 Let's get into the big topic of open source, something that we actually have in front of us. This is so awesome. We are an open culture that is actually everything. So please don't process that developer or let's say... How's the Kubernetes ecosystem really doing that? Oh, I had to unmute myself there. Hey everybody, good afternoon. I'm just owning the West Coast time zone now, so it's just good afternoon. Welcome to episode 40 of Get Ops Guide for the Galaxy. You'll have to excuse me, I'm a little sick. I just got back from out of town and naturally I came back ill because that's just what happens. So it will try to mute up between coughs and throat clearing, but if I don't, sorry. So joining me today for today's tour of Get Ops is Pinky. Pinky is a development experience engineer over at WeWorks and Pinky, tell us about yourself. Hey, yeah. So I'm a developer experience engineer at WeWorks. Before that I was working at a large insurance company and I set up Get Ops there. I was working on a team, the delivery engineering team, and we actually got set up the whole process of getting to production using Get Ops. And so then I joined WeWorks in December of last year. So I've been there for a little bit now, not very long, but really love this role because I get to share with other people about Flux and Get Ops and it's exciting. So yeah. I was lucky enough to meet you at Cupid and you let me sit next to you with the booth because I was stressing out about my talk. So thank you. You're welcome. I'm sorry that our talks were scheduled like at the same time. At the same time. Yeah. So yeah, unfortunately I didn't get to see you speak. You didn't get to see me speak. Caught the recording later though it was great. Thanks. Yours was too. Thank you. So anyway, so I know we've had folks on from WeWorks in the past and there's an entire episode dedicated to that. But that was, it was a minute ago, right? Yeah, it was a while ago. I think it was Scott and at the time Cornelia I think when she was back a week ago. Yeah. It was a while ago. It was a while ago. So I know that you have some additional like new stuff to show us about. But I think like we kind of discussed, if you don't mind kind of recapping. Oh yeah, I'm still going to go over all of it. Yeah, no worries. Great. So then you're not sick and you know, don't sound miserable. So I'll let you do the majority of the talking. And I will occasionally interrupt you if there are, you know, questions from the audience or if I have questions because I'm going to, you know, get to just ask you all the questions and enjoy not knowing anything. That's awesome. Sounds good. Let's do it. Alright, so whatever you're ready. Okay. So I'm going to start just briefly talk like just going over the get ups principles just in case anyone's new to get ups maybe already using open shift and want to get started using get ups is my screen shared there. Okay. Cool. So basically the first get ups principle is that it's a system managed by a get ups must have its desired state expressed declaratively get a lot of benefits with that to such as you can actually see everything in code and it's reusable. And if everything goes down you just you know it's in code so it's great. And then the desired state is stored in a way that enforces immutability versioning and retains a complete version history. I do want to just like say that you don't have to meet all of these principles to be using get ups, but this is the end goal basically with get ups, but you can get started using get ups without meeting all of these right away. And then the third one is that software agents automatically pull the desired state declarations from the source. And the last one is that software agents continuously observe actual system state and attempt to apply the desired state so today I'm going to be talking about flux as that software agent. And so I'll get into like what flux is real quick. And then I'll show how to actually get it set up in open ship. Okay, so flux is a project that was created by we've worked but then donated to the CNCF back in 2019. And it was like back then it was obviously in sandbox. Most recently we went through a security audit last year in preparation for graduation and then in March we actually applied for graduation. That's where we're at. And what it is is a get centric package manager for your applications. And what you're looking at right now is actually the GitHub link for it. So this is a great place to get started using flux. And it's a set of continuous and progressive deliberations for Kubernetes. And it is I just want to note that it isn't really get isn't the only source of truth you can like you can use with flux but it's the most common one and that's what we're going to be talking about today. So it's really created around the Kubernetes API extension extension system so it's a very natural extension of the benefits of Kubernetes and it works really well with anything that you're already using in Kubernetes. And it's constructed with the GitOps toolkit which is a set of APIs and controllers that make up the runtime for flux v2. So I do want to hit on the controllers and if you're not familiar with Kubernetes controllers, they handle the life cycle of objects in Kubernetes. So what should be done when an object is created, updated, deleted, etc. And so ours are made up of the source controller, which it fetches artifacts and no fetches resources and stores them as artifacts. It goes to say your source is Git, it goes and it grabs the artifacts from there so your YAMLs or whatever. And then the customized controller applies those manifests and it runs manifest generation using customized in the background. So if you're already using customized YAMLs, customization YAMLs, then it will actually just take whatever's in there. But if you don't have one, it will actually create one in the background and in the background and use that. So it'll just apply whatever YAMLs it finds if you don't have one stated. The helm controller controls the deployment of helm charts and the notification controller does notification dispatch. It's not mentioned in here, but