 Good morning. Good afternoon. Good evening wherever you're hailing from welcome to the world premiere of the get-ups happy hour with the one and only get-ups extraordinary Christian Hernandez Christian, please introduce yourself for everybody on the channel today. Yeah, so we're about to dive into yeah. Yeah, so Yeah, my name is Christian and this I'm a single senior now principal technical marketing manager. Yes, you are at Red Hat, right and Little bit background about me right so as we start this new this new bi-weekly, I guess a stream My background is mostly in operations, right? But I think I've delved into I think as everyone into into DevOps And I was trying to find new and interesting ways to speed up the delivery of applications, right? Even as an operations guy that's kind of kind of your job, right? You'd like to think your job is spinning up VMs. It's not it's to support your job is to support the developers and if The quicker you realize that the better it'll be for your for your career, right? So, you know, I had to have that and I was actually one of the two first OpenShift SA's so I'm talking this is back in 2013 right back when OpenShift was Back with no one the Kubernetes didn't even exist, right? So they don't exist as a concept inside of Google, right? Right, you know based off on on Borg and all those you everyone should know that story. So So but one of my biggest passions as as mostly you would know as Christian always as get ops, right? so what what is and What I want to do with this with this happy hour Oh, and by the way, it is it is a is technically happy hour, right? So I have I mean, it's five o'clock somewhere. It's five o'clock somewhere, right? So I have I have I have cold beverage here I hope I hope everyone else does as well because I'm gonna treat this as a Even though it's there you go. You got coke. Hey, yeah, whatever you want to drink whatever you want. It doesn't matter You know, I want to treat this as a office hours kind of similar to those of you who watch the level up hour or the admin office hour With my co-workers actually right Langdon and Andrew do the do that show I'm gonna treat it something similar But since everyone's doing office hours, I just decided to name it a happy hour Just just to be a little different right now Let's be honest, right like your West Coast so it was like I need to do it in the afternoon and it was like what's called a happy hour I mean it makes sense, right? Yeah, it's like three or four in the East Coast, right? It's 9 9 p.m. I mean it's Thursday, right? Like Thursday's the normal like college party night anyway, so yeah, exactly No one really works on Friday, right? This is this be serious You got the ops freeze Friday. Yeah Operations you're not pushing any changes on Friday, right? So, you know, there's the If you build the environment right you can but yeah, you can exactly yeah, yeah, well, maybe this yeah This is a good segue right to what we're talking about exactly is Yeah, so this this this first I think this first episode of We get off happy hour Kind of want to talk about kind of demystifying get-offs, right? So some of my previous streams you see I think a lot what we do in technology, right? I don't want to like put this on like any one company or any one group of people or anything We just just in general we focus on the hammer is what I like to say, right? We focus on the tool a little bit a little bit too much, right? Right and I always I always make the analogy of building a house, right? When you build the house the first thing you The first thing you talk about is like the blueprints and how you're gonna build the house not what Brand of hammer you're gonna use, right? Although the Although the tool is important You're it's always using the right tool for the job So I think I want to take a step back and kind of demystify get-offs kind of independently of the tool What what we use right as you know, I use a lot of Argo CD Some of my you see some streams here people using ACM some people there's some people using Ansible, I think we I want to step back and really focus on what and not what they're doing versus not with The process yeah, yeah, yeah, yeah exactly this this this not focus on the tool So what what is what is get-offs exactly, right? And I think Chris you've seen the slide before oh, yeah, right? so Chris Chris always always get a good laugh at that that I was quote him here, but yeah Yeah, I said that when did I say that May of 2018? Yeah. Yeah, man Yeah, exactly, right. Yeah, so you see you've And I think it's a it's a very good it's a very good quote, right? Like so I'm quoting Directly quoting the person here Get-offs is the holy grail of DevOps, right? So what what is? You know, what does that mean right? So get-offs is just very simply Using get as your source of truth for your entire stack, right? So not only your Your application stack and how that looks like but you're actually at your infrastructure as well, right? So as things Like infrastructure as code comes along right like things like a puppet and Ansible when you're like describing your infrastructure in a In a code like manner, right? declarative state is what I declare it of state. Yeah, we go when you're declaring right declarative instead of imperative, right? You can store that somewhere, right and using the get-offs workflow Using get as a source of truth. That's really what get-offs is, right? You're driving everything through get You know, it's it's taking It's taking what the developers done really what the developers done with get kind of just moving that to operations as well Yeah, and get can be you know kind of intimidating for ops people, but it has kind of become the de facto Version control software for like everything now definitely. Yeah Yeah, I mean and and don't get me wrong like get can be intimidating and you can get into the weeds with get but There's desktop tools, there's all kinds of tools to make the get experience easier for you So don't fear the get reaper, right? Like yeah, don't feel you can get over Don't fear the get reaper There you go Next episode I'm gonna have that don't fear the get the get reaper Oh, man I'm gonna have to remember that because I'm actually gonna use that because then the next episode is I think will Will fit perfect with that. Um, so um, yeah, so it's also the natural evolution. Yeah DevOps. Totally. It's it's it's really a Get ops is like cloud native and DevOps in practice, right? So it's it's not it's It's just a natural way of doing DevOps, right? Like that's what you want to get to That's what it is, right? So just simply everything you have everything about your environment if your infrastructure is in get Simply, right? So, yeah Yeah, so there's a there's always these Here, let me make this a little bigger. Thank you. There's always the You know, what do I gain right like why why get ops, right? so like if you ask, you know, the get ops community and people that that I've been doing this like there's like You know, everyone's shouting pretty much the same things, right? Right like like I want to give up get ops because you know, it just takes weeks and months for vision and environment or like There's people that say like I can't like I can't audit configuration changes, right? So you get like These different people from different Different environments, right? So like from the security guys to the administrators to the developers They're all like shouting, you know things right like that is paint points for them and the The good news is that get ops kind of provides Probably a little bit of everything for everyone, right? Like it really I don't want to say it's like The perfect answer for all workloads, but it it actually attacks a lot of pain points for a lot of For a lot of for a lot of people, right? So Really just kind of like the like the benefits the biggest benefits They need to keep in mind like what what what would get ops get me, right? So like all changes are audible, right? So Like you since you're using a get workflow So like, you know kind of giving away the secret that developers have been known for a long time It's kind of the the operations guys that I can see I Can see who may changes what and why right just because in that get workflow I can look I can look at the specific commit I can see who did it and I can see who approved it and I can see you know and all of a sudden now I have this big audit trail of of my Entire environment, right security guys come and say and hash to right like yeah, exactly Yeah, it's all in get you get all the benefits again, right? Like you you go to your security guy and say hey Security guy comes and says I you know, we're going to do an audit you go right here Here's the entire you know get log enter, you know, here's everything that's happened In this environment and who's done it and who's done it? Yeah And a unique hash for each time so you have like you can almost block chain it if you really want Like somehow right like I mean you could get nuts with it, but yeah, like you've got this, you know Fully detailed log if you're doing it, right of everything that's happening in your environment