NixCon2023 Nix and Kubernetes: Deployments Done Right

Sdílet
Vložit
  • čas přidán 27. 08. 2024
  • media.ccc.de/v...
    Nix is an amazing build tool not only for applications, but also for the infamous "yaml engineering". Join Volodymyr to learn about the journey of using nix along with argocd to deploy payloads into kubernetes.
    What you will learn:
    - Setting up nix to work with argocd
    - Deploying simple applications written purely in nix
    - Utilizing the public helm charts in nix, with custom configuration and resource overriding without the chart forking
    - Using nixpkgs' modules system for complicated muti-cluster deployments
    Vladimir "farcaller" Pouzanov
    talks.nixcon.o...
    #nixcon2023

Komentáře • 13

  • @matthewstott3493
    @matthewstott3493 Před 5 měsíci +4

    LOVE the Tolkien reference! That was really well done.

  • @houstonbova3136
    @houstonbova3136 Před 15 dny

    I feel like yaml doesn’t have to be repetitive. It’s parsed so like just make a smarter parser and structure the requirements better, yeah?
    I don’t particularly care yaml vs Toml most of the time they’re both a lot better than json.

  • @PatrikStutz
    @PatrikStutz Před 11 měsíci +12

    Amazing!! But what about secrets? Do you let them go into the nix store?

    • @fabiandrinksmilk6205
      @fabiandrinksmilk6205 Před 7 měsíci

      You can use sops-nix to encrypt secrets and decrypt during deployment. I believe that they are encrypted in the nix store.

    • @realEchoz
      @realEchoz Před měsícem

      best thing to do with secrets in my experience is to keep them out of git and manifests in general as much as you can by using one of the various operators that can populate them for you from an external secret store.
      inserting them with templates and such seems tempting but it's bound to leave secrets in all kinds of places where they don't belong (pod specs, etc.) and adds additional security concerns along the way from git to k8s.

  • @joebobjoesayshi
    @joebobjoesayshi Před 11 měsíci +3

    Don't forget if you install nix on Mac you have to install it over, and over, and over, and over, and over again after nearly every macOS update.

    • @vpxc
      @vpxc Před 11 měsíci +7

      macOS' behavior here is very annoying, but happily you don't really need a full reinstall, generally. Updates in macOS usually just overwrites the shell setup files that set up the Nix environment. If you use Nix-Darwin to manage those files, you can just nuke the replacements and let darwin-rebuild replace them again. You don't have to lose /nix/store and redownload/rebuild everything, at least!

    • @joebobjoesayshi
      @joebobjoesayshi Před 11 měsíci

      @@vpxc Software on macOS should "just work".

    • @vpxc
      @vpxc Před 11 měsíci +5

      @@joebobjoesayshi That's what people say! But in my experience, macOS has never lived up to that slogan.

    • @joebobjoesayshi
      @joebobjoesayshi Před 11 měsíci

      @@vpxc It has in mine. I think I'll just use MacPorts. Nix shouldn't be released on macOS.

    • @MarcusRamberg
      @MarcusRamberg Před 11 měsíci +4

      @@vpxc I just upgraded to Sonoma with no ill effects. I use the fish shell tho.