it's down here. So you can set it up to alert you in Slack, whatever the chat system you use. And then the image controllers basically work together to update a Git repository when new container images are available. And there is one more and hopefully we'll get to, I'll get to show a little demo of it today as well. But the Terraform controller is like our newest addition to this whole environment. But it is installed separately, so I will show that as well. So let's get started with how to actually install Flux onto OpenShift. And this was like my first experience working with OpenShift, but it's pretty nifty. I really like the tool and the UI and the way it's set up. So, okay, hang on, I just have to be there. One, oh my God, spend more time with OpenShift because I love OpenShift. But two. So I know that you use the UI and our UI actually is, I think our UI is really fantastic. And yes, I recognize that I have some level of bias here, but I think our UI is actually really fantastic. But have you actually worked with our CLI at all? The OCCI? Yeah. Not like a lot, just to like where I had to like log in and stuff. Right. And I did some stuff with like searching through some stuff. But no, I haven't done a lot of work with it. So for anybody who doesn't know, this is kind of important. The OCCI is basically just like our like opinionated hook-in into the Kubernetes API, right? Pretty much any Kubernetes API command will like, so any, any, however you want to say it, I'm CTL, CubeCuttle, you know, whatever your flavor of that is. I'm not getting into that religious war. One or the other both are fine. We all know how to type it. So any of those will work. So you don't actually have to memorize the OpenShift CLI. But I personally use it a lot. So there are some differences, right? Because OpenShift is opinionated. And one of the things that we have is the concept of projects, which is just a name space. Yeah. So one time, while very tired, I was trying to do actually kind of like set up a demo in kind. And I'm sitting here going, you know, CubeCuttle project and wondering why it's not working. It took me 15 minutes to remember. Oh, 15 minutes. Why is this not working? Why is this not working? Because I'm so used to the OC CLI. I'm so used to the OC CLI. That's funny. It's muscle memory to do it. Why is this not working? Why is this not working? That's pretty good. Yeah. So you don't need to know the OC. I think they're interchangeable like that. So yeah, the Cube API CLI commands, those are all work. They'll be fine. You don't have to remember if anything new. But don't do what I do and like forget which one you're supposed to be using and then use OC commands like spliced in there. And it's not just me. I've talked to other people who are like, oh, yeah, me too. You know, I literally have to occasionally wake up to the page or at 3 a.m. and be able to do it in my sleep. I do have it down to muscle memory. Right. So it's just, you know, so then when very tired, that, that's right. I would definitely mess up if I was that tired. Yeah. No, actually when I first started working with Kubernetes, I read it as Cube Ectel and I got made fun of a lot for that. So I had to like retrain my brain. My coworkers like we're like, what are you doing? So yeah, I can, I can relate hard to the, the pronunciation of Cube Patrol or whatever you want to call it. Okay. So Operator Hub is one of the ways to install Flux onto OpenShift. Obviously there's not obviously, there's also Bootstrap as well. And basically what that's doing is if you wanted to, you can still use Bootstrap to install. So if you're familiar with Flux, you want to do that because that's the way you would do it if you were using the CLI, the Flux CLI. Just keep in mind that there is something you have to do special to get it to work on OpenShift. So just read this and follow these steps and you can use Bootstrap. So what Bootstrap would do is it would actually set up a, you would have a Git repo and you would tell it to communicate with that repo or it would create one if it doesn't exist. And then it would put in there all the components. So Flux like I mentioned, it has all those controllers. It'll also has CRDs. There's a bunch of things that need to be installed for Flux to work. And if you Bootstrap, it'll actually put all those files into Git and then set up itself to listen to it. So it'll set up a sync source and a customization to that repo. And then it will come back to Kingdom. It's one of my teammates. So it'll set up like a reconciliation loop with that. So it's all in Git. So that's something to keep in mind that when you install it through Operator Hub, it doesn't work that way. So it doesn't actually connect to Git. It installs all of them itself. It does like a Flux install. But one cool thing about it is that it has this automatic update approval. So if there's a new version of Flux that's put into Operator Hub, it'll keep it up to date, which is cool. If you're using Bootstrap, you have to run the Bootstrap command again to get it to update to the latest version. So different flavors. One thing to keep in mind here is to, it is the default, but just make sure you don't change it. The installed namespace will be set to Flux system. Don't change that. Or if it is by some, like for some reason, something else, make sure it's Flux system. That's just, that's the namespace that Flux uses. Oh, I scrolled way too far. Okay. So we're going to hit install. And this will take just a second. It won't take very long. And once this is installed, we will have the Flux system namespace stood up and all of the operators stood up on it. And the CRDs, like everything I mentioned to get it up and running. Just a second. It doesn't take very long. Sorry. You're fine. I'm very familiar with this part of the. Watch. Now it's going to take a while. No, it's done. So, okay. So that's done. And then if we go to our terminal and we do a. Okay. Always worse when people are watching you type. No, yeah. Just, just, just that ever being able to type correctly when somebody's watching you do it. I can type like a hundred words per minute with amazing. I'm