I can do things after Decide whatever makes sense for you. What's really interesting is the waves of the thing so Argo CD Because you've seen I deployed many application if I create a new cluster with all those application There is probably an order that I want to do stuff Let's say I want to deploy WordPress and I didn't use like the official bit me Chart that have like WordPress and my sequel, but I want to deploy my sequel myself and after that WordPress So what I want to do is I want to deploy my sequel and once my sequel is responsive working And I can connect to it. I want to deploy WordPress So I'm gonna use the sync wait, which is a number that you've seen before that the default is zero You can go minus whatever to plus whatever I suggest keeping it Over zero So our go CD is going to decide based on the number ascending number What is the thing that I need to deploy first and what is the thing that I need to deploy after? If you have the same sync wave our go CD is gonna be like Hey, I'm gonna go by kind and there's a full list in the documentation I'm gonna start with like is there like a namespace object Is there a services of a service object a deployment object and so on and if you have the same thing The same sync wave the same kind of object is gonna go by name ascending by name. So that is the magic of the sync wave What I've deployed before is the part that I didn't tell you That talk goes a little bit to shit with the change that happened or go CD six months ago Because by default they change how they manage the sync wave So before they were going the exactly what I told you But they were waiting for the application to be healthy before moving to the next sync wave But for performance reason about six months ago seven months ago the change it and now they're just waiting that the check mark The sync status is okay, and they move forward, which it's probably what you don't want to do most of the time If you use a half of apps and wants to use the sync wave So what I've done here when I deploy my ago CD on my other empty cluster I basically redefine the old way meaning that like hey before moving to the next sync wave Wait for the application to be healthy. So it's basically what I'm doing here So let me show you a sync wave. How it's working. So I have my boring Hargo CD here What I'm gonna do I'm gonna Deploy Actually a half of apps And let me show you quickly the half of apps I'm gonna deploy here with my super zoom visual studio that I cannot see anything now I go CD sync wave So I have a registry here again that points to the exact same get repo that have to To yaml file zero wave that is also a half of apps that's gonna point to my zero wave Folder that have three Kind objects which are jobs that is like a job an object zero an object when an object 20 And basically they have the same sync wave as the object that it are in so I Am my registry that have one half of app that is to the sync wave zero Actually, yes zero have another half of app that is at the sync wave 10 and another app of app That no actually that's that's all within those app of app have a job that is at the sync wave Zero a job that is is a sync wave 10 and a job that is the sync wave 20 so if I deployed that So I did here. It's not a get-ups away It's for the demo people in the back may not see because the screen is a little bit weird here But I'm gonna apply this so just cube CTL apply half my file pointing to my repo if I go on our go CD here That said that it was created probably need to refresh actually, I probably need to Do the port forward So hopefully not gonna miss my demo here. I Killed key three not a key 9s to fast going here. I have my registry That's gonna happen. Oh, no, I'm not on the right one Sorry Where did I deploy that? And I I can't see it here, but like that's kind of like messing up with my Demo 80 80. No, that was the nicest demo ever Yeah, I know that's sad. Why is it not? Happening here our go CD server and our go CD sync wave. Oh No Sorry, oh, they should be good. Okay Let me try on this one quickly. It's gonna work. Yeah, let me change my context Let me do the key 3d this one. Let me try it quickly. Let me go on this one should work Let me try to deploy this one. So I go sync wave registry registry ammo Cross your finger is gonna work And that's gonna screw up everything on my cluster No, that demo is so sexy Okay, so let me oh It's kind of working, but that's not gonna work because I hover I do registry and that's gonna be an opinion Yeah, oh, no, okay, it's working. So what's happening here ish It's not exactly the demo that I want to show you what what's happening here is that as you see This one should be like not completely sync because I override the process now I just had a job that wait for 10 seconds. So this one is already done This one is already done. But as you may have seen the zero job was started The 10 sleep which is like the sync wave 10 did not start until the zero was done And the 20 didn't start until the 10 was done But if I go back here and I go to the next The next one here the 10 sink wave We're gonna see nothing. So that was a beautiful demo my idea was to showcase that like I had a half of apps at Sync wave zero that started to sing Within that one I Had the job that it was the sync wave zero one at 10 was and 20 and they were going sequentially One by one and the other app of app that was a sync wave 10 didn't start until the half of a web half of app at sync wave zero was finished because first I override that and because it went about like hey, they have different sync wave So I'm gonna finish the one the half of app that is a sync wave zero Everything that needs to be deployed before moving to the other app of apps So that was basically like the goal of that talk was to show the sync wave So hopefully it's not as exciting not