Skip to content

Part 1: Setup

This is Part 1 of a multi-part, self-paced quick start exercise.

What Will You Do

In part 1, you will perform a one-time configuration of a GitOps pipeline to enable System Sync to communicate with a Git repository.

  • Create a Gitops Agent
  • Create a Git repository
  • Create a GitOps pipeline to enable System Sync

Once this part is complete, in subsequent parts, you will test System Sync to sync bidirectionally, from Git to System and from System to Git.

Step 1: Create GitOps Agent

We must first create a GitOps Agent that will allow the pipeline to access our Git repository.

  • Ensure you are logged into the console
  • In the default project, navigate to GitOps -> GitOps Agents
  • Click on "New Agent"
  • Provide a name for the Agent
  • Select the cluster where the agent will be deployed
  • Click "Create"

Create Agent

This will create an agent on the cluster specified. The agent will be used to communicate with the Git repository. It will take a few minutes for the agent to be deployed and become healthy.

Agent Created

Step 2: Create Repository

Next, we will create a repositoy in GitHub. This repository will be used by System Sync to store the configuration files of the resources within the organization.

  • Ensure you are logged into your GitHub.com account
  • Navigate here to create a new repository
  • Enter a repository name
  • Change the repository to "Private"
  • Click "Create Repository"

This will create a new private repository in your Git system (e.g. GitHub). An example shown below.

New Git Repository

  • Create a single readme file in the repo to initiliaze it

Step 3: Add Repository

  • In the default project, navigate to Integrations -> Repositories
  • Click "New Repository"
  • Enter a name for the repository
  • Select "Git" for Type

New Repository

  • Click "Create"
  • Provide the Git repo's Endpoint URL
  • Select "Private Network" for Reachability
  • Select the agent that was previously created

Git Endpoint

  • Under the Credentials section, select "UserPassCredential" for Type
  • Enter your Github username
  • Navigate to your GitHub Developer Settings to create a Personal Access Token for your Git repository
  • Click "Generate new token"
  • Select all scopes
  • Click "Generate token"
  • Copy the token that is presented on the screen
  • Paste the token in the "Password/Token" field of the create repository page in the console
  • Click "Save"

Repo Credentials

Note

It does not matter if your GitHub repo is public or private. If public, you do not need to provide access credentials.

Optionally,

  • Under Infrastructure -> Repositories, Click on validate for your repository
  • If you see a validation successful message, the controller is able to access the repository

Validate Repository

Step 4: Create Blueprint

We will now create a custom blueprint to apply to the cluster

  • Navigate to Infrastructure -> Blueprints
  • Click "New Blueprint"
  • Provide a name for the blueprint
  • Click "Save"
  • Enter "v1" for the version name
  • Click "Save Changes"

Create Blueprint

Apply Blueprint

We now will apply the newly created blueprint to the cluster.

  • Navigate to Infrastructure -> Clusters
  • Click on the Gear Icon for the cluster where the blueprint will be applied
  • Select "Update Blueprint"
  • Select the newly created blueprint and version
  • Click "Save and Publish"

Apply Blueprint

Step 5: Create Namespace

We need to create a namespace to deploy our workload via the GitOps pipeline

  • Navigate to Infrastructure -> Namespaces
  • Click "New Namespace"
  • Provide a name
  • Select "Wizard" for type
  • Click "Save"
  • Click "Save & Go to Placement"

Create Namespace

  • Under Placement, select your cluster
  • Click "Save & Go To Publish"
  • Click "Publish"

In the example below, we have created a namespace called "nginx" on our cluster.

Create Namespace

Step 6: Create Workload

Now, we are ready to create a test workload and publish it to the namespace we just created.

  • Navigate to Applications -> Workloads
  • Click "New Workload"
  • Enter a name for the workload
  • Select "k8s YAML" for package type
  • Select "Upload files manually" for Artifact Sync
  • Select the namespace previously created
  • Click "Continue"

Create Workload

  • Click "Choose File"
  • Save the below manifest to a YAML file on your machine and select the file for upload
apiVersion: v1
kind: Service
metadata:
  name: nginx
spec:
  ports:
  - name: http
    port: 80
    targetPort: 8080
  selector:
    app: nginx
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 2
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginxinc/nginx-unprivileged
        ports:
        - containerPort: 8080
  • Click "Save and Go To Placement"
  • Select the cluster for placement
  • Click "Save And Go To Publish"
  • Click "Publish"

Publish Workload

You can also verify the status of the k8s resources using the zero trust kubectl channel.

  • Click on Debug
  • Click on Kubectl
  • Type the following Kubectl command 
kubectl get po -n nginx

You should see something like the following:

NAME                              READY   STATUS    RESTARTS   AGE
nginx-deployment-f5b7b79d-j54jg   1/1     Running   0          2m
nginx-deployment-f5b7b79d-lmjtk   1/1     Running   0          2m

Step 7: GitOps Pipeline

The GitOps pipeline will ensure that the resources in the system are "always kept reconciled" with the desired specifications in the Git repository. It will also ensure the Git repository is reconciled with the sytem if a change is made directly on the system.

We will now create a GitOps Pipeline.

  • Navigate to GitOps -> Pipelines
  • Click "New pipeline"
  • Enter a friendly name
  • Click "Create"

Add Stage

A pipeline can have multiple stages, with completely different actions to model your desired workflows. In this exercise, we will test with a simple, single stage pipeline.

  • Under Stages, Click "Add New Stage"
  • Provide a name for the stage
  • For Action, select "System Sync"
  • Select "Git to System Sync"
  • Select the previously created repository
  • Enter "main" for the branch
  • Select "System to Git Sync"
  • Select "Use Source As Destination"
  • Under "Included Resources", click "Add Resource"
  • Select "Blueprint"
  • Again, under "Included Resources", click "Add Resource"
  • Select "Workload"
  • Click "Save"

New Stage

Add Trigger

A pipeline can be executed based on an "external trigger". For example, changes to the manifests in your Git repository. In this exercise, we will configure a trigger that will receive a webhook notification when specific files in your Git repository are modified.

  • Under Triggers, click "Add New Trigger"
  • Provide a name for the trigger
  • Select "Webhook" for type
  • Select the repository that we created previously
  • Select "Github" for Repository Type
  • Enter "main" for revision
  • Click "Save"

New Trigger

You will now be presented with the webhook configuration details that you need to copy/paste to your GitHub repository. Once you complete this step, the GitOps pipeline will be configured to receive webhook notifications whenever the repository is updated in Git.

Webhook in GitHub

  • Navigate to your GitHub repository -> Settings -> Webhooks
  • Click "Add webhook"
  • Copy and Paste the "Payload URL" and "Secret" from the previous step
  • Click "Add webhook"

Webhook in GitHub

Activate Pipeline

By default, newly created pipelines start life in a deactivated state.

  • Click "Activate" to activate pipeline

Activated Pipeline

Recap

In this part, you successfully configured a GitOps pipeline to enable System Sync between the sytem and your Git repository. You are now ready to move to subsequent parts of the exercise to start testing System Sync.