everything everything in your environment right so um, and you also get You know, not to miss words right not to play on words, but you get a standard Roll forward and backwards right in a bit of failures If something bad happened I can point to a different tag and then your environment just kind of just changes to that tag right it'll roll back to a to a different commit And it'll it'll it'll Make sure you're at In that specific commit right so that's what essentially would get us and I'll I'll explain a little bit how that happens But you can roll forward and backwards just like these you would get you can go back a tag You can go to a specific branch you can do you know, whatever you could cut releases of your infrastructure, which is like wild to me Yeah, yeah We're gonna have like this would have cut this version You know like you're now like my all my servers and everything are like specific versions of our like entire Yeah, like you're cutting releases essentially of your yeah of your infrastructure You know these systems are at version 1.3 these systems are version 1.4 And we're doing our blue green deployment right now right like that's how I look at it Yeah And then that's and then the entire stack right not just like the applications not just they just like essentially the entire It's it's the whole it's the metal all the way up right from the metal up. Yeah, exactly so you have also a um A method to do disaster recovery right so you have a method of Saying okay. Well if I lose everything How do I get to where I was I was like well everything's conveniently and get I just reapply to the current state, right? and um And the experience really is um for for developers. It'll be um, it'll be just standard pushes and pull requests, right? so forks, you know, I As a uh, even as an operations guy, right I can fork a repo You know say hey, I want you know four nodes instead of three Make a pull request Really easy that get that goes through the process, right? I go through it. Somebody's gotta prove that someone's gotta prove it. Yeah, exactly um and so Yeah So then that's the experience like how you interact with um, your cluster is all consistent like everyone re interacts with the cluster like it creates a level of consistency That is hard to achieve elsewhere Yes, yes, exactly. So um and really get ops is for everyone, right? Whether you're a developer Uh, or you know, like rock star developer or like a guru operations, right? Like I guess that's that's what I'm trying to illustrate here And security and yeah, it's and security team and everybody, right? Yeah, it's not everybody can get in the pool here Yeah, everyone can get in the pool so um So really that's like what get ops gets you right you're interacting with get And anytime you want to make a change your environment is it's just simple as a pull request, right? I want to scale. I want to Uh make a blue green deployment. I want x y and z right so So that's just get in general. So get, uh, okay, sorry get ops in general Um, so, you know, we haven't been uh talking about any Like infrastructure or like how you do this or anything else that way so you can actually be doing get ops, you know, um already Already, right? Just not even know Yeah, exactly Not even know it, right? Um, but it is you know, unless you've been Unless you've been living under a rock, uh, there's this thing called kubernetes out there What was that? Yes. Yeah, I know Well, I'm wearing the shirt today so What is this kubernetes thing? Yes, what is this kubernetes stuff, right? So, um, You know trying to you know, I'm pretty sure everyone watching has been beaten over the head of what kubernetes is So I won't spend I won't spend more than a slide on it. Um, it's basically how to orchestrate a containerized workloads, right? Um, it's abstracts your underlying infrastructure. So The containerized workloads you don't have to worry about Where your containers land or anything like that kubernetes is just Essentially, it's a resource scheduler, right? You give it something and then make sure it runs You say I want this resource. I want it this way and it does it and it does it exactly So, um, which is which fits in perfect with, um, you know, openshift, right? Like what we what we wanted with openshift um, you know, okay, we needed like Openshift needed a way to schedule workloads and just kubernetes. You know, I was part I came on to red hat When um, you know, I was an openshift v2 administrator, right my previous life um And red hats like hey, we need openshift experts because we only have one in north america and they go, okay. I'm coming along um, so So and I was part of the two to three migration and now from three to four. So it's been it's been wow, you know, it's um You know, I've been here almost six years. No, actually six years. Wow time does fly I've been here six years and I've seen a lot so Um, I mean, I remember using I remember using the cartridges and everything From the old old openshift days and it's funny because uh, I actually used it to do a phishing campaign Yeah, or testing internal security and it was like the easiest best experience I've had trying to deploy an application a long time Yeah, well when I first when I first saw it when I first Saw openshift v2. I was like this is a game changer, right? Like yeah you know like to be able to like You know a few clicks I got an application up and running. I mean, you know, it may seem um, you know, even as an admin I go like, well, this is this is big like I want how this works So and that's how I dealt in um same and um, you know and even with like, you know v2 to v3, right? Like that's how we you know Like oh, this is new kubernetes thing, you know This these google guys want us to help build this thing that they're calling kubernetes And we're like, okay, let's do it. Um, so I was part of that migration from two to three. Um, but really this is um, you know when you think of Of openshift the other thing kubernetes, right because it's essentially As you see here, um, it's the the core of what openshift is right and then You know, we have some some uh Some tools on top build on top of it, right to for you to be able to um Expand that you ask for application delivery, right? Because as we all know As kelsey high tower says is that you need more than just kubernetes, right? So, right? It's just it's not even The starting point oftentimes It's right, it's not even the starting point. You're right. Yeah, it's not even the starting point Right. It's like the prerequisites because you have to build so much on top of it. Um, and so and then You know, this is kind of like our idea of like what a smarter kubernetes platform looks like right And it includes a cm which I'll I'll touch on a little bit, right because a cm gets into kind of like get ops um methodology so um So openshifting get ops is a perfect match essentially right because um get ops is you you you're storing everything and get right and you need a way for it to sink everything into your environment, right and with um um With things like crds and um, you know methods to extend the kubernetes api Um, this just becomes a natural fit, right? So now I can declaratively say hey, I want application stack to go in kubernetes. Um, you know my kubernetes cluster um, and then And then that that tool whatever it is and i'll talk about the tools later, right? We'll sync that from get right and then you're taking advantage Of the control loop in inside of kubernetes to keep constant watch Right and to detect drift and all that and I'll I'll go deeper into that into that. Um Into how that works the rd pattern kind of thing. Yeah, crd pattern. Yeah, because some resource definition because some resource um, but you know kubernetes slash open shift and get ops is a perfect match because you know, you have a declarative Um way of describing infrastructure and now you have a declarative way of deploying your infrastructure And i'm like, okay, well then, you know, let's put the two and two together and wow Let's get some peanut butter and chocolate together. Yeah. Um So, um, it's it's essentially, you know, uh match made in heaven essentially so, um So there's some some things um That I kind of want to touch on is you know, I'm kind of going to get a little bit opinionated here Um, surprise surprise, right? I get it Um, this is really so to to steal a quote from um, one one of uh You know here our internal slack, right? There's like there's this group of us I used to call us the argonauts But I think we need to change names now because now we're really just focused on get ops and not just There's like a group of us and actually I kind of want to give a shout out to gerald from the red hat canada He actually said like get ops is kind of like a journey And a lot of people say like journey to kind of just use it as like a marketing thing or like like a sales pitch but like no, this is literally a journey because um, you know I started with get ops with one opinion and it like changes like more and more I learned about it like I get I get The more more I use it the more more my opinion changes, right? So this is Literally a journey we're all going through