Skip to content

This demo shows how to use Anthos Config Management to centrally configure and manage 'landing-zones' for multiple application deployment teams and implement pull request flows to request and approve changes

Notifications You must be signed in to change notification settings

ggalloro/acm-workshop

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ACM GitOps Workshop

Using Source Code Management Patterns to Configure & Secure Kubernetes Clusters

This repo contains assets to run an Anthos Config Management (ACM) workshop.

The workshop shows how to use Anthos Config Management to manage multiple Kubernetes clusters in different environments (GCP, other clouds, on-prem) in order to:

  • Centrally configure and manage 'landing-zones' for multiple application deployment teams
  • Implement pull request flows to request and approve changes
  • Enforce security guardrails through Policy Controller constraints (based on OPA Gatekeeper)

The person running the workshop impersonates the 'platform team' and the 'security team' defining managed clusters configurations and security policies (quotas, rbac, network policies, etc...) and, in addition to that, will use two distinct Google accounts to impersonate 2 different application delivery teams deploying workloads in their assigned 'landing zones' defined as namespaces named application1 and application2.

Managed clusters will sync their configuration using Anthos Config Management Config Sync and security policies will be enforced with Anthos Config Management Policy Controller based on OPA Gatekeeper.

Workshop Recordings and Slides

This workshop has been run as a talk named Using Source Code Management Patterns to Configure & Secure Kubernetes Clusters in the following events:

GitOps Days 2021

Codemotion Tech Conference 2021 - Slides

How to run the workshop

  1. Preparation Steps
  2. Workshop Execution

About

This demo shows how to use Anthos Config Management to centrally configure and manage 'landing-zones' for multiple application deployment teams and implement pull request flows to request and approve changes

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages