Top 11 Continuous Delivery Tools for Kubernetes (Part 2)
In this Part 2 of our top 11 CICD tools for creating an automated pipeline to Kubernetes, we looked at tools designed for Continuous Delivery.
In Part 1 of this series, we looked at tools grouped under Package Managers and CI tools with CD support for Kubernetes. In part 2 we will discuss the tools that fall under the CD only category.
CD only Tools
This group contains tools that do only one thing - primarily Continuous Delivery to Kubernetes. With these tools you can choose the CI system that you want, the container registry, but the CD portion will be taken care of for you.
8. Weave Cloud
Weave Cloud is a SaaS that can automatically deploy your application updates to a running Kubernetes cluster. Weave Cloud works alongside your existing CI system and Image repository and handles your deployments to Kubernetes.
When a developer makes a code change and pushes it to ‘git’ or any other Version Control System, it triggers the deployment pipeline. As advocates of the GitOps methodology, a Git push is the catalyst for the pipeline and is also the source of truth for declarative configuration for Kubernetes, deployments manifests as well as source code.
Pros: Weave Cloud is one of the only Continuous Deployment solutions that keeps your cluster credentials secure inside the cluster where they belong. With Weave Cloud an agent acts on behalf of the cluster to listen to events relating to custom resource changes, so they can be consistently applied. The operator that sits inside of your cluster is responsible for synchronizing what’s in Git with what’s running in Kubernetes. It has a pull pattern rather than push where credentials can be leaked outside of the cluster during a deploy.
For more information on this topic see, Approaches to Continuous Delivery in our Kubernetes Library.
Cons: Helm support is currently only in Alpha and requires a little bit of configuration to get working properly.
9. Spinnaker
Developed by Netflix is an open source tool that manages deployments and pipelines and supports Helm charts. Spinnaker supports any CI tool and cloud provider and it can also handle blue/green and canary deployments.
However the tool was originally developed to manage VMs and not Kubernetes objects, and can be complex to set up and maintain since it uses a slightly different paradigm.
10. Codefresh
Is a continuous delivery pipeline tool that also supports Helm charts. Codefresh is a GUI-based environment for building and deploying your applications. It allows you to hook up to and use your favorite repo, CI and image repository. Codefresh has an extensive set of plugins that includes Helm as well as many of the other popular CI/CD tools like Jenkins.
An advantage of Codefresh is that you are free to continue using your favourite tools. But a disadvantage is that third-party tools are setup from their GUI and so when things go wrong it adds another layer of complexity to your pipeline. Codefresh also doesn’t solve the problem of cluster credentials living outside of the cluster which can leave your cluster vulnerable to attacks.
11. Harness
Harness is a delivery as a service. It provides the ability to build out a complete pipeline and also has security at the centre of its pattern. It runs as a SaaS which means you don’t have to worry about setting it up yourself. It also supports a GitOps style of development, hooks into your Git repository and has secrets management.
However, unlike Weave Cloud, it is not agnostic and it only supports a subset of tools out there. This means that you must choose one of the CI tools or one of the repositories that it supports.
In Conclusion
These are the main differences between these 11 different tools. The things we focused on were whether security has to be built separately from the tool, the complexity of set up, whether it’s open source or not, and the approach taken, is it a Pull type pipeline rather than a Push type architecture.
Tool |
Built-in Security |
Complexity |
OSS/ closed source? |
Pull vs Push? |
Works with most tools |
|
Package Managers |
|||||
|
Helm |
No |
high |
OSS |
Push |
Yes |
|
Draft |
No |
high |
OSS |
Push |
No |
|
ksonnet & jsonnet |
No |
Medium |
OSS |
Push |
No |
|
CI Tools with K8S support |
|||||
|
Jenkins |
No |
High |
Both |
Push |
Yes |
|
CircleCI |
No |
High |
Closed |
Push |
Yes |
|
Gitlab |
No |
Low |
Closed |
Push |
No |
|
Travis |
No |
High |
OSS |
Push |
Yes |
|
CD Only tools |
|||||
|
Weave Cloud |
Yes |
Low |
Both |
Pull |
Yes |
|
Spinnaker |
No |
High |
OSS |
Push |
No |
|
Codefresh |
Yes |
Medium |
Closed |
Push |
Yes |
|
Harness |
Yes |
Low |
Closed |
Push |
Yes |
Further reading
Read our latest whitepaper, "Making the Leap from Continuous Integration to Continuous Delivery" which details the hurdles that DevOps teams must clear in order to move from CI to CD and the best practices for making the difficult leap. It is designed as a resource for DevOps practitioners who want to take full advantage of the efficiencies and operational advantages that CD enables, yet struggle to overcome conceptual, cultural and technological challenges.