sure what happened But in the end what you get with our go seeding get ups is basically that you get to the right You get the same kind of process that you get usually, you know what you do your pull request Get up actually our go cities gonna check what's happening What is the desired state gonna calculate the desired state try to identify the divergences attempt to sync your information? Provide the sync result to the interface the actually the API Which the API is like also using the interface using the CLI gonna demo that and do that process all over again And again and again until there is no cluster drift so some resources if you want to get started with our go CD Argo project that get up that I owe slash CD. It's the place to be it's the place to go I usually have question about like oh was the difference between flux CD and our go CD It is not the goal of that talk. This is a great article. That is really sweet short and sweet Give you like the really high level of difference to be an S I think at that point is just a question of preference. What are you used to? What do you like? The thing with flux is it's a great technology the company that was working on it. They unfortunately How do you say that they went bankrupt? Yeah, yeah, I don't know but there is still like a great Open source contributor out there and some of the employees continue to work at their new job on the project So it's not dead per se and it's a CNCF project So fully it's not dead, but there are some differences as I said I shown you I told you why I prefer go CD With the beautiful interface and management of permission What is really exciting to me is how it was built If you want to try our go CD without having to do all the manual stuff that I didn't try it you first It's free as I said, it's open source That's gonna create you the cluster that I've shown you with all the apps Install configure working together so you have like a production ready cluster and if you want to try our go CD You have any question actually I should put there is also a slack for a go CD project But if you're like, hey, it's intimidating with all those like our go CD community It's a big slack come to your slack community. It's cute first with IO slash slack We have our go channel for it We just call it our go because we can't help you with any project even if you don't use our product We're just friendly people with an expertise with an experience with the love for our go CD and the our go project So if you need help, we're gonna be more than happy to Help you and with that said, I think I'm running out of time If you have any question Please feel free. I'm gonna stick outside of the room after to take more question You can send me an email ping me on Twitter, ping me on LinkedIn. Let's connect on LinkedIn Last thing if you want to talk about our go CD You want to talk about quality if you want to talk about communities you want to talk about cats coffee Buddhism whatever You just want to get to know each other. I'm offering free coffee chat to go on Fred dev slash coffee It's a third 30 minutes video call It's just like because I'm social and I hope our friendly person So this is what I'm offering and on that note Hopefully on the Sunday morning that helps you to understand a little bit our go CD and hopefully get as excited If you didn't have like the really sexy demo of sync wave Get you as excited about our go CD to try it with in your cloud native journey And hopefully even maybe go a little bit the get-ups away So I think that's it. Thanks for your time If there is any question coming and sold I think we have a five minutes or something I was wondering how you set up your Shortcut on github like you but uh, sorry, so I'm a little bit hard-earing and because I put that I Removed my hearing aids. So how long have no, there's the short cut on github like you put a Collin cube something and then that populated all the yaml fight. I Was wondering how you did that? Oh, yeah. Oh, yeah. Okay, so it's not it's not related to our go CD I use a tool called Espenso It's an open source tool It's on get up get up.com slash Espenso Espenso and you can define short cuts like my short court was like Cullen flappy dash sieveau it gave me it replaced my stuff I use this for everything and anything you can specify. I want that short court to run only in my terminal You can also have like regular expression to do stuff So to be honest like there is some like get comments that I don't even remember how to write them Like more complicated one because I just have my short cut like if I go here and I do like a I want to get Come it or change like I do gm or like I remember this one or get see and like I do this for a lot of things Just make my life so much easier and I've been giving talks for a long time And I hate people that do a lot of like life coding because you may like you're good Bravo, but like you're taking times to people most of the time and like now I just want to show you the content I don't want to like make typos and you know like even the demo that is fully prepared with the yaml file didn't work So like the demo got up in any way long story. It's Espenso. Thank you very much another question Is it possible to instead of using numbers for sync wave? Is it possible to say wait for this application or these? This resource that has this label is that something pause waiting about So waiting that application X yes, no, it's not as far as I know it's not a feature So it's why you really need to think about your sync wave So one of the thing that I would suggest what we do here is like we know like you've seen my cluster. There is like 15 application that I installed by default when I use cube first and what we do is for each application We do like zero of not zero we do like 10 20 30 40 which give me a gap between so if I want