Yeah, very much so. Yeah, very much so is this and you know as as we learn more We kind of have to adjust and as get ops is getting more buzzwordy and more popular You know, there's gonna be certain um, you know certain verticals That will have opinions on it, right? Like the like the public sector And you know government and you know all of that financial there will have opinions as they start adopting some of the stuff Absolutely. Um, like their pipelines are gonna include things that other peoples would Yeah, yeah exactly or just like oh, I never never would even dreamed of like trying to do that with get ops, but you know makes sense Um, yeah, so it is it is so it's steel from Gerald. So shout out to Gerald Red Hat Canada by the way, Red Hat Canada Which is smart smart folks. I think it's the best kept secret at red hat is red hat Canada there's a Because they're very smart and then we're very humble. So it's like it's just you know the perfect combination. Um So this is a journey, right? So um But you know kind of some of the principles that that you know me and that group Kind of came up with is you're going to separate your application code from the actual manifest that deploys them, right? Um, make sense. Yeah, so you have your your your code and then you in one repo and then you have Your manifest to deploy that code in another repo, right? Um So there's still a separation of of developer and infrastructure type Things, yeah, right like the developers don't run the asylum and the infrastructure people don't tell the developers No kind of thing, right? Yeah. Yeah, you're working together. Yeah, you're working. Yeah, so a lot of so I kind of want to um, there's also um Trying to try to diversify get up. Sorry dev ops as well because you know Like I would have conversations with people. It's like well, it's it's never going to be one department because they have um, you know Like different goals and I'm like you're you're you're misconstrued like you're it's not a department, right? Like you're still like there's still going to be an ops department. There's not going to be a devs department It's how you work together, right? Yeah So yeah, exactly change. Yes process change is more process than anything else Um, you know, you're not going to be sitting next to the java developer I mean, maybe you want to but yeah, I mean it doesn't um necessarily mean that I've usually sat in my dev ops roles in open spaces. So yeah That's you know, and developers or ops or whatever would just kind of just come around when they needed me kind of Yeah, exactly. Yeah It's like, well, let me you know when someone needs something only me stand up and talk to christian over here You know, like, yeah the developer will walk to my desk because we're all in open space. Yeah, um So, um, so yeah, that's like like one thing, right? We found that Um, you you have separate separate basically repos. You have one for your application and one for your, um For the all the manifests To deploy that application, right? And you're and all the deploying manifests are in standard kubernetes manifest. So that just makes sense, right? You have You know, you just use the native. So like yaml. I would argue is the most popular language now because Because it's like, you know, like you just kind of have to use it now Has anyone done that analysis on github yet because please That needs to happen Like let's put yaml in the rankings folks. Yeah, does it pass html at this point? Yeah, when you do those those code, you know, yeah the code I want to include yaml on that see where it ranks. See where it is. Yeah, um the red monk top 20 yaml Yeah, exactly yaml, right and then maybe jason, right, right, right? Right, right Yeah, which by the way, which is why I said standard kubernetes manifests because it could be yaml or jason You know pick your poison Most people just use yaml just because they're just comfortable with it. Um, a lot of python developers out there So they're just use the yaml Also, you avoid duplication of yaml, right or your your your manifests, right? So you'll have one you'll have a deployment and instead of just copying that deployment for each environment. You'll you're going to need a way To reference that one yaml and I'll talk about that in a little bit as well. So And yeah, so the manifest should be applied with like standard tooling essentially, right? So essentially here just keep it simple is the Is this is kind of the guiding principles we've been we've kind of been talking about um internally so the two operations Actually really easy, right? Um, kind of like what we've been talking about You know, I You know, create a pull request Someone merges it Someone runs a pipeline Pretty standard, right? So, um, this workflow is is very, um Um Tried in true, I feel tight and true. Yeah, I'm familiar to the developers, but this is tight and true So like why reinvent the wheel kind of just take an operations approach to it as well? um Is all changes are triggered from from git, right? So once you got to get ops a workflow in You know, chris short may want five new nodes um pr PR and it goes through the process, right? It just essentially goes through the process of whatever it is, right? Whatever that process is um of your your git and then whatever your approval process is to You know procure infrastructure or whatever. Yeah So and then once it merges it's in um, so You know, I kind of made a big stink about not talking too much about the tools But it's kind of hard not to talk about the tools. Um, I don't want to talk about at some point Yeah, at some point. Yeah, I don't want to talk about a specific tool I want to talk about tools of the trade, right? I want to talk less about Less about brand more about, um, you know, what's available there to you, right? So You're gonna need a way So you have like git and git repo and you have a declarative infrastructure like, you know kubernetes open shift um, you need tools in order to make all that work, right? So, um Too big as tools really is a sync tool, right? You need a way to sync um Some people call it a sync tool some people call it continuous delivery continuous deployment whatever you want, right? um It's essentially the same same idea, right? So the some of the big ones out there for for syncing is like argo Right, like argo cd is a big one Flux cd is another big one um, we have a cm, right? Which is, um, you know advanced cluster management management by red hat, right? there's also things like, um Like, uh, templating tools, right? So like in order to not duplicate yaml You need to some way to template lies a deployment, right? Like you need a template deployment So that some of that which is like for yaml people is like no no no don't templatize yaml note. You got to yeah. Yeah, exactly You don't want to be copying and pasting the same yaml file like 12 different repos. That's just no No And also and then that's something like helm and customized, right? Yeah, you can use that for templating as well. It works perfect in in this And some some tools actually kind of do a little both, right? Like ansible kind of does templating and kind of does syncing as well It kind of it kind of sits I like I like ansible because it's almost like you don't know what you don't know where to place it, right? Because It's not quite config manager. It's not quite working. Yeah, it's not. Yeah, exactly. It can be glue Yeah, yeah, exactly. It could be glue or it's like it's like the chameleon I would say right like really exactly You can really use it for a lot of things. Yeah, which is why I put ansible on there I You know being I mean you can You can even write like the reconciled loops and ansible if you really want to right like yep, exactly That's a cool thing. Yeah. Yeah some um, there's been I think there's some Talks out there that the ansible guy has done is like get ops with ansible They do a lot of talk check those out guys if you If you want to see those those are really cool. You you can google for them It's like the first first things that come up is from red hat. Um, what logo is the doughnuts with the corona? Not a cm the doughnuts with the corona. Oh, are you talking about open cluster management machari? Maybe Because that that's like the upstream of a cm. Yeah Maybe not a cm, but yeah, yeah the logo doughnuts. Yes. Yes. That's what he's talking about That's open cluster management, but that's like the upstream of of a cm. Yeah So, um, yeah, yeah under argo. Yeah, so that's that's the Yeah, so um, so these are kind of the tool the trades It's really kind of you need a way to do the sink and a way to do templating right and so, um And You know, I want to talk a little bit about Um, the the syncing tools right so that here on the right is an example of argo, but just in general The syncing tool is built on It it's it's used to detect an expedite Drift detection and correction, right? So it's it's used to help with that and it's built on The kubernetes custom crd's right custom resource definitions Which are g8 features in kubernetes now as a 116. So it's been a few releases of it's been a few releases Yeah, because we're we're about to release 120. Yeah. Yeah. Um, so