by myself. Right. So all of the controllers are stood up now. One thing to note that I just thought was interesting. The differences between bootstrap and this as well is that the image controllers actually get installed when you install through the operator hub. If you're installing, if you're bootstrapping. When you're, if you're bootstrapping, then you are actually going to have to add an extra command into the bootstrap command to actually get the image controllers as well. So. Oh, okay. Sorry. So going back to this. Okay. So I'm going to, I've already created this repo. And I'm going to set up. A source and customization to this so that it kind of mimics that whole setup that I was talking about earlier where you set up a repo to listen to itself. I've already cloned it. And I've already pulled it in VS code. Here. And so. I'm just going to create a file in here. And I'm going to set up a source and customization to this so that it kind of mimics that whole setup that I was talking about earlier in here. I'm just going to call it GO2K sync dot amul. And I'm going to add. Oh, I love it when VS code tries to be helpful when I love my errors. All my, my. Just ignore all my extension errors and everything. Yeah. Every time. I actually turned off the going extensions in VS code. Because I, so I'm very like. Well, I'm older than you, right? So I save everything, right? Roughly every 15 seconds, right? So the thing about that is, is I'll sit there and I'll start working on my goaling file. And the first thing I do is I like comment through, okay, this is going to be the logic of my file. And then I'll save the comments, right? And then I'll add in all of the imports. And I'll save that. And then because VS code is trying to be helpful, it gets rid of any unused imports. Yeah. That's, that's, that's. Yep. So. I had to turn that off. Because there wasn't a way. Or maybe it's buried in there somewhere. And I just got frustrated because it was taking too much of my mental space. But there was no way to just turn that function off. In the, in the extension. So I turned off the entire extension. And then I gave up so much on using VS code for goaling that I just went back into. I love VS code. That's interesting. I've, I've not, here we go. This is going to date me. The last time I actually liked using any kind of text editor for code was text Wrangler, which does not exist anymore. I don't even know it. I would love to, like anybody. How old am I? Let's find out. Right. Let's play a game. Yeah. Text Wrangler was great. Nothing has compared it. But it's a very good game. It's a good game. And then it also puts out BB edits, which might actually just be the name of the company too. That's the same, but I don't like BB edit. They didn't, it was text Wrangler was free and open source. And it was better. And I'm sure somebody has some version of it around somewhere. And if you know about that, tell me. I like, I like VS code. Like integration with get and. And I'm about to show something in a little bit that I really like about it too. But I'm going to jump ahead. Like I'm not, I think I've worked on OS X. Jeez. It's not that bad. I can railed. I didn't read the whole thing. And that's, but yeah, that's why I sometimes use VS code. I often just, just use, just use VI. I mean, it's fair. But yeah, I can do that route and crotchety. So back to this. Hey, the way that this works is when, when you have the source controller pulls from your get repo or helm repository, whatever the source is, right? And this is the way to set it up. So you're saying, like here I'm saying it's a kind of get repository. I'm pointing it to a get repo. And the interval is how often it goes and reconciles with the source. So how often it goes and grabs those artifacts, whatever's changed. And then this is the URL that I'm pointing to. So in this case, I'm pointing back to that repo I showed that I created a second ago or I showed a second ago. And then the customization is telling the customization controller to listen to that source that we just created right above. So this source right here. And it's telling it specifically to only listen to things that are within this OCP cluster path. So, and then it also runs on an interval of 10 minutes. So every 10 minutes it will go and apply the changes. So this is actually taking the manifest that the source controller pulled and then actually applying them. And so I already did a get push on this. So if we go in here. And we do flux. Get source. So this is just the dash is just saying, oh, I did not. Oh, I did push today. Oh, I didn't apply it. This is what happens when I get distracted. Okay. Sorry. So I'm actually going to apply it for the first time just to set it up so that it will. Then go listen to the repo. So now it should be listening to the repo. And if I go in here and I do flux, get source, get dash A. And the dash A is just pulling in any from any namespace. And apparently I have everything still pushed. Did I put the wrong repo? I did. Dang. Life demos are the best. I put the wrong absolute best. That's on me. Okay. Okay. Okay. Get committed dash A. Fix my boo boo. It's what it is. It happens. Happens to all of us. I actually, I was talking to one of my colleagues and we submitted a, you know, a CFP to one of the conventions. And we were talking about if it gets accepted, what would our talk look like? And I was like, yeah, okay. So, you know, we would want to do a demo at this part. Yeah. We're going to do a demo. We're going to do a demo. You should never trust conference wifi. We'll take a recording. Perfect. And then we'll have that downloaded. We'll just play the recording of the demo and talk through it while the recording. I've done that. Yeah. Cause live demos, man. Yeah, I actually, yeah, I've done that. And it works out well. Yeah. Yeah. It's great. Okay. So now. When. Nope. Nope. I don't want to reconcile again. Um, Let me make sure I actually pushed the right one now. You'll have to remind me where we are. Cause I've lost the plot. Sorry. Okay. Wait. So, um, I'm jet lagged. My flight got in at one in the morning. I got home after two in the morning. It's, I'm