Weaveworks, profile picture
Uploaded byWeaveworks
PDF, PPTX178 views

Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossplane

The document details a webinar discussing the integration of Weave GitOps Enterprise and Upbound's Universal Crossplane to enhance security in application delivery. It addresses challenges in service and resource provisioning and proposes declarative provisioning as a solution, emphasizing automation and policy enforcement. The session features expert speakers and highlights the benefits of a unified GitOps approach for Kubernetes and cloud environments.

Technology
In this document
Powered by AI

Overview of the presentation's focus on security in application delivery and introductions of key speakers.

Identifies challenges in development caused by slow service provisioning and management, proposes GitOps solutions.

Describes features of Weave GitOps Enterprise and Upbound, emphasizing declarative and auditable provisioning.

Explains GitOps as the unifying model for deployment, monitoring, and management using Kubernetes.

Discusses GitOps use cases focusing on automation, developer productivity, and compliance.

Introduction of Weave GitOps PaC with a curated policy library and automatic remediation throughout SDLC.

Highlights achievements in production and the growth of Upbound, emphasizing a streamlined approach to infrastructure management.

Discusses re-platforming in enterprises, focusing on standardizing Kubernetes and Crossplane for better security and control.

Step-by-step demonstration of configuring and managing clusters using Weaveworks GitOps and UXP.

Final Q&A, links to resources including whitepapers, and steps for engagement with UXP and GitOps services.

Embed presentation

Download as PDF, PPTX
Confidential do not distribute Successfully Shift Left Security in Application Delivery with Weave GitOps Enterprise and Upbound’s Universal Crossplane In partnership with:
2 Webinar Platform - FAQs Using Zoom • You are in listen only mode • This webinar is being recorded • Q&A session will follow the presentation, please use the Q&A panel to submit questions • Hit escape to exit full screen • Slides and recording will be shared after the webinar Technical Issues - please visit Zoom Help https://support.zoom.us/hc/en-us/articles/206175806-Top-Questions
3 Dan Mangum Principal Software Engineer, Upbound Dan Mangum is a Principal Software Engineer at Upbound and a maintainer of the Crossplane project. In addition to his work in the Crossplane community, Dan has held technical leadership roles in the upstream Kubernetes community. Paul Curtis Principal Solutions Architect, Weaveworks Paul started as a developer working in financial institutions. Paul proceeded to take on technical account management at Netscape & Sun, along with system and dev operations at start ups. Paul now provides field enablement and engineering in the big data world. Speaker introductions
Confidential do not distribute 4 The problem: ● Service and resource provisioning slows development ● Resources are spread between different environments (Kubernetes, VMs, Provider Services) ● Managing current state, recovery, and rollbacks is difficult The solution: ● Declarative and auditable provisioning across all resources ● Application and resource lifecycle management with GitOps ● Policy enforcement across all resources Shifting Security Left in Application Delivery
Confidential do not distribute 5 Weave GitOps Enterprise with Upbound demo Weave GitOps Enterprise ● Policy guardrails for every declarative action ● Declarative deployment of applications and deployment pipelines across multiple clusters ● Declarative provisioning of Kubernetes clusters and bootstrapping services Upbound ● All the benefits of GitOps across any resource ● Declarative, audited, and observable ● Lifecycle management of resources external to Kubernetes
Confidential do not distribute Weaveworks is backed by solid investors Weaveworks is a key partner with all the major infrastructure and Kubernetes vendors Weaveworks: the GitOps company Weaveworks is deeply committed to the Open Source Community
Confidential do not distribute 7 Test IDE Build GitOps – An Operating Model for Cloud Native Unifying Deployment, Monitoring and Management. Git as the single source of truth of a system’s desired state ALL intended operations are committed by pull request ALL diffs between intended and observed state with automatic convergence ALL changes are observable, verifiable and auditable Kubernetes GitOps Continuous Integration GIT “Immutability Firewall” Deployment (clusters, apps) Monitoring Logging (Observability) Management (operations)
Confidential do not distribute 8 Continuous Application Delivery - use GitOps to deploy and operate applications. Automation increases deployment velocity and developer productivity. Weave GitOps - Use Cases Kubernetes Everywhere - in the cloud or the datacenter Kubernetes is a universal platform that’s easy to manage with GitOps. DevOps Automation - Lifecycle management of the entire platform. All clusters and services, using automation and policy. 1 4 2 5 3 6 Self-Service Platforms - a complete platform giving developers autonomy while ensuring consistency and manageability. Trusted Delivery - shift policy and security left - governance, risk, and compliance are non-negotiable. Progressive Delivery - deploy services across many environments and regions reliably using GitOps
9 ● Built on OPA standard - Rego ● Curated library of 100+ policies ● SOC II, PCI-DSS, GDPR, HIPAA, MITRE ATTACK ● Security, resilience and coding standards ● Validation throughout SDLC ○ Commit, Pull Request ○ Build ○ Deploy ○ Runtime ● Automatic remediation via pull request Weave GitOps PaC
Control Plane Revolution 11 🔥 3,000+ Companies in Production 🔥 7,000+ Slack channel members 🔥 6,000+ GitHub stars 🔥 40M+ Pulls on Docker Hub 🔥 Open Source and CNCF project Scripting • Legacy • Imperative Configuration Infrastructure As Code (Terraform, Ansible, Chef) • Declarative Configuration • Configuration Management • Provisioning Management • Sprawling Complexity Control Planes The Crossplane Revolution • Compliment IaC • Declarative API • Self-Service • Full Automation 2020s 1990s Who is
● Founders of ● Growing 700% YoY ● Commercial, Open-Core Company ○ Ease-of-Use: UX, Marketplace ○ Enterprise-Grade: Scalable, Secure, Controlled ○ Solution-Agnostic: Any cloud, Any environment, Any service ● Complement, rather than compete Who is
Why Now Enterprises are Re-Platforming - Again! Security Cost Multiple Vendors Developer Productivity Standardization Enforcing best-practices and controls consistently across the entire organization Future Proofing
Standardizing on Kubernetes API Abstractions Interfaces Control Plane Infrastructure
Standardizing on Kubernetes + Crossplane API Abstractions Interfaces Control Plane A B Infrastructure
Standardizing on Crossplane Interfaces API Abstractions Control Plane A B C D Infrastructure
Standardizing Existing Processes Interfaces API Abstractions Infrastructure Control Plane A B C D IaC Vendors
An Extension of Kubernetes Uniform Declarative Metadata Asynchronous Controllers Authorization Policy Admission Control Audit Logging Composition - Low Code Controllers External Naming and Identity Cross Resource References Connection Secrets Package Manager KRM XRM
19 Confidential do not distribute Demo Architecture
1. Configure management cluster with UXP and the Crossplane package for Discourse on AWS 2. Create a pull request to a repository added as a Weaveworks GitOps source 3. Observe policy violation 4. Fix policy violation 5. Weaveworks GitOps syncs manifest to cluster 6. UXP provisions infrastructure and application, providing the necessary connection data
21 Confidential do not distribute Questions? (Please use the Q&A panel in your Zoom menu)
22 Whitepaper: Shifting Security Left with GitOps and Trusted Delivery https://bit.ly/3MvzXgQ Learn more about Weave GitOps www.weave.works/enterprise Request a personal demo www.weave.works/contact Thank You
Next Steps Sign Up Create a Free Account Learn More About UXP Universal Crossplane Visit the Marketplace https://marketplace.upbound.io

