@@AntonPutra first the whole concept of BigData and AWS, then some different kinds of EMR deployments (the last type is as EMR containers).. maybe after that some glue , and a maybe a simple ETL.
I have always been impressed by your videos, and this is no exception. I learned a few things myself and it will be easier to go over some concepts with my junior colleagues after they watch this.
Thank you for these production grade videos. You are simply the best. One request, could you make a bootcamp on how to set up a production grade end-to-end infrastructure with GitOps enabled? Including common issues encountered and how to resolve them
Thanks, I'll see what I can do. Usually, you would have one tool for VMs, another for Kubernetes, and then you might have some Flink jobs or Storm topologies. So, it's almost never a one-size-fits-all solution in terns of GitOps tools and you would need to create some custom wrapers/scripts.
I have been thinking about Jenkins for a long time. Everyone thinks it will eventually die and be replaced, but once again, everyone keeps using it. :)
hi @AntonPutra, I saw in your videos that you usually prefer to install all the infrastructure components using Terraform helm_release. What infra tools installed on EKS do you recommend to install using Terraform and what tools do you recommend to install via ArgoCD?
21:46 What do you mean by plain yaml manifest objects that are not supported for argo? I have used argocd with declarative plain yamls & works just fine. Is it something new with the latest version of Argo?
I mean argocd image updater does not support plain yaml, you can still apply it using ArgoCD but won't be able to setup continuous delivery. FluxCD supports plain yaml with CD. For image updater to work you have 3 options. 1. helm, 2. kustomize 3. helm+kustomize
Thank you very much for the video, I currently have a ruby on rails project that from a single repository we need to deploy multiples sites, I was guided by the series of previous videos of the creation of the cluster in eks and in the end everything worked fine, each client has its ingress, secrets and others, the problem I have now is if it is best to use ArgoCD to make the CI/CD without problem and how would I have to create the ingress, secrets and other things for each of the sites to be deployed and if I need to add more sites how could I automate that? thank you very much for the help and excellent videos
I'm not sure if I understood the question, but why not package your 'site' (assuming Ruby on Rails + Ingress + secrets) as a Helm chart and deploy it for each client?
Thank you for the lesson! I'm a little confused by this approach. Why do we need this gitops script to freeze/resume/update all microservices...? Was it just a requirement that was for a particular project, or is it a classic approach? On the project where I'm currently working, all microservices are released independently of each other on prod when a git tag is created. In this case, we only update the folder of the required environment and release a specific microservice on a specific environment. Can you please explain the meaning of approach that you showed in the video in more detail? And also a couple of questions regarding the video: 1. Why did you create app of apps in another repo (not k8s) and apply it manually? Is it a bad idea to have it also in k8s folder in the root of the repo and allow argocd to apply it? Thank you in advance!
An independent release cycle for each microservice is an ideal use case, but it can be difficult to achieve if you have many dependencies. You need a staging environment, or as I showed, the ability to freeze the development environment to test all components/microservices together. Frequently, in addition to applications running on Kubernetes, you may have Flink/Spark jobs or Storm topologies (data processing pipelines) that need to be tested alongside other applications. The App of Apps file can be in the Kubernetes repository as well; you just need to apply it as part of your cluster bootstrap.
@@AntonPutra I got it, thanks. So, if we don't want to freeze the whole environment and wanna release independently, what would be the best practice? Right now, we have a harbor repository with different prefixes (dev/stage/prod where we store images for our applications, e.g. dev/web:1.1.1 stage/web:1.1.1 prod/web:1.1. 1 and so on) and when we want to release a new prod version, we just tag the latest stage image with the prod prefix (stage/web:2.2.2 -> prod/web:2.2.2) and push it to the oci repository so that the image updater can do its job. What do you think about this approach? I'm new to this project and looking for ways to improve things, that's why I'm asking :)
@@ZergStylexDD It's a valid approach unless you tag your images manually or use an analog of Jenkins to tag them. I would still prefer to use the Pull Request mechanism. For example, you can create an intent with the requested version to be deployed in production, and when it's merged, you have automation that tags your image with a prod prefix. Additionally, I would also prefer a mechanism where you revert the Pull Request to the previously deployed version in production in case something happens, so that the deployed version can be automatically reverted.