sick. I came home. I woke, then I woke up sick. I'm just like, what are we doing? I don't remember. I accidentally. Pointed it to a different repo. I was playing with earlier and. Had all the stuff already set up. So everything's already in there now. Oh, well. While you think about how you want to address that, we do have a question from the audience. So in addition to configurable frequency of the pool, can it be configured to also receive web hooks? Yeah. Yeah. So, um, with the notification controller, I haven't actually played with this before in my use of flux. Um, but with the notification controller, you can do that. Is this like in the flux docs that I could go quickly, like pull those and, and, and. Yeah. Yeah. Um, find that. Uh, my keyboard was off. Yeah. I'm going to start over so my brain doesn't get super confused. Oh, I hear you. Like I said, I'm going to use now. Sorry. I'm like lost in my own demo. Sorry. I'm hardly an intelligent human today. So I just absolutely no space to, uh, Oh, somebody was faster than I was. How rude. Is it one of my teammates? Yeah. That's all. Yeah. That's Stacey or community manager. She's great. I figured someone on my end would get it. I was like, yeah, maybe we'll see. Okay. So I'm going to restart over. Okay. Yeah. That was on, that's on me. I just, uh, got lost in my own self. Okay. So. I'm going to install flex on operator. Um, and, um, So the real thing here, like the takeaway is this, we know that your demo will work because you already tested it and like went through it one time before this. And I accidentally just deployed everything that I didn't mean to deploy. Yeah. Yeah. Because we, because we know it works. And I'm not. Yeah. Okay. So now I'm back to where I was and I'm going to, um, Apply that YAML again. So. So BS code. I like that I'm getting called out for, uh, asking you a complicated question while you're trying to figure out something like. You're fine. That's how we do. You're fine. I'll try my best. If I can't, I'll tell you. Um, Well, it seems like we have support. In the audience. I don't know. Like I've been like support support, but like supportive. Uh, Friends and call respected colleagues who can help bridge the, uh, the mental gaps as. You know, we work through. Where, where documentation lives, et cetera. Yeah. Okay. Now we're back. So the one thing is there and we're good. Okay. So. All right. Um, okay. So like I said, the, um, now it's just listening to that one repo that it should be listening to. That open shift demo repo. And now, um, I'm actually going to show how to set up, um, we've get ops and we've get ops is our, so if I could scroll back up, it's our, um, get ops dashboard web UI created by we works. Um, it is open source. And you install it through a home chart. So you would already have flux set up and then you, you install this. Um, And it will set up a UI on top of flux. Um, whether you bootstrap or, um, install through the operator hub and whatever. So we're skipping all that stuff. And the first thing we're going to do, set up a password. Um, and so if you do want to follow these steps and you want to get, like try this yourself, um, go to, you can go to, we've like, look up, we'd get ops core and you'll, it'll take you to these instructions too. So. All right. I'm going to go into my terminal. Okay. All right. I'm going to go into my terminal. And first we're going to create a password. And because I am just a, I'm just going to get test. So, cause all of y'all are going to see it anyway. And it's also deployed locally for now. So on my computer. So it doesn't really matter. Um, pest. And then we run this, um, Docker command that uses an image to actually, um, generate the password using guling. Do. Okay. And then I'm going to grab. The. Hold on. Yeah. Okay. So I'm going to copy this. I'm going to put it in a temporary file for now. Um, in here and then I'm going to delete it. So. If I don't delete it and, um, hit errors, please remind me to delete it because yeah, sometimes I don't remember these things. So I'm going to put it in here. Okay. And save that. And then, um, now I'm going to use that to, um, when I generate the home release. Uh, so in flux, when you're setting up a home chart, you first, like you do it the regular, remember how I said a source? I don't know if I really mentioned it much, but a source can actually, um, listen to a home chart. So that's what we're going to do in this case. We're actually going to set up. A, um, I'm going to make this bigger. That's too big. I don't know. That was pretty good from my end. Okay. Cool. So I'm going to run a command here. Um, looks create source yet. So right here. So this is actually using the flux CLI. And we're going to create a source called a helm source. And it's going to point to that helm dot. Get it out. Okay. And so we're doing this export the stash dash export. And what that does is it just, um, exports it without creating the actual source. So if I didn't have that export, it would have created that source already, um, in, in our, um, name space. But since I didn't, it's going to, um, just put it out here. And then we're going to create a helm. A helm release. And we're going to, we're going to, um, we're going to create a helm. A helm release to, um, tell it to actually deploy this specific, um, chart that we want to. So we add that. Yep. So this is telling it to create a helm release that's specific to this, um, we've get off start. Oh, and I. And to have me, we've get off. I'm a bit odd. Did I spell it wrong? Maybe don't ask me. I have dyslexia. I ran this earlier in it. I don't know what I did. Let's see. Hmm. No such, oh, because I didn't save it. Maybe. Oh, I did. And save this one. No. Christian says, hi. Um, you know what, first thing you can flash and. OCP cluster flux system. For the sake of this, though, I'm just gonna add it, because time. I'm sitting here squinting at it. Yeah, sorry. No, it's okay, so the fun thing, I say fun. The fun thing about having dyslexia is that it's actually, I guess the best way to describe it is the letters kind of swim on the screen to a degree. So I typically assume I'm reading