Um, yeah, so crd's is essentially is is a way to extend the kubernetes api without having to build it in tree Um, there's actually right there's and you know, a little a little a little tangent about About crd's I saw a talk given I forget It it was um, you know back when we were able to travel it was um It was kucon right and there was some guy from google said I want everything to be a crd And I think yeah, and at that point like kubernetes. I wonder what that makes kubernetes like An api a common api between Well, I mean, and that's the thing right like you can't necessarily, you know, write an api As a crd, but you can definitely do apis with crd's right like I mean it's Yeah, it's like it's it's like chicken eggy kind of situation It depends on your use case, but it's entirely possible that you could do everything with crd's. Yes. Yeah Yeah, well he he said like I want a pod the definition of a pod to be a crd And I think that's kind of interesting. That's how just like the idea. That's how powerful crd's are like, right You essentially can do like kubectl get Uh my db and whatever you define my db to be You know, that's it. Yeah. Oh see get chris short and like whatever that is whatever comes up Whatever you define that a lot of bash scripts. Yeah A lot of bad badly written bash scripts Ton of ansible pretty well written Ansible with a bunch of shell right That's what I want to write Um, so yeah, so it's just a way to extend the kubernetes and um api and Some of these sync tools are written to automatically detect drift and automatically do the correction, right? So kind of the same thing the reconciled loop, right? I see one pod running You said you want to I'm gonna spin up the second one same idea, right? They took they took advantage of that control loop That declarative nature of of uh kubernetes, so, um Some of the most popular A get-up tools for syncing right as we talked about before a flux cd, right is very popular, right? They're developed by the guys that we've worked um argo cd, right, which is um We would actually we just announced in kubecon that uh, we're joining that project Right like pretty heavy investment in that really heavy investment in it. Um, you know argo cd And acm right which is advanced cluster management. Um, obviously is another heavy investment, but we have the investment Yeah, so that's part of the ibm acquisition, which is I think very cool as well Yeah, yeah, which is yeah a lot of people don't know that like ibm gave us acm, right like Like those employees went through like new hire orientation and everything like they're red headers now, right? Like it's pretty yeah, they are red headers now So yeah, a little you know a little bit about that right a little bit pulling the curtain a little bit Yeah, they actually like here's a bunch of developers So which is kind of like some of the powerful thing that um, what happened with the ibm acquisition is like they can do that Right, like they can just give us resources, which I think is cool. Um, yeah Yeah So, you know, I kind of want to step back another tangent as you know as i'm known to do Is like the whole idea is like, okay. Well, you're an argo and acm like what's to deal with that like really one of them's gonna be a A developer tool and what i'm going to be for like security and operations. Um, right? There's gonna be tighter integration obviously Yeah, acm is a is a bigger It's just more than just like synchronization of applications, right? Like that is like one facet of Yeah, one little more like is like why would I use acm or or argo is like you're just Asked so there's a lot to that Exactly. Yeah, there's there's acm You know that it's a little more so what it actually does but it does do The you can't have a get-ups Experience with acm, you know as well and then I put ansible obviously at the end which is kind of almost similar acm, right? You can do get-ups Ansible as a syncing tool, but ansible does like a whole lot more than just Oh, yeah, the syncing right so um So and just in case you're wondering like, you know, what is advanced cluster management? How does that work so for so on next tuesday 1 p.m. Eastern time new show starts for uh red hat advanced cluster management Just about that. So we'll have those experts on for you So you can ping them with all your questions about how can I do get-ups with acm or WTF is acm, right? Like that's entirely welcome as well Yeah, exactly. Um Sorendev says ansible is too powerful. Yeah, yeah, exactly Maybe maybe it is. Yeah, um, so uh, so yeah, so here, um You essentially what I was saying before it's like it's a declarative representation of the entire stack. So, um, everything that needs to sync Whatever sync tool you need to whatever sync tool you decide to use Um, it needs to the the entire representation of that stack needs to be and get right whatever whatever tool you use Doesn't matter what tool you use is Is is hot heads what you're doing right and you need to get that that whole uh representation So when I mean everything, I mean everything right, so I'm talking to you infrastructure guys, right? So developers actually funny enough are Easier to talk about get-ups because they kind of understand the whole flow a little better Right because they're a little ahead of that stuff with operations like when I say the entire cycle I guess I mean the entire stack right like I mean everything like the definition of how to spin up a VM the definition of um, your machine set definitions all the namespace all the deployments all the all the definition on how it everything gets shoved in again And that actually could be Um, it could be a little scary right as you mentioned before to the operations, but um, it actually puts more control in your hands And more visibility in your hands right you can see who's doing what and who's requesting what and what's happening in your infrastructure right you can see you have a representation of it and um And usually the sync tool has a as a way of defining what gets loaded into your cluster, right because like here again There's an example of of argo and how to get um, you know, I'm saying hey I want you to target this revision. I want you to get this uh repo url You know, I want you to deploy it to this server that sort of thing, right? Um, it's usually declarative. It's the other all pretty similar um So The base this is a basic workflow, right? So I'm gonna talk about basic workflow Right, like so there is a question in chat, but I feel like we're gonna get to the answer about how to you know Remove phrase conditions in order of operations, but I feel like yes that is going to get answered here very soon So I'm not ignoring that question. So yeah. Yeah, I see the question too So yeah, we're actually gonna answer that specific question. So that's good. I like if you ask what ask questions that I'm gonna answer Make your life easy, huh? Yeah, it makes my life easy. Yeah, I don't know like I've done like countless of summits And like when someone asks a question, I'm like, I was gonna get to that. I love it I don't have any other question that I that I already know the answer to um But like from this is like a not even a 10 000 foot view is like a 10 million foot view Right of how the basic workflow is is right you make a change and get um, and that's um The the sync tool checks the status, right? Like it'll it'll it'll receive like oh, there's a change I'll synchronize that into the cluster, right? So As soon as whatever branch or you're tracking or whichever um tag you're tracking as soon as the change is made Um, it'll it'll start it'll sync that to your cluster, right? So that's basic workflow um But as as we all know it's not all unicorns and rainbows, right? Um, there's some challenges, right? There's definitely some challenges that come that come into this, right? So, um You know, we there's there's been a lot of back and forth You know within with uh, my my fellow Argonauts. We need to change our name, but um our fellow get get ops Folks um in our chat ops enthusiasts get us enthusiasts at red hat, right? Do you have one repo or do you have a separate repo for or basis for environments? Like like do you have one monolithic and do everything with tags? Um, I think that's the that was the original idea Um, some people find like well, no, I think I want separate repos. So like, you know repo structure kind of gets pretty complicated And you'll see that in the demo Right because I I I I did a little demo, right? It's a little small easy demo. Um Um, managing secrets, right? So like all right, everything means in get Then that means my username and password for my databases are in get Like so like that's just like a challenge you need to you know, yeah Like you've got to assess that and figure out how you're going to manage that. Yeah Are you going to manage that? Yeah, there's just some things that you're just like, okay Well, like, you know If it's if it's not in get then where would it be or if we are putting it? What do we do? So that's kind of like some of the things Kind of a topic. Um, and I'm actually going to have a stream specifically about secrets I think it's episode two is going to