Hi, this is an exceptionally good video, I love it. I'm just a bit confused because looking at the previous tutorials I used Kustomize to display my different environments but here Helm Chart is used. Which is more advisable to use if I have a lot of environments to deploy? Maybe with Kustomize I would have to “repeat” many yamls in different environments, so it might be reasonable to use Helm.
Hello, thanks for the work you put to do these videos. What happens if the writeback branch is protected? How safe is to allow image updater service user to write back to the main branch with force-push permissions? We have a setup where we want to use image updater for DEV to enable automatic deployment, with writeback to main, and then QA/Prod would be PR workflow using manual image tag update.
it is not safe, but on the other hand image updater won't work with app o apps pattern with other upda strategy. to be honest take a look at flux v2, it does everything, you don't need to grant it write permissions it will use secret to maintain state
Hi Anton, Thank you for your valuable videos. I have a question regarding accessing ArgoCD from the internet. I’ve set up an EKS cluster, deployed ArgoCD, configured AWS Certificate Manager, and created the AWS Application Load Balancer Controller. However, I haven’t found clear instructions on how to expose ArgoCD to the internet without using port forwarding. Could you provide some guidance or resources on this?
Great tutorial as always.. I'm new to gitops... I don't understand the python section.. why do we need those scripts? Freeze or unfreeze environment? can anyone explain ? tx
Hey I have been following you from 2 years and really impressed by your knowledge . I look forward for your videos. Can you make a brief video about future of DevOps? do you believe that AI will transform the basic stuff? if yes what domain we should consider?
anton I have a problem with argocd, it says: Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = ssh: handshake failed: knownhosts: key is unknown For it to work I had to use the parameter "insecure = true" but I understand that it is not a good practice, any recommendations that can help me?
Thank you for these great videos, Can I use an ApplicationSet instead of an Application in this setup? Specifically, will ArgoCD Image Updater work with an ApplicationSet without any conflicts when updating the image?
@AntonPutra is there any ways to implement the ArgoCD on the prod servers, an we have our. env in one of our EC2 instances and due to security concerns it is not possible to store in the Git, and we want ArgoCd to pull this env during deployments, apart fron using AWS secret Manager, can we apply this .env changes locally Without storing on gif.Please reply
sure, actually it is a default mode which as far as i remember only uses internal kubernetes secret to store all the versions. there is only limitation that you cannot use app of apps pattern at this stage, maybe it's an issue for you
I tried this and got error in argo cd with connection with git, then I chnaged the repo URL to SSH one, then it worked nicely, But I don't know why it happned. Thanks for this awesome content
I used Heroku many years ago. It's easy to deploy and upgrade your apps. I think it's a great starting point. This is self-hosted, as far as I understand, so you still need to know what you're doing.
🔴 To support my channel, I'd like to offer Mentorship/On-the-Job Support/Consulting (me@antonputra.com)
I wish sometime you will make AWS EMR on EKS Video. YOU CAN DO IT ❤😂
@@Daveooooooooooo0 EMR? Sure... What topics do you think I should cover?
@@AntonPutra first the whole concept of BigData and AWS, then some different kinds of EMR deployments (the last type is as EMR containers).. maybe after that some glue , and a maybe a simple ETL.
@@Daveooooooooooo0 ok, let me see when I can do it. I've been thinking for a some time about spark/flink/airflow, maybe I'll start with EMR.
Also AWS apache airflow and other cool stuff aws serve can be used to monitor and hold history
Guys, please take his videos very seriously. His videos are helped me to crack 7 interviews in straight. His videos are 💎❤
❤️
I did your 20 projects. I am grateful to you for your passion for your craft and a will to share your knowledge with us.
curious which 20 projects? can you paste link?
thank you!
i have a few here - github.com/antonputra/tutorials/blob/main/docs/contents.md
Thank you for posting such a comprehensive video.I have learned so much from your videos.Great Quality Content!
thank you!!
I have always been impressed by your videos, and this is no exception. I learned a few things myself and it will be easier to go over some concepts with my junior colleagues after they watch this.
thank you!
I have been waiting for this for so long. Can’t wait to knock off and watch.
❤️
Much awaited
Thanks for making this video series
my pleasure!
As usual, your content always give me a great insight! Thank you for sharing
my pleasure!
Awesome tutorial, you're the best instructor 😊
Thank you! 😃
Another great video! Thanks Anton
thank you!!
Thank you for these production grade videos. You are simply the best.