things correctly, right? And I think a lot of our brains do this, right? We kind of absorb the whole, oh yeah, it could be a space at the end of a line somewhere, that would do it. Probably. Trailing space for a sitting space, but I'm impatient right now, I don't feel like it. Yeah, so I'm sitting here as I'm trying to like try to see what might be wrong, right? I have to squint, because for me at least, it helps the letters remain more still for my brain. Sometimes when I'm reading a book, I'll actually close one eye, because that also helps. I don't know why dyslexia is a very weird thing to have. And yeah, that's just, so yeah, so when anybody sees me like squinting at the screen really hard, yes, I am blind, but my glasses do actually fix it, the prescription's current, it's that I also am fighting my brain's desire to not read, with my desire to read. Yeah, I couldn't without my glasses, no, yeah, I take off my glasses, and this is just, I can't even see you. Oh, you're like, you're like, some faint color is in an outline. So, let me find the text. Let me keep control, bit pods, session books. Yeah, okay, so it stood up now. And if I go here, if I go here, I mean, first, let me forward it, and if I go now to this link, and then refresh, and give it a second, yeah, I was like, it shouldn't, I think it was just still confused from, okay, so I'm gonna, it's admin is the username, and then test is what I gave earlier, so we're in, there's one extra time, it's empty, and it shouldn't be, so there is a fix going in, currently, that will fix that, but in the time being, I do have a really quick workaround for that, but it will work soon, and you won't have to do this. And if you had boots, like if you bootstrapped to do this, you wouldn't have to even care. So this is only for the Operator Hub installation. There are some interesting things about operators. I might have to do an entire episode about operators, honestly, because I think that most people don't understand why it's so different to do something with an operator compared to like a Helm Charter or some other way. So I've thought about doing an episode just on like, what exactly is an operator? How does that tie into GitOps? Where is the end of your ability to use GitOps with operators, because there's actually kind of, I wanna say an end, there's just behavioral differences that are really important. But I work with operators every single day, all of the things that Red Hat puts down is typically operator-based, so. Fair enough, yeah. Yeah, Flux was the first time I really like started, like done anything with, yeah, controllers and stuff. So it is different for sure. It's the way I kind of add that little snippet of like, if you're not familiar with controllers, this is what it is. Yeah, I agree. Operators have a life of their own. Dave has clearly attended my Helm and Back Again talk where I literally say that and that you have to actually, so operators have to have their own software development life cycle and they're used to help you manage your software development life cycle, so. But yes. So as you can see, now it is in here. So like I said, you wouldn't have to do that little namespace thing, but it's just to add that label, which will be added, there's a fix going in already. So it should work, but just for this demo, I had to do it. And then now we can go in here and see, so okay, what these are? The applications are the actual suppliers. So in this case, customization and the Helm release that we created for Weave GitOps. And the sources are, I don't know why it's being written. So the like the Git repository that it was pointing to earlier with the Flux system and then the Helm chart and Helm repository that I created as well. One cool thing is that you can go in here and you can actually run a sync. So that would actually reconcile with the source in this case and like force it to reconcile. So if you don't wanna wait, let's say your system is set to like 10 minutes and you put a change in and you want it to run right away, you can just push it. Suspend is really cool because if there's, let's say I'm just working on a feature and I don't want it to go in right away, I can actually suspend either the sources or the suppliers to tell them to just wait. So if you tell the sources not to pull, it just won't pull the manifest in. And if you tell the suppliers like the customization, I don't know what that is. If you tell the customization, what did I do? I don't know what I did. If you tell the customization to suspend then it just won't apply the changes while it's suspended. The changes will still be pulled in but they just won't be like actually deployed. And then you can, unsuspend it, what's the word? Resume, sorry, resume, you can resume it. A cool thing too is if you have a deployment, you can come in here and see a graph and it actually shows everything that the supplier has applied in here. So that's a lot. But yeah, but like every CRD, in this case, every role binding, all that stuff in here. So I'm gonna show a really quick like what an app would look like if we deployed it in here, not in here, but like what it would look like in here if I deployed an app using Flux. And so let's go back to, yes, go fast, okay. And I'm going to add. Well, while you do that, I'll use this opportunity to ask Christian to do more than say hi and wave and, you know, hi Christian, how are you? How's it going, trader? I just have to give him a little, a proper level of grief every time he shows up on the stream in the comments, you know. Oh, I get it, I get it. I say this like Christian, I haven't been friends for more than a decade and we don't talk like, oh, yeah, absolutely do, but that's not the point. I have to give him appropriate levels of grief. So for the sake of time, I mean, I could do this through the Flux CLI and actually create a source and everything, but I'm just gonna create a YAML. So what this is doing is it's pointing to a Git repo that's owned by Stefan and it's the pod info. I mean, probably you've already seen it. A lot of people use this as an example for a sample pod and everything. So I'm pointing to that for