be about because I need to look at my list Um, yeah, it was like two or three. I forget. Yeah, it was two or three. So we will talk about secrets Yeah, we're going to talk about sealed secrets. Yeah, we're going to talk about sealed secrets. Um, and so Order of dependent deployments, right? So this is why the question you were asking was it Calrissian? Yeah, Calrissian. I think it's the right pronunciation Landon Calrissian. Okay Um And uh, you know order deployments, right? Like there's some things that doesn't lend itself to declarative, right? So it's it's You know, that's going to be a challenge, right? Like I said on declarative requirements and integration with your ci CD tools, right? Like you have Jenkins Openship pipelines you have tecton like Does the ci CD or the sync tool manage deployments? Like how does that work? So like, you know, you already have a process in place. How are you gonna, you know, fit that square peg in the wrong hole? So, um Sort of thing, right? So there's some of these like just challenges that trying to migrate over to Like a get ops workflow, right and You know, there's the the first approach I think is um It's one of the ones that the Again a shout out to the red hat canada like they came up with is that to have multiple repositories, right? So like I have like my production repo I have And then, you know, my config repo For for staging my config repo for for testing and then I have like my code, right in one repo and then I have different configurations for different environments, right? So Gosh, somebody says get sub modules are the answer Get sub modules. Oh, interesting. That'd be an interesting that'd be interesting topic actually No No To quote open pixel Get modules are made by the devil themselves Yeah, I can say that because it was in the chat. Yeah, yeah Yeah, exactly exactly. Um So, uh approach two, right is essentially you have a single repository For everything and I'm gonna tell you right now. I'm not a fan of this Um Approach that yeah Look, so this is one repo, right? This is not three. Yeah, no, this isn't three separate repos. This is just One giant repo. Yeah. Yeah Yeah, we couldn't fit it in the slide like this is one repo and just all the Um and not only the directories, right and a bunch of overlays a bunch of bases a bunch of directories You also have like tags and branches to worry about in each different um environment, right? So this is I'm not you can do this this way to yeah, yeah, it's it's uh, um This is essentially well, you wrote this probably about the get some modules, but this is also nightmare to manage I see that you wrote on the chat But it's just I was like, oh, that's that's a good quote because this is a sense for me It might work for some people. It might not yeah, it really depends on like how your Organization manages infrastructure and manages applications, right? Like this might be the right approach for you a monolithic repo kind of thing might be Where you're at right now and that might be how you do this at first, but yeah I would advise you to think Yeah, I think just more smaller things is better than One big thing, right? Right, like we're you know, we're kind of in that stage where it's like, okay Maybe like bite-sized things are better than You know one big monolithic, right? So um, so yeah, so those are really two approaches I think I kind of I I you know, I kind of sway back and forth I think I've kind of really settled on the multi repositories, right? If you have different opinions, feel free to throw in the chat. Um, or feel free to send us a tweet whatever the Uh, you know, I think it's it's a better way. It's it's it's just better It's easier to manage right to have these different repos. It's like, okay I need to make a config change to the dead repo Versus, okay, let me go to the main repo and go to the dev branch and then go to the folder That has the dev configuration versus the print like I To me the other way is easier, right? So, um So this is my you know My my my opinion is really just go to single single approach, right? So yeah pretty much everybody in chat is like Poo Pooine, uh, get some modules. So yeah, Poo Pooine gets so much Yeah, sorry Linus. Yes. Yeah, exactly I was speaking with someone with with a strong opinion, right? Um So the next thing is actually managing secrets and I actually had a pretty interesting conversation I'll be of the curious as to, um, you know, you can kind of touch on it and we'll get into deeper in the next episode, but um So you're externalizing your secrets, right? So, um, that means your secrets are your base 64, right? They're encoded. They're not encrypted Um, which is the idea is essentially you want to encrypt your secrets Yeah, and then store that encrypted secret you can get essentially, right, right? And yeah And you know people might think oh my gosh. Well that that means someone could take my thing and like Grab 17 gpu's from eight over us and crack my code. Well, I mean If you're that worried about it, you need something like that can auto cycle those. Yeah a lot faster, right? Like Yeah, and and so ways to do this Yeah, and there's ways to do there's ways to do this, right? And like I think the the consensus. I think a lot of people like even at red hat. I think, um Bitnami has sealed secrets, right? Uh, the weave works guys recommend sealed secrets And I think the consensus at red hat is like sealed secrets is how you store it, right? Yeah, or you could use something like hashy corp vault cyber arc You could do you could keep your encrypted secrets in private repos You know if you if you're that worried about it, right? Like there's there's all kinds of ways to manage that Yes, yeah, exactly. There's cyber arc oss. I don't believe so. I don't believe so. No But there's there's a lot like I mean you just list a few here yet. Well you many others. Yes, lots of ways Yeah, I won't have enough. It'll it'll look like the uh, it'll look like the big tree slide. Yeah It'll look like this, right? Yeah It'll look like the cnc f lansky Yeah, a lot of people like so in the chat a lot of people. Yeah, exactly. It looked like the cnc f lansky A lot of people in chat like the like vault. So that's good I mean hashy corp vault's a great tool, right for managing secrets and it integrates well into the get ops pattern. So, yeah Yeah, yeah, definitely. Definitely. Um So really managing secrets is no secret. You just have to encrypt it or manage it somehow this so You know, we're not we're not brushing this off in any way shape or form We completely understand and there will be an episode about Well, yeah, because I had a conversation with someone like, okay, well, we have a way to manage secrets We had a way to encrypt secrets. How come there's no tool that does both and it's like Well, we'll talk we'll talk more about that, right? I think that's a very good. Um Uh startup idea by the way whoever has coding skills. Um To give you something that does both, um so there's um Sometimes there's actually somebody linked a vault secrets operator. Well, see it's operator. There you go. Yeah Yeah, cool tries Someone brought in chat. I'm sorry. This is kind of a little bit off topic try expanding cncf map in a series called Let's understand this shall we? So like mini series like so the cncf used to actually print like big copies of the landscapes They don't do that anymore, but yeah the last version that they printed had the trail map on it, which is what I think is way more Uh useful than the actual landscape itself. Yeah. Yeah trail map has like 10 things on it that you know You're gonna need in a cloud native environment and then that's pretty cool actually go to the landscape to figure out Okay, I need this thing for you know Containers I need this thing for security. I guess this thing for secrets, right? Like that's what the landscape is For you take that trail map you look at okay. I need all these things and you flip that a thing over and you look at the Landscape and you're like yes, this is intimidating, but they're all in boxes, but they're all right. They're all in containers Yeah, they're all So you then you know, you're just matching and pairing in like what works for you and your infrastructure, right? Like you've got to test this stuff what works for your organization is the right tool for you Exactly exactly. Yeah, so it made a little bit more you can navigate it a little bit better. So Yeah, it's it's all like just go to l.cncf.io and it's there for you, right? There you go. Um, so yeah, so Again order deployments some uh, someone asked, right? Um Sometimes you do actually have cases where you need to deploy things specific order So yeah, this this was an issue actually a red hat that we ran into because we went all in on operators, right? if you Unless you've been living under a rock If you talk to a red hatter who was at some point they're gonna say operators Some point in the conversation. I don't know what even if you're talking about It's something unrelated. We'll say operators right because we're just all operator centric and the way operators and our operator life cycle manager works There's a certain there's a certain order of