Top 11 Continuous Delivery Tools for Kubernetes (Part 2)

March 20, 2018

In this Part 2 of our top 11 CICD tools for creating an automated pipeline to Kubernetes, we looked at tools designed for Continuous Delivery.

Related posts

KubeCon EU 2023 Recap – GitOps Sessions on Flux with OCI, Liquid Metal CI/CD Platforms & Telco Cloud Platforms

Extending GitOps Beyond Kubernetes with Terraform Controller

Kubernetes On-Premise - What You Need to Know

In Part 1 of this series, we looked at tools grouped under Package Managers and CI tools with CD support for Kubernetes. In part 2 we will discuss the tools that fall under the CD only category.

CD only Tools

This group contains tools that do only one thing - primarily Continuous Delivery to Kubernetes. With these tools you can choose the CI system that you want, the container registry, but the CD portion will be taken care of for you.

8. Weave Cloud

Weave Cloud is a SaaS that can automatically deploy your application updates to a running Kubernetes cluster. Weave Cloud works alongside your existing CI system and Image repository and handles your deployments to Kubernetes.

When a developer makes a code change and pushes it to ‘git’ or any other Version Control System, it triggers the deployment pipeline. As advocates of the GitOps methodology, a Git push is the catalyst for the pipeline and is also the source of truth for declarative configuration for Kubernetes, deployments manifests as well as source code.

Pros: Weave Cloud is one of the only Continuous Deployment solutions that keeps your cluster credentials secure inside the cluster where they belong. With Weave Cloud an agent acts on behalf of the cluster to listen to events relating to custom resource changes, so they can be consistently applied. The operator that sits inside of your cluster is responsible for synchronizing what’s in Git with what’s running in Kubernetes. It has a pull pattern rather than push where credentials can be leaked outside of the cluster during a deploy.

For more information on this topic see, Approaches to Continuous Delivery in our Kubernetes Library.

Cons: Helm support is currently only in Alpha and requires a little bit of configuration to get working properly.

9. Spinnaker

Developed by Netflix is an open source tool that manages deployments and pipelines and supports Helm charts. Spinnaker supports any CI tool and cloud provider and it can also handle blue/green and canary deployments.

However the tool was originally developed to manage VMs and not Kubernetes objects, and can be complex to set up and maintain since it uses a slightly different paradigm.

10. Codefresh

Is a continuous delivery pipeline tool that also supports Helm charts. Codefresh is a GUI-based environment for building and deploying your applications. It allows you to hook up to and use your favorite repo, CI and image repository. Codefresh has an extensive set of plugins that includes Helm as well as many of the other popular CI/CD tools like Jenkins.

An advantage of Codefresh is that you are free to continue using your favourite tools. But a disadvantage is that third-party tools are setup from their GUI and so when things go wrong it adds another layer of complexity to your pipeline. Codefresh also doesn’t solve the problem of cluster credentials living outside of the cluster which can leave your cluster vulnerable to attacks.

11. Harness

Harness is a delivery as a service. It provides the ability to build out a complete pipeline and also has security at the centre of its pattern. It runs as a SaaS which means you don’t have to worry about setting it up yourself. It also supports a GitOps style of development, hooks into your Git repository and has secrets management.

However, unlike Weave Cloud, it is not agnostic and it only supports a subset of tools out there. This means that you must choose one of the CI tools or one of the repositories that it supports.

In Conclusion

These are the main differences between these 11 different tools. The things we focused on were whether security has to be built separately from the tool, the complexity of set up, whether it’s open source or not, and the approach taken, is it a Pull type pipeline rather than a Push type architecture.

Tool

Built-in Security

Complexity

OSS/ closed source?

Pull vs Push?

Works with most tools

Package Managers






Helm

No

high

OSS

Push

Yes

Draft

No

high

OSS

Push

No

ksonnet & jsonnet

No

Medium

OSS

Push

No

CI Tools with K8S support






Jenkins

No

High

Both

Push

Yes

CircleCI

No

High

Closed

Push

Yes

Gitlab

No

Low

Closed

Push

No

Travis

No

High

OSS

Push

Yes

CD Only tools





Weave Cloud

Yes

Low

Both

Pull

Yes

Spinnaker

No

High

OSS

Push

No

Codefresh

Yes

Medium

Closed

Push

Yes

Harness

Yes

Low

Closed

Push

Yes

Further reading

Read our latest whitepaper, "Making the Leap from Continuous Integration to Continuous Delivery" which details the hurdles that DevOps teams must clear in order to move from CI to CD and the best practices for making the difficult leap. It is designed as a resource for DevOps practitioners who want to take full advantage of the efficiencies and operational advantages that CD enables, yet struggle to overcome conceptual, cultural and technological challenges. 

Download_the_White_Paper_310x40.png


Related posts

KubeCon EU 2023 Recap – GitOps Sessions on Flux with OCI, Liquid Metal CI/CD Platforms & Telco Cloud Platforms

Extending GitOps Beyond Kubernetes with Terraform Controller

Kubernetes On-Premise - What You Need to Know

Top 11 Continuous Delivery Tools for Kubernetes (Part 1)