the source and then I'm telling the, like I'm creating a new customization that's going to just listen to the customized path and it's gonna run every five minutes. So let me add that. This is a dumb question. I think I know the answer to it, but I'm gonna ask it anyway. So for the inner roles on running, right? Is there a recommended best practice for time? Hmm. It probably is. It probably is if you ask other people. I don't really know if there is like a recommended one. I think it's like whatever your system can handle, obviously don't wanna like hit the API a bunch of times. I mean, I'd say, I mean, in my experience, I usually did like five minutes I think and 10 I think, five and 10. So five for the source and 10 for the customizations just because we got kind of yelled at at my last company. They were like, you're just making too many requests. And they were like, can we please change the interval? So we did. But I think it's just like whatever you want. Whatever it's gonna be. I'm sure there's some like, yeah, like King that said 30 seconds for the Git repo. Yeah, yeah, that's right. We had 30 for that one. That's right. And then five for the customizations. That's what it is. I'm sure there's a lot of infrastructure dependencies that could alter whether or not like certain times make sense, but and also like product dependencies, right? Like how fast product really needs those changes to exist. Okay. So I'm just gonna get the customizations. Yep. So it's in there and if I go back, yeah. So if I go back, it's in here now too. So if I click on this, since this one actually is more interesting and has a replica set and everything. And if I go to the graph, I can actually see what's in here. And I wish I had opened this earlier because I was playing with this earlier and it was cool to see before they were ready. They had like little yellow warning signs by them. And so I was able to see it in real time. But if it wasn't ready yet, there would just be a little yellow right there. But in this case, they're all stood up. So we can see everything that's made up in this deployment. So cool, we can go break something on purpose. Yeah. I could like delete a pod and watch it re-stand up. I really appreciate Kingden in the comments adding all the new cool visual color. Also for Beth, welcome to the stream, Dave. Nice to have you as a first time viewer. I promise I'm normally more like an awake and adult human than I am today. See, it's all, it's yellow. There it is. Okay, and now it's green again. Well, it's starting to turn green again. Yeah. Yeah, there it is. Okay, so that's what I wanted to show with Weave GitOps. Give it a try. Let us know if there's any issues that you wanted to or anything like that or any requests. Still definitely a work in progress as well. Now, I would like to mention something too. So I mentioned how you can in here go in and sync and suspend and stuff like that, which is really cool. But there's another interface to do this. And this is what I mentioned earlier with VS Code. But if you go to the VS Code marketplace, we actually have an extension called the GitOps tools extension. And you can come in here and install it through here, which I've already done. And now I can, whoa, since it's so big, it's like not there. So if you come in here and look at this, so this is our little Weaverx logo. If you come and do this, and the second while it's thinking. This instance of VS Code is happier. So I'm just gonna show this real fast. So we don't wait, so for it. So you can see everything that's set up in the cluster. You can see the sources and the workloads. So the sources, you can do the same thing. I can reconcile in here. I can suspend, I can delete, do whatever I want in here. And then same thing with the workloads. So for this customization, I can suspend or reconcile in here, which is really cool if you're using VS Code. I'm pretty excited about this. This is actually something that Kingdon's been working on. So it's still a work in progress. There's still a lot of changes being made to it in updates. So if you do use it, please let us know what you think about it and any feedback that you have about it. And we'd be happy to take that into consideration when we're making changes. So actually, I'm gonna pause you a second here. So this is all open source, right? Yeah. So let's just say that one of our lovely viewership would like to start contributing or joining in, how do they get involved? Yeah. Let's do that for a second. Yeah, for sure. If you go to fluxid.io, which is like our docs and everything, there is a contributing section in here. And this would be like a really good place to start. And if you click on this, it shows like how to get started contributing to Flux. And we really do welcome any new contributors, any level of experience really. There's always something someone can do to help too. So very happy to have that as well. And like I said, this is the GitHub. So if you wanna go in and look at it, it's in here. And so now I'm gonna pivot a little bit since we do have time. I was hoping we get to this because I'm pretty excited about this. I'm going to show the Terraform controller. So the Terraform controller is not under the whole Flux umbrella right now. It's a, it's, so it's actually under the Weaverworks umbrella and, but you can add it as an addition. And it's actually on the operator hub as well. So I'll show that. But this is the GitHub for it. So if you wanna go look at it or if you wanna contribute to this as well, it's definitely something we'd welcome because it's still, it's something that's pretty new and we're still working on and adding a bunch of features to continuously. So currently what it does is it, you can use it to actually manage your Terraform resources, not just in Kubernetes, which is really exciting. Anything that you're Terraforming, you can have Flux do the deployments for. It's good because you wanna have configuration drift. You wanna have things like that. And also there are a few features already implemented such as you can set it up to do auto-approve or manual approvals. So if you wanna, you know, verify your plans