operations that happen, right? So in the end it's all yaml, right? So in the end it's all yaml or jason whatever pick your two One day there's going to be xml, right? So it's going to be it will come back to that. Yeah pod slash o xml Yeah, where's that? Where's that rfv? Anyway, um There's there's just a certain order you need to do in order to deploy an operator, right? You know, you need to create a namespace or project before deploying an application You need to wait until storage gets up. There's just um, you know, there's uh, there's way to do this, right? And the tools like like the templating tools like customize and help um Automatically handle this in some cases, right? Especially like the order and things, right? You could dictate order and customize and in helm and also the tools Have a way to do things In certain orders, right in in certain in argo cd has this thing called sink phases and waves, right? That'll that addresses a lot of all the other tools have Have something similar It's just I just worked with argo so much that I kind of just know this in general There's uh, there's like a sink phase, right? So there's like stuff to do before you sink The actual sink and then stuff to do that after the sink happens, right? So the the sink is keeping air all the manifests Declarative manifests in sink in your cluster Uh, maybe you can do things before and you can do things after so that way like things like You know wait till storage is set up wait until you know your database is up and running things like that things You just need to do um Yeah, and then uh within each phase You can have multiple waves, right? So You know you have you know one does like it'll wait until one wave finishes before the next wave starts, right? So You know with these uh with with these tools you can You know kind of dictate what order things run And in my demo I actually run into I ran into this issue which which I fixed with sink waves and things like that is The e of k stack, right? Like there's just yeah things that need to Happen in a certain order or it's happening in a certain order. It's just there's a database involved Yeah, exactly. There's many many waves many many phases involved. So That's how you kind of handle the order of operations and get ops, right? But the the sink you know all sink tools have a way to address this, right? So I mean ansel has that a cm has it every tool that I've ever run into that says it can do get ops has something like this So yeah, yeah. Yeah, and then um, there's also other ways to do it as well, right? So like there's things that just you can't be done in the declarative way So like you use things like in-it containers and jobs, right? You can write an operator Do resource hooks, right? So I'll have a way You know have some some hooks have haven't hit hooks in different phases I'm a big fan of in-it containers and jobs just because it's just a native kubernetes way of doing it I have the tool there But you can do it you can do things in in different ways, right? So So um So integrating with ci cd tools, right? So it's like how come How come I need argo cd when I have jankins and actually I think jankins is another topic, but I'll I'll get to that a little bit But um, it's called argo cd or flux cd. It's not called argo ci cd, right? Right, right, right. Yeah its tool is only doing cd. It doesn't you still need a ci process, right? You still need right jankins to do things you still need tecton to do things right copies whatever you use, right? Yeah, um, you know jankins kind of took I think jankins is it's its own category Because like it's like well, it's been added on to and bolted on to so much over the years, right? Yeah, it's it's got a lot of responsibilities now and a lot of people's infrastructure. Yeah, yeah, exactly Yeah, it has and then a lot of people built into it. It's like I can do all this with jankins I'm like, yeah, yeah, like you can right? Because like jinkins is now decoupled that Yeah, exactly. I'll decouple that right? Yes. Um, oh I have another jinkins thing over here. Yeah, yeah Now you have two jinkins Well, I mean, they're yeah, you can have jinkins that spins up jinkins slays that does other jinkins jobs. It's just yeah Um, it gets it gets crazy, right? It gets it gets it's a bit a bit crazy. Um, so, you know, remember that that that's simple um high-level, um sink, right? Like the the if I go back a few slides um I this uh this right here, right? Like so this so we got this that's a basic workflow the workflow actually right if we take a little deeper Looks like this, right? So, um So you have an application developer that has an application repo and we have an environment repo kind of like what we said here, right? developer You know does a commit to the application repo? Um, you know, it'll you know, it'll do emerge somewhere and then a ci cd pipeline happens Maybe it creates an image puts an image to a container. Um, you know, whether it be quay, right? Or jfrog or whatever you want wherever you want And then it and then that pipeline updates the environment repo manifests, right? Because like you may have a different tag You want to deploy into your environment, right? You're changing versions v1 versus v2. So that sort of thing um and then um And then that gets glommed together, right and in the admin side we have an infrastructure repo, right? So we have A repo that just takes care of the underlying infrastructure of of in this case, open shift, right? Cooper today's open shift. How do you want? um So that gets an infrastructure repo and like everything in the center of all this is the sync tool, right? Whether you're using like a cm. Whether you're using flux with argo, whatever it applies all of that To your to your cluster, right? So this is the cd part the delivery part It actually delivers and make sure that your cluster Is in the same version Um as you have in your repo, right? So Um So this is this here is something, you know, take a picture memorize it, right? This is kind of how it how it looks like, right digging a little deeper um This is how the the workflow looks like nice, so uh get ops Enables you to deploy across multiple clusters But like, you know, it's a trap, right? How do you imagine configuring without copying pasting yaml everywhere, right? So first we talked about the sync tools Right, um, you know, well, how do I get, you know, this one yaml and 10 different get repos? Without duplicating it, right? So, um One of the things and I think it's the tool that I use a lot. Um, I think it's becoming like the de facto. Yeah Yeah, a lot of people like helm and I actually haven't played enough with helm I don't know if anyone in the chat uses helm within their getoff workflow I haven't used helm. I haven't had the really the time to sink my team into it Um, but a lot of people love using helm as well for their template. Um, I use customized just like you said this like When I first was kind of delving in to get off someone said just use customized for you know, that question you just asked I go, okay, and then I just learned it and I just kept using it. Um It's it's essentially the powerful thing about customize is that you can reference another um Another yaml file, right? So the deployment I say I want to reference that deployment file But when you read it into the cluster, uh patch Patch, you know patch the scale, right? Like instead of Instead of two I want three right or instead of the name being foo. I want it to be bar, right? So So your configuration for each environment gets gets very very small because you're referencing one yaml But then you're patching it to match your environment And I think that's why Customizations lends itself really well to to get ops is just the templating aspect of it I think it's becoming the templating language of get ops, but Helm is coming and saying hold your horses. So there's a lot of people that like helms. Um that conversations that I Yeah, I mean some people have you know Latched on the helm from the early days and you know, they've been okay with tiller and you know using helm and everything else And now with helm three coming out and the removal of tiller, you know helm is you know in You know open shift now you can use it You know way of easily with open shift now and pretty much any cluster Because you don't have that dependency on having some binary running inside the cluster anymore. Yeah. So yeah, I can see how I'm like Getting that, you know yaml templatization, you know boost now. Yeah, yeah Yeah, especially without the tiller now it's going to get a wider adoption. So I think Um, I think that'd be uh, I think it'd be interesting to see where where we end up here What the cool thing about customize is actually built into the cli the oc It's already there It's already there. So maybe that's why it's it's really popular. Um, you know, it was including starting at 1.14. So it's it's um It's there. Um So like their customizes organized like in a hierarchy, right just kind of like everything else is there's a series of directories with the animals There's like a base or used to be a base. Obviously, um It's deprecated now. I don't know if you all you know