to like Oh, yeah, there is also that application that I would like to put in I'm gonna put like in between 15 like in between 10 and 20 I'm gonna put it 15 and the night next time I refactor I'm gonna adjust my number if it's an application that needs to stay in my cluster Maybe though there is something you can do like with the pre-sync and and post-sync But I don't think it's made for that. So I would not suggest doing that So it's why the sync is super interesting, but it can be a little bit of pain with if you want to do those Kind of thing. It's also why I overwrite the now default way of Working with our go CD because of where's my manifest? Here that part because what I'm saying here It's even worse for your scenario because now by default our go CD won't take care about the health of the application So it's not because our go CD was like, okay Yeah, I started to deploy my sequel that my sequel is accessible And I need it to be able to like go to the admin of WordPress. Let's say so those sink wave are really what you want to use To make up it but at the beginning it's confusing at some point you really get used to it And you can I'm like use the sink wave to do mostly whatever you want. Thank you very much my pleasure Are there any other questions? Is there a mechanism to Rely on like a web hook from git instead of having the having Argo pull every few minutes or is it okay? Yeah, yeah, so there is there was weak web books that you can use within our go CD I didn't talk about them because I think they're like a little not that advanced but like since we only had an hour So there is web books that you can use one of the thing we do also is that? They have another project called Argo workflow that we kind of like integrate within Git so Sometimes we have like get-up actions that gonna fire get-up workflows to do things that we want to do But like that's a separate project that is not totally made to how we use it But we use it a little bit like a CI sometime or go workflow and that would be able I would be able to use that Not just with the Argo CD web books But like pair it with other stuff like as I said my get-up action that could be also that could be also a thing Yeah, is there any more Sounds good. Awesome. Thanks for your time. And yeah, hopefully you have a good rest of the not too long conference I think there is future target. Yeah My sync wave demo didn't work Test test. Can you hear me over there on the phone in the back row when I speak like this? Okay Yeah, I Welcome everybody. Our next speaker is Guinevere she has both a background in Music as well as software engineering. She works with Pulumi with where she helps Users integrate infrastructure cloud with running their own applications I'll let you take it away. All right. Thanks Steve talk title for the last five minutes. So I'm going to skip to the next slide First of all, yeah, I Really love scale. I really love being here I have the sneaking suspicion that They put me in the last slot on Sunday because they knew I was going to stay for the whole thing anyway So but I'm so excited to see everybody here Another thing I really love is the ocean. I live in Seattle and we're not directly on the ocean but we get so much waterfront with Puget Sound and all that and So over the last year I've spent a bunch of time on the beaches learning how to be a beachfront naturalist for Seattle Aquarium and it's like really cool all the things you learn about seaweed and you know our local whales and Shells seashells other things In general, I think computers exist to serve humans not the other way around even though in our daily lives It may feel the opposite sometimes I feel like sometimes some days at least 15% of the reason that I chose to become a software engineer is so that I Can show the computers whose boss? I also play piano the piano is definitely the boss of me And you already know I write software at Pulumi we do infrastructure as code which may or may not be relevant to the story of this talk. Oh Yeah, you can find me on github at my name. I'm the only one of your Sanger in the whole world You can find me So why this talk last year? I was tasked to overhaul one of our tools at Pulumi that involved Some way of automatically provisioning Docker containers Docker images and general Docker functionality Automatically using our Pulumi tool and it turned out we could already do this But the way that it was done was we wrote code to shell out to the Docker CLI and go Docker run dash blah blah blah and Sometimes that didn't work so well because sometimes That shell that we were shelling out to didn't have the correct authorization or we ran into race conditions And so when we were deciding to bring forward this tool into the new world of You know version 4 I Proposed that maybe we should use a Client library instead of a CLI and So that's kind of how this talk started because let's have a show of hands who here uses Docker at work Who here has never heard of Docker? Okay, good to know Who here has had to write convoluted bash scripts to get Docker to do the thing that they want to do I'm so glad you're here Because I was like what if no one does and so a couple days ago I was talking about my talk with a few people and they said well if I just use Docker compose So that I can just put all my command flags into a file and then have that run in and I'm like is that what Docker compose does gosh Anyway, this person's here in the audience and they are way better at explaining Docker compose than the Docker docs Which will be a topic a little bit throughout this talk as well So what is Docker anyway? You know, it's an open-source container platform. It's a very popular container runtime. It runs almost anywhere and It runs almost anything One important part of the Docker ecosystem are the container registries where you