before applying, you can do that or you can just set it up to do the applying if you don't wanna look at the plans beforehand. And then you can output secrets. You can output the Terraform outputs into secrets in Kubernetes. And it also, the most recent one is that it integrates with Terraform Cloud and Terraform Enterprise as well. So if you are using those, there is a really good demo that Robert Strand did on it and it was at GetOps Days. So we just recently did GetOps Days like a couple of weeks ago. And if you do wanna go check that out, you can still register for GetOps Days and see the whole thing, but or you can go watch this link. There's a playlist too under the Weaveworks YouTube that has like all the talks from this. But yeah, Robert does a really good demo, like a basic demo in here talking about how you can actually integrate it with Terraform Cloud, which is cool. And so I'm just gonna show how you would install it on OpenShift. So going in here, operator hub, Stacey, do you mind dropping the link to that YouTube video for me if you can? I was literally just going to ask if we could hit the link. Yeah, you actually would. This is the best right now, like on point with all of that. She's awesome. So in here, this is the Weave GetOps Terraform Controller. You can install it in here. Same thing, just make sure it's in the flux system. I mean, it's going to be, but yeah, install that. And that'll take a second. And then I'm just gonna do like a super, super simple Terraform deployment just to show how it works. And yeah, this is a very exciting new addition for me because back at my previous company, we did a lot of Terraform, so. All right, now that's there. So if we do, let me clear this because it's gross. Get pods dash n flux system. Yeah, so we now have the Terraform Controller in here. And what we're gonna do is set up a, no, I'm saying. We're going to set it up to apply what's in this repo. So I have this repo, Hello World Terraform. It's super, super simple. There's a main.tf in here, and it's literally just gonna output Hello World. Very, very simple. And I'm going to set up a source to listen to that first. Okay, so already, wait. Oh, this is my other repo, I miss me, sorry. Okay, so this Hello World YAML, there's this Git repository that's pointing to that repo I just showed that Hello World Terraform repo with that main.tf. And then there's this Terraform kind. So this is the key. So just like how we did for home release, we just say home release, or for the Customize Controller, we say Customize, it's the same thing. So this is telling it to listen to that repository and look for any Terraform. So that's what that's doing. And I'm going to add it, it's in one thing. Sorry. No, go ahead. I just wanted to point out one thing. So this approved plan is empty, it's an empty string. That's like a way to tell it that you want it to do manual approvals. If I had set it to auto, then it will just do auto approvals. But in this case, I just wanted to show real fast what it would look like if I didn't set that. So, did you have something though? Oh, I was gonna say, it took me a moment to remember why you were doing the Git add. Just one of those little brain things. Oh, okay. Because you're doing all the stuff locally, right? And then you do the Git add, you push. And then the sync you set up earlier pulls this all in into the open chip cluster. And I was just gonna say this is, talk about losing the plot today, like that one. I had someone like, why is she? Oh, right, duh. Of course. It is just one of those days. Yeah. It's one of those days. So it's in here now, the sources set up. If I do kube control, get terraform dash look system. It's in here and like it says, it's a set approved plan to approve this plan. So that's one option. One option is I can go in here to the code and just set this approved plan to whatever it just told me in here. I can just copy this. Another thing is that terraform, the terraform controller actually has its own CLI. It's TFC TL CLI. And actually there is, let me just show real fast. I think it's in here. Let me open the docs from in here. Yeah. So there's a guide in here that getting started with the terraform controller guide. It's in here where if you go to TFC TL, you can find like where to install it from and all that. And so if I run that and I just do a get, it'll show the same thing with the kube control get terraform just showed. And then I can also say plan show hello world. Did do a little extra thing here real fast. So by default, it's actually going to look for your terraform installation in user bin, but mine's in user local bin terraform. So I just have to add the little dash dash terraform to show it where to look for it or it'll throw a little fun error. So it's, so now we can see like, you know, changes to outputs, what it's actually going to be. We're looking at the plan. And then we can say, TFC TL and approve hello world. Yep. So now the plan has been approved. And if I do get CPL get, it's, well, it's initializing because it's running a few views terraform, you know, it takes a little, it takes a second or two. But yeah, for such an easy one, at least it's quick. And so it's applied. So that's something we're very excited about. If you do use the terraform controller, like I said, please let us know if like, you know, any feedback you have and we'd love to hear it. And if you want to contribute to it, please do. It's something we're very excited about. So yeah, that's everything I have to show. So are there any questions? Yeah, there just one came in. So is the purpose of the terraform controller just that you can have your terraform deployment centralized in Kubernetes? Yeah, so it's, I guess I didn't really mention why it's exciting. It's so that you can still use GitOps while managing your terraform deployments. It's still pulled through this. It's still pulled through the controller, the flux controller, and continuously reconciled on a loop. So you get away from configuration drift, all of that. So it's just GitOps. It's so that you can use the GitOps process with terraform. And I'm gonna ask you a hard question because