if you're if you're using customize the base directory is deprecated technically But you can still you still kind of use it. You still kind of have it with you just reference it as a resource and You know, you put it, you know, whatever You know, however, um, whichever or um order you want it in right so and then the the overlay, right? Um It's essentially things that you're overlaying on your on that base Uh on that base yaml file, right? So you have a yaml file Uh, that's that's your base and your overlay your overlay on top of it and it'll um It'll basically spit out another yaml, right? It'll take the base yaml and whatever you're patching and it'll spit out, you know the the yaml for you to um For you to deploy right so you have kind of a uh, um, you have your resources here, right? Um, when you run, um when you run your uh Your environment With your overlay, it'll include the base and it'll just do whatever patching it needs to do Pretty simple pretty straightforward. Maybe we'll do an entire episode on customize. Maybe that'd be cool That'd be cool, man So just to kind of see how that works It's actually really easy if I can if I can get it anyone can get it So I got it like the first time I was like, oh, that's pretty easy um It it's almost like a you know, like I get the same kind of feel With customized that it did with the ansible when I first picked it up, right? Yeah. Yeah, it feels kind of natural, right? Yeah, it feels kind of natural. Yeah, it just feels natural the way you do it. Um, so yeah, so just kind of just some of the Things I already mentioned is uh, basically don't duplicate You know Yeah, all right, and um You know some of the differences By the way, we had in open shift version three We had a way to do templates, right? So like people would ask why is red had to do templates? Why don't they just use helm charts? It's like this is back when Helms still had tiller and it was a little right. Yeah, you know, we were worried about you know Yeah, having some daemon running in your cluster essentially. Yeah, that that could do anything. Yeah, anything it wanted. Yeah Yeah, um templates will be deprecated We still support it because 3.11 still support but Moving forward helm charts Customize the way to do it So it's uh, and you know, and we support both right right now supports both helm and and customized so this is really um, it's really kind of like choose your poison sort of thing, right? So it's um Again, I didn't have a lot to talk about helm because I don't really know enough Maybe one of these episodes will you know, I'll I'll dive deep a little bit to what I we got a helm expert here at red hat And he he wrote a book recently about helm, you know, we should probably tap him on the shoulder and be like Hey, what's me with helm? He might owe you a favor or two too, I feel that's right. Yeah Exactly. Um, so yeah, so um, I have a quick demo to kind of just See You know what it looks like, right? So like in right in Last few moments. I know we're a little bit over but that's fine. This will this won't take very long, right? So I have Yeah, I have a I'm actually put this in the chat here. Oh, thank you. I was gonna do the Um, you can do it. There you go. There we go. So, um, Yeah, so it's actually it says openshift config expand because I actually have a where's my other repo It's somewhere here Oh, that's right here No, it's not for now you did the blob There we go. So like this is kind of, um, explaining kind of like the the power of of uh Of customized, right? So like this this repo deploys Authentication for open shift creates three groups. It does the cluster role binding for those groups. Um It deploys an application Um, and then install, you know, obviously installs argo CD first obviously, but it installs argo to do all that. Um And um, and it does the rback for argo itself Dang And then the expanded all figured out for us. Thank you. It does it all for you, right? So the expanded one actually does everything does all of that And on top of that it does it deploys the efk stack Wow with olm right with operators. Yeah, it deploys yet another application and it creates a marketing group, right? That has edit access, right? So like it does It does everything that one does except, um a little more like if I go here to um, hold on let me see here Config overlays default config Uh overlays default your customization, right? So if I look here My customization script, I basically say take that config Right my upstream config In that other repo and I'm just gonna add a little bit more, right? I'm gonna add a couple things to it, right? So I don't have to duplicate All of this code in another repo I just Get it and then I can either patch it if I want or I can include other things to it Basis versus patches like if I wanted to patch this versus, you know, like base it Off of a series of files. Is there a different like flow to that? The the only flow is that you would have, um, let me go overlays here I don't do I have a I'm an example of patching. You probably it's probably a question that Didn't prepare you for. Yeah, there is so it essentially you would add a I don't think I'm patching in this repo to be honest with you. Yeah, sorry my bad. Yeah. Um, I actually patched another repo So let's let's look over here. Um, not this one Uh overlays. Yeah cluster one, right? So I have um, this is my, um Ah, so I do a so I'm I'm loading in Let me do my customization, right? So I'm loading in the base Right, which is the base when I read that I want to take Um, the deployment and I want to patch it, right? I want to patch it with whatever it's in this file and also I want to take the route and patch it Whatever is in this file. So if I look at the nice the deployment, right? I said replace the this environment variable with this value Okay And then read that same base deployment And replace the host Value with right here. I'm making I'm leaving it blank because I just want open shift to create the standard route But like if I had a specific route, I would right type that and yeah That that's essentially like the difference between um, and it's all in the customization file. So Yeah, uh, narenda is like, hey, you need to use octo tree Yeah That's right. Actually, I haven't you know, you haven't had a chance to tinker with that yet Yeah, I haven't just seen with that, but you know, I do just grab you a token and get going man It's a life changer. It really really is especially with the kubernetes repos man. Yeah. Oh, okay saves me so much time Actually, yeah, because I don't need all these tabs open. Um, so essentially, yeah, so my um, the point of Showing you that other repo was that I'm gonna suck things in from other repos So I don't have to have It's all in git, right? Like it's just I'm just gonna take this piece from git and this piece from git And you know, maybe I need to patch it with another thing, but that's in git too, right? Like yeah, it's all there So like if I go, um, so first let me let me install argo, right? So hold on. Let me go to my Um, let me export here I need to fresh be fresh cluster. Yeah, right. Like if I get pods grip argo, right? There's nothing there. Um Yeah, so I'll install argo. So This here essentially it just installs argo. Um, it'll it will loop through until Argos install Nice So it'll fail the first time obviously because it's not just reasons order of operations. Like I said before it's hard And then I'll um deploy this repo, right? Wait, it said nothing. Oh never mind. Sorry. Yeah. Yeah. So yeah, okay unchanged. Yeah paste and then um If this essentially installs that entire stack, right? So it'll Deploy the rback. It'll deploy the users It'll you know from that other repo and then on my repo i'm installing EFK And then it'll install that stack as well. It'll do all that syncing. So Um, and that's my cluster config, right? And my in my cluster config I have um, you go to manifests I have uh, no, that's not it Maybe it's like you just like this Yeah, yeah project base So I have um, I know that's this the rback Applications base watch as we there we go applications christian to install octetree live That's the um So here i'm saying, okay, you know, i'm gonna deploy this application This is not in my repo, right? This is an application repo. Yeah, that's something else. Yeah, that's something else, right? So that's this repo here The application repo so me as a Operations I can deploy the cluster But if a change needs to be made it needs to be made in the application repo right and my My sync tool argo cd's job is only to make sure those are in sync, right? So whether you're using argo cd or acm it does the same thing, right? Um, so if I go here, let's see where it is um cube ctl get pods grep argo Cool, let's go do uh get routes grep argo I don't know what the argo there we go. There we go Here yes advanced, uh, accept the self-sign certificate Login via open shift, right because we want to do the oauth We're tying in oauth another shout-out to andy bach who block who did the tie-in the argo cd and the So that says it gives me an hd password file. That means, um, my my users are loaded in Right allow set up the permissions. So here it