Cloud native tool providers Weaveworks have just released version 2.4 of their commercial Kubernetes platform in a bid to provide customers with a way of using GitOps and Kubernetes more widely.
GitOps is a term – coined by Weaveworks CEO Alexis Richardson – that arises often when talking to anyone from the company, and describes an operating model for Kubernetes which uses version control system Git as the single source of truth for both app code and declarative infrastructure.
So it will come as no surprise that GitOps is front and center of the latest Weaveworks Kubernetes Platform (WKP) release – a product that tries to offer an alternative to enterprise-geared distributions such as Rancher and Red Hat OpenShift.
Speaking to Dev Class, Weaveworks COO Steve George, points out it has become trickier to get a foot into the door in a crowded sector.
“Two years ago, people were just getting started using Kubernetes. But today, you have some users that have already chosen their Kubernetes platform, they might be using Eks or maybe they’re using OpenShift. Or maybe they’ve got a variety of different Kubernetes – in an organization like a finance firm, you might see two or three.”
In these cases GitOps can become a value proposition in its own right, which is why the new release was branded by George as GitOps anywhere.
“You’ve already got your cluster installation process, you’ve got your clusters up and running, and then we can put GitOps on the top of it. The benefit that you get is having the configuration management and control of the cluster and all of the components, and the applications and everything that is running on top. But then you can continue to use whatever you’re using – Tanzu, EKS, OpenShift, GKW, whatever you want.”
To realise this, WKP deals with cluster installation and management separately from the cluster component and workload definition, and adds Team Workspaces with RBAC – WKP’s GitOps observability tooling – along with “a standard and supported set of cluster add-ons” to the system already in use. The approach seemed good enough for AWS, who named Weaveworks as one of the initial partners of its just announced new Kubernetes distribution EKS-D – mainly as a GitOps provider via WKP.
If team workspaces and role based access control is something you haven’t seen in the context of MWP yet, it’s because “the ability to specify access control and enforce access policies across namespaces” is amongst the main 2.4 features. “What it does is, it basically wraps Kubernetes namespaces and Kubernetes security controls, authentication authorization, and it associates that with a team.”
“So basically you go in, create a team, associate that with a GitHub team or a GitLab team or you know, some application, and then you can deploy that into the cluster” George told us. “It is done through the UI and the end user doesn’t need to know how we’re mapping all of those.”
A dev can still change those if they want to. Built-in roles are workspace-member, namespace-admin, and cluster-admin, though there’s always the option to configure additional ones in Git.
On top of GitOps anywhere, there’s also a Kubernetes anywhere initiative which is designed to help customers install WKP on top of any existing infrastructure. “What it’s bringing to Kubernetes is an installation process that will work wherever you need to” George said, naming scenarios behind the firewall or with very controlled internet access as examples. However, Weaveworks isn’t alone in giving that a go. Rancher, for example, has also tried to make sure its distribution can be used in air gapped environments.