I think- Go ahead. Oh, no. Do the docs have a nice architecture diagram on that? I don't think so yet. Me. I don't think so yet. I might be wrong. I might be wrong. And then later they're gonna be like, yes, it did. Not that I've seen, I think. Yeah, Christian puts it really well. It's exciting because terraform by itself isn't GitOps. Right, exactly. Yeah. The company used to work for, we were using TFE, the VCS integration, and that's cool because it does the deployments, but it's not running on a schedule, right? So it's not continuously reconciling your changes, which- Yeah, it's that reconciliation part. When you showed that, what it was, the pillars of GitOps, right? That reconciliation part. Exactly. Because when that reconciliation is automated, you are a lot less likely to have, basically the human error element of maintenance, which is, oh, I forgot to manually reconcile this thing, and for those of us who are old, and remember the times before GitOps, was everywhere, and I fortunately, at least there was always some source control. Stephanie, our producer is yelling at me about calling myself old because I'm apparently old. It's so ridiculous. She's like, please stop. For those of us who are a little older, then Git, we'll be able to tell you that we used to, we used to fix, I don't want to look old, I love you, you're my favorite person right now. We used to do things like, I mean, look, I've deployed code to production using FTP, all right, and we used to basically do that. We kept everything on centralized servers, and when it was time to update it, you did everything locally, and then you literally just pushed it to like an FTP, right, like over FTP to the final destination to production, right? Yeah. And we got burned. We got burned really, really, really hard, a lot from human error. And so things, you know, source control really helps with that. Git really went above and beyond. So before Git, like I used Subversion, those are not the only two forms of source control. There are still other forms of source control out there, like closed source, source control tools that are used. And so we really started creating sources of truth, right? And then we figured out like, how do we, I basically said this at my Q-Con talk, right? We basically figured out ways of orchestrating our bash scripts. And, you know, we used to write bash scripts to do all these things, and now we're orchestrating all of that. So these reconciliation loops that, you know, you do something local and you test it, you make sure it works, you push it, and then everything else takes care of making sure that it propagates out appropriately. There's no human error, there's no typo in the FTP command, you know? All that stuff just gets handled. So, you know, the fact that we have something like Terraform, which is so widely used, but isn't in and of itself fully, you know, GitOps for lack of a better way of describing it is having something that does that, removes that room for human error. And that room for human error is my least favorite thing that any tool can have because I'm dyslexic. Do you know how much human error I introduce? Oh, yeah. No, yeah, for sure. I mean, I'm not, and I still have a lot of human error. Yeah. I'm on the tornado, man. So anything that mitigates that for me is my favorite thing. Also, if like the system goes down. Yeah. I mean, it's like back in the day, it took so long to get it back up, and now it's like minutes, which is insane. You said back in the day it took so long to get back up, like we actually could. Back in my day. Sometimes we could break it. I have, I mean, I mentioned a lot of these things. I have all of the weird horror stories from the trenches. I worked at small startups doing weird things. I should have talked to you for my KubeCon talk, the GitOps con talk that I did. Next time. A bit more horror stories. Everybody's chat, the system is down. No, we're not going to chat that. I'm an SRE and I am on call today. Yeah, we just didn't come back exactly, Christian. No, I'm on call today. We're not chanting the system is down because I'm sick and we don't hate me that much. We want a quiet day on the pager because I don't feel well. That's the goal here. It's always exciting when I'm on call and doing this stream because I literally could have had to abandon you halfway through. That's true. If the system went down. If the system went down. Absolutely, if the system went down. I'll just be watching you trouble, like try to fix it. Yeah, yeah. That's what the stream would have become. You know what we actually do, and I should stream this sometime. We've actually ansibilized chaos engineering to make special instances of our systems go down to train other SREs and to... So of course this is all kept in Git, right? And to practice incident response. And I should just run one of those games live on this stream one of these days. Like here, I broke everything with ansibil and now we're gonna go fix it together. I should do that. I don't know. It'll be a fun one. Yeah, yeah. Well, I guess we are a little over top of the hour folks. So that does mean that it's time for us to say goodbye to Pinky. Thank you so much Pinky for joining us. Thank you. Christian and for joining, saying hi. Thank you to Dave for being a first time viewer. That's very exciting. Don't forget to like, subscribe. You can follow me on Twitter. Sometimes I post things. You can follow Pinky on LinkedIn, maybe? I don't know. Yeah, I do have a Twitter. It's P-I-N-K-Y-Y-R-A-V-I. I'm just not like very active on it. So... Yeah, so basically following us on Twitter is probably... You can add me on LinkedIn. Yeah, for sure. We both exist and occasionally post things. Sometimes we're the worst at social media. To be fair, I'm older than social media. So there you go. And I'm just out of this, so I have no excuse. We'll see you back here in two weeks. And thank you to Kingdon and Stacey from WeWorks for being supportive in the comments with the documentation and links as we needed it. Really appreciate that. And remember, if you haven't heard me say it before, choose your technical debt wisely, folks. Peace.