can share your Wrapped up containerized app with all your friends and they have a very cute whale logo, which does appeal to me as beachfront naturalist and training So why do we shell out? Oh, I got some laughter. Yes Go watch demolition man. It's a great movie Well, you know, so this is how most people build Docker images at least when they get started, right? Somewhere somewhere some process or some person runs Docker build tag image name Everything in this room in this in this particular folder, right? So This looks like a fairly simple command, right? But it's still a command and you still have to like use the CLI to do it and It's not too bad, right? Like it's pretty simple. It's straightforward. You know what's going on for the most part And again, it assumes At least a human operator by proxy. Somebody knows that somewhere this particular command is being run So we shall out and go which is the language I'm going to use in this talk that looks like this and again That's fine It's a little bit convoluted But the go exec package has actually a few better options to handling It's a I always find it's a little bit more obvious But I'm really bad at bash and I hear that there are mythical people out there who are in fact good at writing bash scripts and There might even be a few people out there in the world that are good at debugging bash scripts And I'm certainly not one of them. So if my bash script that runs a Docker command fails I'm just like, I don't I don't know what to do. I give up But you know as we all know not all Docker commands are short I'm not rewriting this and go for you because that is also kind of convoluted So but again, sometimes shelling out is the right choice if you have a very simple image if you really just need to like run your Development container locally and then get into it or attach something very easily. That's great Shell out please continue but sometimes The shell just doesn't make sense you you you know from the perspective of this whale He doesn't even know you can't even see the shells, right? They're too small Um Right, so sometimes we want to run Docker processes or build images, right? And a lot of my jobs when we use Docker it is to Build an image and tag it at deploy time, right or at publish time when we go live with a version We want to cut a Docker image and push it to a registry And we also don't want to do this manually because who here loves release automation Exactly we want that we want that stuff to be automated, right? So that's why all these other tools exist. I did put Pulumi on there again. I'm not here to sell you on Pulumi I'm really just here to share some code That can make you bring up Docker images by yourself. So again, why do we use the whale in the first place? It allows us to be flexible. It allows us to have you know Any environment we want on almost any operating system that we want and we can control it and that's actually really great But you know Getting into the wise of Docker would be a completely different talk and as I hinted earlier I'm not that much of a Docker specialist. I build Tools for developers. That's what I love doing. I love making developers happy and If that means I have to wrestle with Docker on occasion then I will do that But I bet there's people in the audience that know more about Docker than I do and I also bet that you know, there's areas of Docker that I just haven't even ever touched So if you want to learn why Docker? They're their their website covers that part But in short we should be able to create and use Docker images without the need for an interactive terminal So I actually I'm going to switch to code. I'm going to switch to my editor here But if you want to follow along You can feel free to I just pushed the code to GitHub this morning and my apologies. It's incredibly rough But if you want to follow along, I'll probably push the fixed versions after I go through everything Later this week But yeah, so it's available. Whoops. That's the next slide So we are going to switch to my Docker talk repo. All right, so let me make this a little bit bigger. I think yes Does this not what okay? There we go, that'll work for the code Great, so I have here In my file structure, I have a very simple sample app it runs Script that says hello scale. I'm gonna make this bigger too. There you go and It has a Docker file that pulls up go. Wow, this editor is terrible at that it pulls up go and it runs my hello go file and When I run this container It will say hi to everyone in the room because that's what we do at demos, right? We write hello world except the world is scale today Anyway Here is the actual Code that I would like to show you In my main function the first thing I do is I'm going to go and get myself a Docker client and so my client library is Literally right from here from the Docker from GitHub From Docker itself and it has a client and in fact, this is what happens under the hood when you go Docker build dash T right they use this client. They're just like way better than the rest of us at running it because They can ask the people who wrote all their low-level libraries that nobody else understands I'm I'm I know you laugh, but this is actually like how it is and it's It's been a struggle at times So again, I needed a way to create a Docker image that didn't shell out To an extra shell and so this is how we do it. We get a new client. We get some options from our environment You can actually set a lot of these things and here's the thing What happened what you will see here then and then we basically copy a bunch of the things that Docker does So we create a tar file from our app right here over here. That's our app. I'm not going to move that. Sorry and Then we have some options here So these are some of the things that we can tweak these are roughly translated to our