CI/CD tools for Kubernetes Workloads - a short list
Continuous Integration (CI) and Continuous Delivery (CD) are best practices for most modern DevOps teams. To aid your CI/CD pipeline, we’ve grouped the most popular Kubernetes CI/CD tools into the following categories: Package Managers, CI Tools that Support Kubernetes, and CD only tools.
What is CI/CD?
In recent years, Kubernetes has emerged as the leading container management platform. Kubernetes comes with a rich set of capabilities and benefits, due to its comprehensive API and developer-friendly features.
To automate Kubernetes application development and deployment, DevOps teams use continuous integration and continuous delivery/deployment (CI/CD). CI/CD refers to a set of best practices for building, testing, and releasing applications for most modern DevOps teams.
A CI/CD pipeline is a set of steps - usually automated- that a developer must perform to deliver a new version of a product software. An automated CI/CD pipeline automates the software delivery process; it builds code, runs tests, and safely deploys the new version of the application.
A typical Kubernetes CI/CD pipeline consists of the following elements:
- Version Control Software repository - e.g GitHub, GitLab
- Continuous Integration System - e.g Jenkins X, Circle CI
- Image registry
- Kubernetes cluster
Handpicked Related Content:
- Kubernetes CICD - What You Need to Know
- Kubernetes 101 - Kubernetes Container Explained
- Why is a Pull vs a Push Pipeline Important
Helm: The Kubernetes Package Manager
Traditional package managers have been around for some time and are a development pattern that is recognized by most engineers. Kubernetes package managers attempt to emulate the functionality of classic package management tools like: apt, yum, apk, and Homebrew.
A package manager helps developers define, install, and upgrade the most complex Kubernetes application. Helm is the defacto package manager for Kubernetes applications
Developed by DeisLabs in 2015, Helm was donated to the CNCF in 2018 and is now at the Graduated project maturity level. Since its inception, Helm has gained a lot of momentum, focused on automating the Kubernetes application lifecylce in a simple and consistent way. Helm simplifies automated management (install, update, or uninstall) of packages for Kubernetes applications, with simple application deployment.
How does Helm work?
Helm uses ‘charts’ where you can define a package of Kubernetes resources and any dependencies needed for your app. Helm charts are basically Helm packages consisting of YAML files and templates which are then converted into Kubernetes manifest files. These charts can be reused by anyone for any environment, reducing complexity and avoiding duplicates. There are three basic concepts of Helm charts and they are:
- Chart: a preconfigured template for provisioning Kubernetes resources
- Release: a chart that has been deployed to a Kubernetes cluster using Helm
- Repository: a public or private location for storing charts.
When working with Helm, developers search repositories for charts, install the charts onto their Kubernetes clusters, thus creating a release.
Helm Chart Structure:
Below are the files and directories of a Helm Chart:
GitOps is a set of tools and practices that allow for faster and more frequent deployment, easy recovery from failures, and improved security and audibility. GitOps tools facilitate continuous delivery of software into a Kubernetes cluster while applying the four principles of GitOps:
- Versioned and immutable
- Pulled automatically
- Continuously reconciled
With GitOps, teams can automate several aspects of software deployment using a software agent called Weave GitOps (built on the open source tooling Flux). This software agent sits between the information in Git and the production Kubernetes cluster, to reconcile any drift that occurs between the two. If you couple Helm with GitOps tools and pipelines, you can streamline this process even further.
Both Weave GitOps and Flux CD are designed to work with Helm. Here’s how:
- They support the use of semver for Helm Chart versions
- They support the use of OCI registries via the HelmRepository resource
- Both will actively (every 30 mins) poll the relevant https or OCI repositories looking for Helm charts to use for your deployment.
- They can be configured to match semver patterns, so that whenever a new Helm chart becomes available for your application, it will be version-matched
- If the match is successful, the deployment will be made automatically.
- Using the Flux Notification Controller, alerts (Slack, MS Teams, Google Chat, GitHub Actions) will be triggered with certain events (e.g repository_dispatch event).
- Helm Charts in Kubernetes - A primer guide for beginners
- Putting Helm at the Heart of your GitOps Pipeline
- Weave GitOps Automation for Helm and GitHub Actions
Kubernetes CI/CD Tools
Kubernetes CI tools have been around for quite some time and as mentioned earlier, they were designed to unit test and integrate your changes with the rest of your code base. If your tests pass, you can ask it to build a Docker image and send it to a repository.
Now with Kubernetes fast becoming an established part of the development process for cloud native apps, CI tools have further evolved and many have added cluster deployment capability.
While all of these tools are good choices for continuous integration, they lack the rest of the pieces to make a complete pipeline. As a result, it’s up to you to harden the security and build the custom scripts needed to deploy your updates to the cluster. This is where continuous delivery tools come in. With continuous delivery tools, you can choose the CI system that you want and the container registry, and the CD portion will take care of the rest.
- Jenkins is an open-source continuous integration and continuous delivery tool for cloud-native applications on Kubernetes. A Java-based program, Jenkins X is a powerful CI/CD tool powerful CI/CD tool that supports building, deploying, and automating software development projects.
- Travis is a continuous integration tool that’s hosted in the cloud and does not require a dedicated server. Travis can automatically build and test code changes, providing immediate feedback on the success of the change. The tool is free for open-source projects
- Circle CI is an open-source CI/CD tool that provides an API for automatic Kubernetes deployments. CircleCI can be used on-premise or cloud-hosted and it employs various testing methods to test all code changes made before deployment.
- Flux CD is a GitOps-based continuous and progressive delivery tool, enabling declarative infrastructure and complete pipeline automation. Initially created by Weaveworks, Flux was donated to the CNCF in 2019 and is at the Graduated project maturity level.
- Weave GitOps a state-of-the-art GitOps solution, is powered by Flux, Flagger, and other leading open-source tools available today. With Weave GitOps, developers can automate the software delivery lifecycle post continuous integration and easily deploy applications into any Kubernetes cluster. Weave GitOps is available in two tiers: Weave GitOps and Weave GitOps Enterprise.
last updated February 2023