Další v pořadí
Automatické přehrávání
NixCon2023 microvm.nix34:13NixCon2023 microvm.nix
NixCon2023 microvm.nixNixCon
zhlédnutí 4,2K
NixCon2023 not-all-packages-anymore.nix25:45NixCon2023 not-all-packages-anymore.nix
NixCon2023 not-all-packages-anymore.nixNixCon
zhlédnutí 1,5K
Flakes: Nix Unshackled - Graham Christensen | PackagingCon 202324:20Flakes: Nix Unshackled – Graham Christensen | PackagingCon 2023
Flakes: Nix Unshackled - Graham Christensen | PackagingCon 2023PackagingCon
zhlédnutí 7K
天使救了路飞!#天使#小丑#路飞#家庭00:35天使救了路飞!#天使#小丑#路飞#家庭
天使救了路飞!#天使#小丑#路飞#家庭家庭搞笑日记
zhlédnutí 94M
Here’s why first responders are calling her a hero.00:16Here’s why first responders are calling her a hero.
Here’s why first responders are calling her a hero.KSDK News
zhlédnutí 79M
GAME OF O.U.T. vs MINI CELINE 🙈⚽️00:38GAME OF O.U.T. vs MINI CELINE 🙈⚽️
GAME OF O.U.T. vs MINI CELINE 🙈⚽️Celine Dept
zhlédnutí 33M
So brutal REVENGE 😂😭🔥 @BrutalAssaultOFFICIAL #youtube #festival #comedy #metal #corpsepaint00:15So brutal REVENGE 😂😭🔥 @BrutalAssaultOFFICIAL #youtube #festival #comedy #metal #corpsepaint
So brutal REVENGE 😂😭🔥 @BrutalAssaultOFFICIAL #youtube #festival #comedy #metal #corpsepaintcikindeles
zhlédnutí 18M
NixCon2023 Declaring an IDE with evalModules27:00NixCon2023 Declaring an IDE with evalModules
NixCon2023 Declaring an IDE with evalModulesNixCon
zhlédnutí 1K
The case for Nix on the home server26:11The case for Nix on the home server
The case for Nix on the home serverSouthern California Linux Expo
zhlédnutí 2,6K
NixCon2023 Nuenv: an experimental derivation builder for Nix24:50NixCon2023 Nuenv: an experimental derivation builder for Nix
NixCon2023 Nuenv: an experimental derivation builder for NixNixCon
zhlédnutí 1,1K
NixCon2023 Flake schemas19:23NixCon2023 Flake schemas
NixCon2023 Flake schemasNixCon
zhlédnutí 2,3K
Nix Kubernetes and the Pursuit of Reproducibility - Josh Rosso, Reddit34:39Nix Kubernetes and the Pursuit of Reproducibility - Josh Rosso, Reddit
Nix Kubernetes and the Pursuit of Reproducibility - Josh Rosso, RedditCNCF [Cloud Native Computing Foundation]
zhlédnutí 2,6K
NixCon2023 disko and nixos-anywhere: Declarative and Remote Installation of NixOS33:56NixCon2023 disko and nixos-anywhere: Declarative and Remote Installation of NixOS
NixCon2023 disko and nixos-anywhere: Declarative and Remote Installation of NixOSNixCon
zhlédnutí 5K
Docker and Nix (DockerCon 2023)48:09Docker and Nix (DockerCon 2023)
Docker and Nix (DockerCon 2023)Docker
zhlédnutí 10K
This homelab setup is my favorite one yet.21:30This homelab setup is my favorite one yet.
This homelab setup is my favorite one yet.Dreams of Autonomy
zhlédnutí 206K
NixCon2023 Tvix36:05NixCon2023 Tvix
NixCon2023 TvixNixCon
zhlédnutí 1,7K
7 Nejhorších Katastrof v Česku20:567 Nejhorších Katastrof v Česku
7 Nejhorších Katastrof v ČeskuBige
zhlédnutí 223K
The First Time You Say ' Mom ' #shortsfeed #funny00:27The First Time You Say ' Mom ' #shortsfeed #funny
The First Time You Say ' Mom ' #shortsfeed #funnyMiniMoochi
zhlédnutí 20M
Elektrický Šok Za Každý Gól V FC24! @michsako20:41Elektrický Šok Za Každý Gól V FC24! @michsako
Elektrický Šok Za Každý Gól V FC24! @michsako Dodo dva
zhlédnutí 81K
NA toto se úplně ZAPOMÍNÁ! 🙅🏻‍♂️🤯00:58NA toto se úplně ZAPOMÍNÁ! 🙅🏻‍♂️🤯
NA toto se úplně ZAPOMÍNÁ! 🙅🏻‍♂️🤯Peca
zhlédnutí 185K
Lamine Yamal and his little brother 😍 #fcbarcelona #LamineYamal #shorts00:14Lamine Yamal and his little brother 😍 #fcbarcelona #LamineYamal #shorts
Lamine Yamal and his little brother 😍 #fcbarcelona #LamineYamal #shortsFC Barcelona
zhlédnutí 11M
He bought this so I can drive too🥹😭 #tiktok #elsarca00:22He bought this so I can drive too🥹😭 #tiktok #elsarca
He bought this so I can drive too🥹😭 #tiktok #elsarcaElsa Arca
zhlédnutí 3,4M
Guys help!, She won't stop🥹😂 @isabellaafro Credit: @JasminandJames 🫡 #dance #trending00:13Guys help!, She won't stop🥹😂 @isabellaafro Credit: @JasminandJames 🫡 #dance #trending
Guys help!, She won't stop🥹😂 @isabellaafro Credit: @JasminandJames 🫡 #dance #trendingJaymondy
zhlédnutí 11M
Philosophical Security System01:00Philosophical Security System
Philosophical Security SystemStudio C
zhlédnutí 19M