command line flags Not quite the same. I'm going to tag my image G. Sanker is my Docker hub name. So I'm just hard coding this for the demo today My Docker hub is public You can like look at all of the demo images that I pushed up there throughout my career and if you have any use for them Good on you. So hello go I'm Sunday at scale. Whoops Don't worry, I'm not gonna do a whole lot of typing here We have a version this version refers to the Docker builder and I'm going to use the old builder. This is the original This is the original builder that you don't even get to use anymore when you use Docker And I'm going to build for this platform All right, and then I'm just going to run image build on my client Everything else in this file is a couple helper functions so that you can all see the output from what happens when I run this program so Minimize this guy. Let me make this a little bigger so you can see clear Okay, so I'm here in my demo folder and Awesome Hang on what changed. Oh That's fine Right change main.co and I'm just gonna run main.co And if I did everything right, you should all see some build output now Now this is building really really quickly Because I already ran this In my hotel room to make sure that you could all see some output But this is the output that you see when you're we're pulling from we're pulling the goaling Docker image and you see some of this stream output if we wanted to clean this up We could parse the output and make it look nicer I did this in fact like one of our tools has like an interactive print output terminal And so some of this actually just already looks prettier over there, but you know This is meant to give you a basic starting point Cool, so I just built a container image and I should have shown you this before but Docker images here. We are and just 43 seconds ago. I built an image called hello. Go Sunday at scale cool Let's see what happens if I run it I Can run this using the Docker CLI but because it only prints out Hi, everybody the container exits immediately and you wouldn't see the pretty output So I will run this one manually for you But it won't run. I've built it for the wrong platform I Meant to do that. I actually meant to do that. So we can go back here to my program and change the platform and I'm on arm 64 and Notice how this is actually going to be important later Because we are only building for this one actually. Yeah, we're only building for this platform So I'm going to try and run my program again, right? Because I want to build an image that I can then run as a container on my native infrastructure sweet So let's do that. This is going to fail too. Oh, it succeeded. Okay, great Why did this succeed? Oh, yeah, it did succeed because I'm still using the old builder, right? But now I'm gonna run this and here we go. Hello, everybody. So that's awesome now and a lot of people when they want to modernize their Docker infrastructure they ask about built kit a lot and Again, there's a lot of confusion people sometimes think that Docker build X is the same thing as built kit But it kind of is and it kind of isn't What build X is is really just a CLI representation of all the features that built kit can offer and Built all that built kid really is is a builder So when I ran my Docker images before you see that there is You'll see that there's a Moby built kit Container repository right here This basically is a way to allow it's it's it's kind of their way to allow Me to run built kit on my machine and build Docker images that have more modern capabilities Among some of them are the ability to build Cross-platform images to run cross through a build for multiple platforms at the same time So I'm going to change my builder type and I'm going to use built kit here because you can still do this with the classic With a classic Docker client and when I say classic Docker client That is the client that you use to run containers. That is the client that you use to push images But for a build client for it for the client library for a Docker build you actually have two choices You have a build X library and you have what I'm showing you right now, which is the classic Docker library I'm going to use this. I'm going to try and build farm 64. This one will fail pretty sure Didn't okay. Well, this is working great. I Have meant for this to fail. Okay Um So, let's see. Where's my images? I just built another one. So that's cool Things Great, so, ah, right. No, I know why I know now what what's going on So I have an image I can build in a number of ways awesome, right? So I'm there's a couple other options that you can tweak on these image build options Some of them work well and other ones are a little bit in development Or the if you ask about it in the docker community, they will gently tell you Maybe you want to use build X instead and I will show you that in a minute But before I do so I want to go ahead and actually push this image to my registry, right? So if I have on my offset up, I'm using super lazy off First I'm going to log into the registry using local auth config Do not do this in production Go ahead There we go so right after I built my image and Got all that beautiful build output I'm going to go ahead and I'm going to need to undo some of my imports here Base 64 come on import package Thank you There we go This should compile so what I'm doing is first I need to log into my registry. I use docker hub That's pretty straightforward. Some people use Registries that they literally just created as part of their same development stack One of the awesome things about using a library like this is that it forces you to think about all these things right up front None of this is going to make you building your docker containers any easier It's just moving the complexity in The front rather than at the end of it. So