gives me um configuration here Like for instance, this is out of sync. I can sync this on demand You better tell that thing to sync up. Well, I can sync all apps, right? Right. You know what that prune whatever it doesn't find um Okay It's doing stuff. Yeah, and um, so here boom green. So here. Yeah, so here. I have my cluster config, right? um That this is like, you know, I set up my authentication my container security A scanner right nice. Yeah. Yeah nice my, uh, efk, you know, uh Monitoring everything else. Yeah. By the way, this is crazy. If you see this here, how do I I like the I like this view the little ant view. I don't know. Oh, okay. Yeah It's to me, but um, I can see the yeah So like here it'll it'll start show 68 hidden resources So like you can see how complex this is that which is why I like just like sync waves and things like that Yeah, uh, because there's so many components to get this up and running Um, but you've done so much of this work already that people can literally just use this as a template and go from there, right? Like that's pretty cool And if you just reference my repo Yeah, and then just do a patch if you don't like that stuff all you want Yeah, just patches stuff something like you just had minimal yaml, right? You just have a couple yaml files that does do this patching Yeah, you don't like the names I use or any of that you can fork it You can contribute back upstream if you want all the one line yards exactly. Yeah, and um You know, what's cool about this is like I can log in um, not that one I can log in via like a regular user, right like ocp Right, that says this is why you need an 85 inch monitor Yeah, exactly So I logged in as developer and I only have access right uh, right project, right? I don't have that so me as a developer you can't see the cluster config You can't see the the scanners nothing none of that. Yeah, I just see my app because really that's all I care about right, right? You know, even if I want to delete it It won't let me right because like, you know, yeah, it's your it's it's in prod. You ain't you ain't touching that Yeah, but I can sync it right I can sync it if I want right because that's that's something that a developer would want to do Right, so I want to be able to sync if something I made a change make a change or something. Yeah, yeah Um, but it's in a repo that they control it's gone through an approval process that they've established Yep, they want to sync it. There you go. It's in git. It's been merged off it goes off it goes, right and so And this is and this is just my view, right? So I'm able to do is to as a developer just see Without having to worry about like what's the underlying infrastructure and without like like we said before it's not like You know, you're not you're not letting the developers run the run the farm here, right? There's still separation It's just how this is driven Is different, right? So like if I go here and if I want to Let's say oh this is prices, right? So like if I want to take the front end and Let's go to the deployment Right, like if I want two replicas here, right, let's let's just go through a simple workflow Uh, where can I I can't even fork it on my own this will be here My old my old tiger team. Oh, okay. I'd say you could put it in our doc repo if you want to Right and then here i'm gonna You know make a change Front end and I want to Right edit here again Admin guys, this is easy, right? You can even do it through the web ui. I want two replicas, right? You know, I'm I'm doing it to master it because this is a demo but um, normally you would do a branch Nobody you do a branch you go process it get merged and then you would So then I just do a pr, right? I want to go I want to take my pr into this because I want two replicas, right? So now you can already see that there's like To change the scale I have one replica here too. You can actually already see, you know You know, it was me that made this to this there's a hash over there on the right now If I user the whole nine yards, right, right like create pull requests, right? So then now um Right, you go through the process right here. I go, you know, like, you know, why do you want this? Right, like you just go through the same workflow as you would normally except, you know, you start to review Right and I I could, um, you know merge pull requests. Yeah, that's confirmed Uh, confirmed merge, right? So now my my change is in, right? So then argo, um Well, then, um, where is the deployment here? Yeah, so there's one pod running here. So now that I sync this Maybe but you forked it. There we go. Yeah. Well, I didn't merge, right? So I did I merged the pull request now. There's another pod coming. So I'm like, okay argo c says, hey, um That pull request coming Yeah, it's like, please please merge this if it won't be that easy, right? So this is a Like something that happens for weeks. Yeah There's a process that gets that thing merged that you have to figure out in your yeah in your environment. Yeah, since I'm since I'm I'm improving my own pull request You wouldn't do that in production. So now I have two pods, right? So now You know, I as a developer You have two new pods Yeah, fresh or I even as a junior developer. I changed the infrastructure here, right? Right. I had direct change into this infrastructure Um using a comment. So now me as an admin I can see who made that pull request Who um, who approved it me me it was done Why it was done. Yeah, the whole reasoning behind it any conversation backstory whatever you can go back and just look at the issue Yeah, or you know the pull request and see it Yeah, so um, so yeah, so this is kind of so This is this first episode of this of the stream. I kind of wanted just kind of level set of what we're doing um You know what what I want to do with this with the stream is kind of having like an office hours But first I kind of wanted a level set and make sure we all kind of just talk in the same language, right? So like what what get ops is it's nothing Um, nothing fancy. It's not a specific tool. It's just a set of practices, right? And then right in another episode will dive deep into specific topics Um, I think it's worth it to dive into specific top topics I think secret management is like the biggest one I always get asked about So I think my next episode will be that or the episode after that. Um I mean, there's kind of like two ways you go about you could talk about vault You could talk about steel secrets you could do. Yeah, I mean, you know, there's a lot of different ways you could do Yeah, so um, so yeah, so I hope um, you know, I hope to see all of you Um, not next week, but the week after maybe I'll increase the cadence if there's enough interest in it Um, you know increase the cadence and what we'll have. Um, I already have a few a few guests line up A few maybe special guests may be able to come on. Wow, we hope fancy. Um, yeah, so We'll get we'll get fancy with this channel as as as much as uh as much as possible So um, so yeah, so I don't have anything else No, this is a great show. I I mean, you know for the first time out I think we did a good job man. Thank you. Thank you for for coming up with the idea for the show and for Sharing your knowledge, right? Like and then thank thank you out there for joining us everyone. Um tomorrow we have on the channel Not much because it's friday That's right. It's friday Well, I mean, you know, but we have uh an open shift commas briefing with a good friend of mine from github Sasha Rosenbaum, so she'll be on the channel tomorrow and yeah Nice, uh, so it'll be cool to have her on but yeah, it's it's friday. We kind of take it as a down day It's actually a day I get worked on Same here. It's just I actually get do stuff instead of just meetings all day. Yeah You know like yesterday, for example, I did what was it five hours of live streaming and two hours of meetings, right? Like that's you got to have a day somewhere Yeah, you got to have a day somewhere where you can actually do stuff. Yeah So uh friday is kind of that day for us and plus, you know, it just works well with viewership and everything else, right? Like to be honest with you, not a lot of people tune in on fridays So yeah, yeah, so But tomorrow definitely I want you to tune in because that talk at noon tomorrow eastern time. We'll be Uh talking about how you create allyship within your organization That's really cool. And that's like a big big big part of doing get ops Yeah, that's like the the foundation of it. Do you got to have Community good communications, you know trust Uh assuming positive intent all those things are yeah. Well, I want to say yeah, I always say the um In in problem solving the issue is always layer eight in the osi model, which is people right layer So that's the problem. So yeah, so definitely tune in tomorrow. All right. Awesome. Thank you everyone for joining us And uh, if you have any questions any concerns, just let us know you can always find me on uh, twitter at chris short And subscribe to the calendar If you want to you know, check us out in the future. We appreciate it and have a good one out there. Yep. Thanks everyone