One request, could you make a bootcamp on how to set up a production grade end-to-end infrastructure with GitOps enabled?
Including common issues encountered and how to resolve them
Thanks, I'll see what I can do. Usually, you would have one tool for VMs, another for Kubernetes, and then you might have some Flink jobs or Storm topologies. So, it's almost never a one-size-fits-all solution in terns of GitOps tools and you would need to create some custom wrapers/scripts.
@@AntonPutra That would be awesome! thank you in advance
this weekend i will learn a lot of thinks from you
cool, thanks!
Thank you so much for this treasure … i will try this on a kubespray cluster and harbor instead of EKS and ECR
Sure, it doesn't even have to be a cloud
Awesome. I didn't think to use this method. Usually I'm doing manually to do pause the deployment 😅. Anyway thanks anton for the idea
welcome :)
This is awesome information, requesting you to please create video on Jenkins on EKS and deploy on other AWS eks cluster
I have been thinking about Jenkins for a long time. Everyone thinks it will eventually die and be replaced, but once again, everyone keeps using it. :)
@@AntonPutra yes it is the pioneer of CICD process, I like the way you explain and use terraform scripts
@@milindchavan007 ok will do, but first few benchmarks :)
Спасибо! Интересный подход.
pojalusta, there are some other approaches as well
Nice video! Very informative, by any chance would you be able to make a video on multi cluster setup with argocd + eks ?
Love your videos, wish you did some more gcp related though 👍
thanks, maybe in the future
hi @AntonPutra, I saw in your videos that you usually prefer to install all the infrastructure components using Terraform helm_release. What infra tools installed on EKS do you recommend to install using Terraform and what tools do you recommend to install via ArgoCD?
21:46
What do you mean by plain yaml manifest objects that are not supported for argo? I have used argocd with declarative plain yamls & works just fine. Is it something new with the latest version of Argo?
I mean argocd image updater does not support plain yaml, you can still apply it using ArgoCD but won't be able to setup continuous delivery. FluxCD supports plain yaml with CD.
For image updater to work you have 3 options. 1. helm, 2. kustomize 3. helm+kustomize
@@AntonPutra
Ah....I see. Thanks for reply
@@fio_mak no problem
Thank you very much for the video, I currently have a ruby on rails project that from a single repository we need to deploy multiples sites, I was guided by the series of previous videos of the creation of the cluster in eks and in the end everything worked fine, each client has its ingress, secrets and others, the problem I have now is if it is best to use ArgoCD to make the CI/CD without problem and how would I have to create the ingress, secrets and other things for each of the sites to be deployed and if I need to add more sites how could I automate that? thank you very much for the help and excellent videos
I'm not sure if I understood the question, but why not package your 'site' (assuming Ruby on Rails + Ingress + secrets) as a Helm chart and deploy it for each client?
@@AntonPutra Ah okey thanks, i try it
Thank you for the lesson!
I'm a little confused by this approach. Why do we need this gitops script to freeze/resume/update all microservices...? Was it just a requirement that was for a particular project, or is it a classic approach? On the project where I'm currently working, all microservices are released independently of each other on prod when a git tag is created. In this case, we only update the folder of the required environment and release a specific microservice on a specific environment. Can you please explain the meaning of approach that you showed in the video in more detail?
And also a couple of questions regarding the video:
1. Why did you create app of apps in another repo (not k8s) and apply it manually? Is it a bad idea to have it also in k8s folder in the root of the repo and allow argocd to apply it?
Thank you in advance!
An independent release cycle for each microservice is an ideal use case, but it can be difficult to achieve if you have many dependencies. You need a staging environment, or as I showed, the ability to freeze the development environment to test all components/microservices together. Frequently, in addition to applications running on Kubernetes, you may have Flink/Spark jobs or Storm topologies (data processing pipelines) that need to be tested alongside other applications.
The App of Apps file can be in the Kubernetes repository as well; you just need to apply it as part of your cluster bootstrap.
@@AntonPutra I got it, thanks. So, if we don't want to freeze the whole environment and wanna release independently, what would be the best practice?
Right now, we have a harbor repository with different prefixes (dev/stage/prod where we store images for our applications, e.g. dev/web:1.1.1 stage/web:1.1.1 prod/web:1.1. 1 and so on) and when we want to release a new prod version, we just tag the latest stage image with the prod prefix (stage/web:2.2.2 -> prod/web:2.2.2) and push it to the oci repository so that the image updater can do its job.