Basically, I like this because now I have the ability to basically choose how I authenticate and I will know Because I know what environment I'm trying to run this into run this in what that environment expects, right? So obviously getting a password like this can totally work It works for Github actions. You just put it in as an action secret and there you go You've got your docker password. You've got your you can you know, I can make the username dynamic again for the stem I just used mine And again, you can make the server address dynamic all this stuff is now is now obvious to you And you don't have to like run any kind of like wait. Tell me which registry we're logged into While you're shelling out Because you're off config just knows so that's one and then the next thing is we're going to push the image and I'm just going to go ahead and Do very terrible things Ideally this would be a variable that I declared on top, but it turns out for me I always like to be reminded when I'm running through this as part of a demo So now we have some image push options here. We're just passing it the specific authentication How are we getting into this registry? Great. So hopefully this works and if it doesn't now we're going to have to debunk Let's go Great. So at the bottom here you see some output from pushing so requested access to the resource is denied Let's see here. I wonder if my docker password is busted Let me switch real quick because I did in fact That's that's what it is. Let me let me quickly set this Docker, what did I call it? I called it docker This is great pass Pass equals Thank you for your patience This is what I get for using my direct docker hub password in a demo in front of people awesome So this should work now We're seeing oh, all right, and now you should see some push out log put push logs output. So that's pretty awesome Neat So now if I go to docker hub whoops Where is my docker hub Docker hub here we go, and I refresh We should see a new image called. Hello scale. Here we go all of this without using the CLI. I'm pretty stoked This is pretty good so far It's a pretty good start and Was really pleased when I saw this working on my other tool Great, so what's next Sometimes these particular things through your curve ball There's a lot of stuff that you can configure I think I will skip again showing you how to run the container Because again, it's literally just like a client dot container run container start and if you have Yeah, it's the documentation on this throughout the docker repositories is unfortunately sparse But if you've gotten this far and you have a client most of the time your IDE will tell you what to do, you know Cool, so as I mentioned before this is a client you use to run containers and to push images But this is not the client you may want to use to build your images because I will show you in the options right here What happens if I want to build a container image that truly can run anywhere? If I truly want to build a multi-platform container image You have no idea how many people asked me for a multi-platform container image and I had to tell them Unfortunately, you're going to have to run a for loop and run this code Multiple times and push up multiple individual images one for each architecture that you want and they said what do you mean? I can't just do this and it turns out you can't And that's really unfortunate and I think the docker people agreed because they came up with a new way of doing this And that is where the build x client library comes in So let me show you that one Similar story. We have an app You have an app folder. It has a docker file. I'm just running go because I'm boring And this one says hello build x container Let me show you it's a little bigger right here. Cool. So in my Go file My code here The big difference here is on line 10. We're using build x build And we're using a bunch of other imports You will see that a lot of these This is getting this whole thing needs a Significant amount more setup. So it's a little bit more complicated, but thankfully you all work with docker, right? You know, you know the pitfalls, you know what things are called and what you want and what you're looking for So hopefully this isn't going to be too overwhelming So first we're gonna get a new docker her client Then we're setting up a build context Then we need to get our Build options, which this one is I don't know why this is called PB It is one of the libraries up here Is it oh Well, let's move on So we have some build options and again, this is really just we were telling our client Hey, please look for my files. Please look for my application my docker file in the correct folder And again, this is just where you can keep your docker context and your docker file name anywhere And you can just configure that which is kind of nice so then we also have to provision a builder and This depends on your operating system and What this does is basically it's using the default builder that is that docker uses on my computer But it turns out you can bring your own builders if you want. I Don't know that much about docker builders but probably you do and This is where you would feed those in And that's pretty cool, too Please apologize I want to apologize by the way for my error handling because this is literally just a demo script This is never I would handle errors, but but this way you can all see them when my code falls on its face So then our builder needs a little bit of setup We need to load the build nodes and Finally, we're getting to this line, which is our payload, which is our options Which hopefully is where we get to configure some of the stuff So another thing that build X does or doesn't do is It loads our docker images into its own context And so a lot of the time when we when I use this I the image gets built