Origin Continuous Deployment (OCD) is bash tooling and helm packages to build, configure and repeatably deploy applications on Origin Kubernetes Distribution and Red Hat OpenShift driven by git webhooks. OCD lets you live the dream of self-service infrastruture as code running on Kubernetes. The public repos in the ocd-scm organisation are all of the tools that uniqkey.eu uses to run its business on OpenShift Online Pro running in Amazon AWS.
Using those to simple primatives gives:
OCD uses high level OKD container build features, deployed using generic Helm charts, organised into high level releases using Helmfile, properly encrypted into git, using simple bash scripts, called by adnanh/webhook. OCD provides strong conventions and generic building blocks that can deliver “application infrastructure as code” with complete git driven automation.
OCD is also chatbot friendly. We use a botkit slackbot that creates git releases and PRs to upgrade apps. This means team members who are not developers can move the code they tested into production. This is known as ChatOps.
See the wiki for more details including how to run the demo on either minishift or openshift online pro.
The sequence diagram gives above an overview of how pushing changes to one or more helmfile.yaml config files in a config git repo automatically updates chart releases within openshift. Your helmfile.yaml can install any helm charts you like from the public chart repositories. OCD provides its own chart repository that is setup by default that includes generic charts that:
ConfigMapsthat can configure deployments or builds
Secretsthat can configure deployments. The contents of the secrets are encrypted in git using either the helm secrets plugin or git-secret.
DeploymentConfigsthat run any 12factor.net app that is configured using
BuildConfigthat watch for git tags in your microservice code repos then build that tag and tag the resultant container image with the same tag. You can then use the same tags in helmfile yaml that configures your deployments in all your environments.
Since OCD builds and promotes your code based on git tags it can fully manage your deployments based on git tags. You can keep on using whatever branch strategies you want and whatever continuous build and test system you like. When you are happy to release just tag your code. OCD will create a container image containing the tagged code and tag that container image with the git tag. Then you just put that tag number in the helmfile.yaml in the git repo that defines all the config for a given environment and OCD will update the environment to run that code.
This repo is used to publish the Helm charts that OCD uses to install webook handlers, secrets and generic s2i builders. You can use any 3rd party helm charts with OCD. You may find it convenient to use the OCD charts if you run 12factor apps. You don’t need to use s2i to build your containers. The OCD builder charts are simply provided to make it easy to build containers from git release tags that are tagged with the same tag if you want to do that. You can use whatever CI build tool you want that can run in parallel to OCD.
This repo also hosts the main wiki that documents how to use all the OCD components that are within the same GitHub organisation.
We have cut over all of our production apps onto OCD and have released v1.0.0 of the charts. 🍾
We test on:
Online Pro is a multi-tenant set up with no admin access for tenants. As we test there we can expect OCD to work fine with any less locked down OKD or RCP on-prem, dedicated or managed cluster.
The wiki has tutorials of setting up a ReactJS demo app on both minishift and openshift online pro.