What do you think about this approach? I'm new to this project and looking for ways to improve things, that's why I'm asking :)
@@ZergStylexDD It's a valid approach unless you tag your images manually or use an analog of Jenkins to tag them. I would still prefer to use the Pull Request mechanism. For example, you can create an intent with the requested version to be deployed in production, and when it's merged, you have automation that tags your image with a prod prefix. Additionally, I would also prefer a mechanism where you revert the Pull Request to the previously deployed version in production in case something happens, so that the deployed version can be automatically reverted.
Hi, this is an exceptionally good video, I love it. I'm just a bit confused because looking at the previous tutorials I used Kustomize to display my different environments but here Helm Chart is used. Which is more advisable to use if I have a lot of environments to deploy? Maybe with Kustomize I would have to “repeat” many yamls in different environments, so it might be reasonable to use Helm.
not at all, you can follow the same approach and use kustomize with yaml, by the way you can also use kustomize with helm but it is besides the point
Hello, thanks for the work you put to do these videos. What happens if the writeback branch is protected? How safe is to allow image updater service user to write back to the main branch with force-push permissions? We have a setup where we want to use image updater for DEV to enable automatic deployment, with writeback to main, and then QA/Prod would be PR workflow using manual image tag update.
it is not safe, but on the other hand image updater won't work with app o apps pattern with other upda strategy. to be honest take a look at flux v2, it does everything, you don't need to grant it write permissions it will use secret to maintain state
🍿 Benchmarks: ruclips.net/p/PLiMWaCMwGJXmcDLvMQeORJ-j_jayKaLVn&si=p-UOaVM_6_SFx52H
Thank you!!!
welcome!
Hi Anton,
Thank you for your valuable videos. I have a question regarding accessing ArgoCD from the internet. I’ve set up an EKS cluster, deployed ArgoCD, configured AWS Certificate Manager, and created the AWS Application Load Balancer Controller.
However, I haven’t found clear instructions on how to expose ArgoCD to the internet without using port forwarding. Could you provide some guidance or resources on this?
For this you will need to create an ArgoCD ingress resource for your AWS LBC.
Great tutorial as always.. I'm new to gitops... I don't understand the python section.. why do we need those scripts? Freeze or unfreeze environment? can anyone explain ? tx
Can their be another video on argocd with argo rollouts(canary or blue-green deployment)
yes
@@AntonPutra Thankyou
Hey I have been following you from 2 years and really impressed by your knowledge . I look forward for your videos. Can you make a brief video about future of DevOps? do you believe that AI will transform the basic stuff? if yes what domain we should consider?
Thanks! I'll think about it.. Well you still need to train AI somewhere, so you need compute, data pipelines etc
Awesome
thank you!
Why did not you used the kustomize tool instead here to deploy in different environments. Like you did in argocd image updater 2 nd video.
you can, i even have a pr with an example. i just forgot to include or was just lazy lol
anton I have a problem with argocd, it says:
Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = ssh: handshake failed: knownhosts: key is unknown
For it to work I had to use the parameter "insecure = true" but I understand that it is not a good practice, any recommendations that can help me?
Thank you for these great videos, Can I use an ApplicationSet instead of an Application in this setup? Specifically, will ArgoCD Image Updater work with an ApplicationSet without any conflicts when updating the image?
Yes, you can someone created a PR already, take a look - github.com/antonputra/tutorials/pull/246
@AntonPutra is there any ways to implement the ArgoCD on the prod servers, an we have our. env in one of our EC2 instances and due to security concerns it is not possible to store in the Git, and we want ArgoCd to pull this env during deployments, apart fron using AWS secret Manager, can we apply this .env changes locally
Without storing on gif.Please reply
sure, actually it is a default mode which as far as i remember only uses internal kubernetes secret to store all the versions. there is only limitation that you cannot use app of apps pattern at this stage, maybe it's an issue for you
I tried this and got error in argo cd with connection with git, then I chnaged the repo URL to SSH one, then it worked nicely, But I don't know why it happned. Thanks for this awesome content
thank you!
its not about video context, what do u think about coolify?
I used Heroku many years ago. It's easy to deploy and upgrade your apps. I think it's a great starting point. This is self-hosted, as far as I understand, so you still need to know what you're doing.
Fresh from the oven
😀