And then it gets put into a secret location on my computer or in some kind of cache, and I don't know where it is Because it thinks I'm just building the image and doing something else with it But maybe I want it in my local in my local image store so that I can run the container and show you all So that's what this does So I'm exporting my docker image to my local image store Again, it needs a bit more setup here. We have our payload I'm not sure that we need these inputs. All right, so Then we got a little bit of a helper function for printing and finally on 994 we build We pass the build context we pass the builder nodes and we pass the payload that we defined up here And the payload really here is I'm using the default builder as As explained here, and this is where we put things like hey I Want to tag my image and you already see I can tag multiple tags, right? So I can tag build X solo dot go. I can tag I don't know someone pick a tag name. That's fun. Say what? three seashell Sweet Awesome, so when I do this, I'll get two images I'll get one image right but two tags. We hope let's find out and Then again, I have some support functions that are basically around handling the printing and the authentication Yeah, I apologize for everything always being on the bottom here Thinking Very cool Docker images moment of truth. Oh It's not there shoot. Oh, no, there it is. Here we are It's just the same image. It's got a new tag. I was like, no Anyway, I built this two days ago and didn't change it since that's right I didn't actually change the print output for you this time. Yeah, so we got but we got this new tag You all can see this just happened right because I definitely didn't have a container here That was called that was tagged with three seashells So that's awesome. And again Now we have a lot more options what we can do is we can go ahead and docker inspect this one to see What infrastructure it's built for? Copy that right inspect Here we are so here we get to see a bunch of like interesting stuff and it's built for our the local architecture arm 64 Which is interesting because I actually didn't tell it which platform to build for But it picks the one that you're running on by default, which is reasonable, right? so, yeah let's go ahead and See what happens if we configure this a little bit more so we can do Platforms Where's my platform here arm 64? I want I want to build AMD 64 And this now will be true cross-platform building Right What is what is happening? What am I doing wrong? This is very weird. Okay. I think my IDE is just on Fritz This will be fine Did I do something weird? Oh, wait a minute. Hang on can't use string as a type specs dot platform. Oh God This is fun. I swear. This was a string literally yesterday. I should have pinned my version Sure anyway Maybe in the interest of time I shouldn't debug this in front of everybody But let it let it let it let it be known that it is absolutely possible to specify multiple platforms You might have to jump through a few more hoops to do so I Won't show you again this one For for pushing this image you use exactly the same client as before use the basic docker client It will push your image to any registry that you desire Provided you authenticated So that's pretty cool, I'm going to just show you running this container Docker run Just for the in the interest of completeness And here we are and we have a build x container that was made with the build x Library so to libraries and let me get back to my slides because I think I made you a summary Again, this code lives on the stem of repo. I do not intend to maintain it by any means But I put it up there so you can check it out later So We have a classic docker library for building classic is a little easier to use It does support build kit, but not with all the options It does not support all modern docker capabilities such as multi-platform builds But you do use it to run containers to push images build x is Way way more configurable It has all of the options that you can do that where people just yeah But like if I use the command line, it's like I can do all these things. Yep You can do all that with the build x library It supports custom builders bring your own builder if you need It also supports build kit because it literally us made for it And it I as far as I know it focuses only on build capabilities and that's what it does so the Docker ecosystem is huge and When you look at this What happened last year was that the docker community decided to put a lot more effort into like more More open source more public more usable support for the build x capabilities in this way and I think improvements get shipped every day and Unfortunately frustratingly sometimes Documentation that was meant for one of these libraries is kind of stuck in the other and it's very easy to get confused and so I Did not have that great of a time dealing with this last year hence this talk because I thought it share So maybe the next person doesn't have to suffer. So there's a little bit more here So why did I go through all this trouble, right? I just I think I talked about that a lot but so yes, I Work at a company that does infrastructure as code one of the tools we do can provide Docker containers It can build Docker images and I thought it'd be cool to show you yet another way to create a Docker image Without using the command line Well without using the Docker CLI slight asterisk So let me go back to my code Here I have a folder called Pulumi and I did write this in go Even though I could have used TypeScript. I could have used Python I could have used one of the other ones dot net I could I could not have used dot net to create this demo for you because I Have never used dot net in my life Yeah, but if you are familiar you can use this so Pulumi supports a bunch of languages But I stuck with go because here we are and that's what I've been using the entire demo so Basically what this is is I'm importing two libraries I'm importing the Docker Pulumi Docker SDK and I'm importing Pulumi and what Pulumi does is it Creates cloud infrastructure for you using the Pulumi command line. You have to install a bunch of things I just thought it'd be fun to see but if you kind of look at this code a little bit I have my demo image here. It's called demo image. I'm gonna call it scale image I'm gonna build it for my own platform RM 64 Again same story. I have an app with a Docker file. It does something I'm going to tag it with my name And my name is scale image I'm gonna call it Sunday Great, I'm gonna skip push Great, so this is basically the tool that I built using the Docker client libraries that I just showed you And this is just a quick little Demo here And I'm gonna run Pulumi up. I'm gonna create a new Pulumi stack Actually, let me X out of that and clear so you can all see a little bit better Pulumi up create a new stack. I'm gonna call it demo stack So basically this should be a little bit familiar if you've at all familiar with Terraform It's basically going to show you a preview of the resources that I'm creating with the tool and one of those resources is basically just all the information that Pulumi needs to do this and Then I'm making a Docker image and it's going to be called scale image. I Also get a little bit of a warning here because We want to make sure we're building for the right architecture. That's fine. I think I specified that's the architecture want Great, and so now I can hit confirm And I should see some output If I did the sprite So if you were watching really closely, you can see the build output that kind of was displayed in that little Message window. I can do that. I can change the thing one more time. But now let's see what happens to my Docker images So here we are 18 seconds ago. I created a new image called scale image and Yes, I can also push to the registry doing this. I don't know So I'm gonna unskip skip push Undo skip push. So I think this should just automatically Authenticate me because I have my Docker password Set, but I don't know I might need to set up some authentication here as well. Let's find out So again, I'm just going to like rerun this command. I See, okay, Docker IO repository. Okay, I'm gonna do that You know, I wrote this tool. You'd think I'd know how to use it It's been months though in my defense Yes, I want to perform this update. I Might not be authenticated as part of this program. So that might be an issue. Oh, there we go Awesome, sweet So that is kind of just a little sneak preview onto what Pulumi does Let me show you if we can see this on my Docker hub now scale image Pushed less than a minute ago. All right, so it works. It's there So now I feel like I should do like a little a little curtsy here But wait, one of you you say you you you marketed this whole talk about like, you know No more shelling out. You just use the command line tool to create a Docker image Yes, but it did not use the Docker CLI Additionally, it turns out that Pulumi does have ways to automate This kind of thing and you and this talk is not about Pulumi But you do not have to use the Pulumi CLI to use Pulumi You can run it in a program just as well We have libraries that help you do that automatically So you don't have to have a human typing into a terminal do the thing You can just kick off the process and have your coffee. All right Where is my final slide? I think this we're think we're at the end of this Yes, thank you all so much for being here last talk on Sunday before the keynote You can find me at both those things. I don't tweet very much anymore, but I occasionally check my DMs and I am always on github Yeah We have one question Let's see if I can answer it First, thank you. It was really cool. Have you looked into alternatives to writing the docker file itself? Alternatives to writing the docker file itself. No, I have not because that's not what we do I mean that was just not part of my task job task description, right? You should be able to just feed whatever process creates your docker file into this as well, right? But yeah, the short answer is I haven't I just want people to bring their Set up and be able to make images Yeah But I'm curious about what you were thinking of perhaps Yeah, like why just because most docker vials are like, you know, it's like the equivalent of a shell script So just thinking maybe there's a better way than maintaining those by hand Did you Are you Do you know if there's any like libraries for alternatives to docker for building let's say like OCI images with this approach I Don't I Bet there there might be But given that I was pretty convinced most of last year that Surely the build X library that the built kit support would be better in the basic docker library than it is or more I shouldn't say better, right? Like I'm sure there are many reasons why it didn't quite make it But I don't know I Don't I don't necessarily compare container run times as like because again, we don't run this ourselves We just want to make sure that we have this available for people who do run docker That's that's basically that's not an excuse. It's just a reason. I don't know Be curious to find out. Yeah, anyone does anyone know Yeah, red hat has some tools that are an alternative like pod man and build a and they make OCI images Right, I did go to a pod man talk, but that was a very long time ago Two days ago at scale. That's a long time Thank you. Yeah, I think Red have had a speaker here. I believe at scale last year and that should have gotten recorded so you can probably find that Okay Any other questions? If not, please join me in thanking Gwen for a great presentation. Thanks for being here