More Related Content

PPTX
Docker Ecosystem on Azure
byPatrick Chanezon
 
PDF
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
byBrian Grant
 
PDF
Gitops: the kubernetes way
bysparkfabrik
 
PDF
Gitlab, GitOps & ArgoCD
byHaggai Philip Zagury
 
PPTX
Azure kubernetes service (aks)
byAkash Agrawal
 
PDF
Pave the Golden Path On Your Internal Platform
byMauricio (Salaboy) Salatino
 
PDF
Kubernetes 101
byCrevise Technologies
 
PDF
CD using ArgoCD(KnolX).pdf
byKnoldus Inc.
 
Docker Ecosystem on Azure
byPatrick Chanezon
 
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
byBrian Grant
 
Gitops: the kubernetes way
bysparkfabrik
 
Gitlab, GitOps & ArgoCD
byHaggai Philip Zagury
 
Azure kubernetes service (aks)
byAkash Agrawal
 
Pave the Golden Path On Your Internal Platform
byMauricio (Salaboy) Salatino
 
Kubernetes 101
byCrevise Technologies
 
CD using ArgoCD(KnolX).pdf
byKnoldus Inc.
 

What's hot

PPTX
Using Azure DevOps to continuously build, test, and deploy containerized appl...
byAdrian Todorov
 
PDF
The Power of GitOps with Flux & GitOps Toolkit
byWeaveworks
 
PDF
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
byEdureka!
 
PPSX
Microservices Docker Kubernetes Istio Kanban DevOps SRE
byAraf Karsh Hamid
 
PPTX
Kubernetes Networking 101
byWeaveworks
 
PPTX
Azure dev ops
bySwaminathan Vetri
 
PDF
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
bySlideTeam
 
PDF
GitOps 101 Presentation.pdf
byssuser31375f
 
PDF
Kubernetes Basics
byEueung Mulyana
 
PDF
GitOps - Operation By Pull Request
byKasper Nissen
 
PDF
Introduction of Kubernetes - Trang Nguyen
byTrang Nguyen
 
PPTX
Introduction to kubernetes
byRishabh Indoria
 
PPSX
CI-CD Jenkins, GitHub Actions, Tekton
byAraf Karsh Hamid
 
PDF
Kubernetes - A Comprehensive Overview
byBob Killen
 
PPTX
Kubernetes 101 for Beginners
byOktay Esgul
 
PDF
Platform Engineering
byOpsta
 
PPTX
Kubernetes Workshop
byloodse
 
PPTX
How to Get Started with DevSecOps
byCYBRIC
 
PDF
[GitOps] Argo CD on GKE (v0.9.2).pdf
byJo Hoon
 
PDF
FOSDEM 2017: GitLab CI
byOlinData
 
Using Azure DevOps to continuously build, test, and deploy containerized appl...
byAdrian Todorov
 
The Power of GitOps with Flux & GitOps Toolkit
byWeaveworks
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
byEdureka!
 
Microservices Docker Kubernetes Istio Kanban DevOps SRE
byAraf Karsh Hamid
 
Kubernetes Networking 101
byWeaveworks
 
Azure dev ops
bySwaminathan Vetri
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
bySlideTeam
 
GitOps 101 Presentation.pdf
byssuser31375f
 
Kubernetes Basics
byEueung Mulyana
 
GitOps - Operation By Pull Request
byKasper Nissen
 
Introduction of Kubernetes - Trang Nguyen
byTrang Nguyen
 
Introduction to kubernetes
byRishabh Indoria
 
CI-CD Jenkins, GitHub Actions, Tekton
byAraf Karsh Hamid
 
Kubernetes - A Comprehensive Overview
byBob Killen
 
Kubernetes 101 for Beginners
byOktay Esgul
 
Platform Engineering
byOpsta
 
Kubernetes Workshop
byloodse
 
How to Get Started with DevSecOps
byCYBRIC
 
[GitOps] Argo CD on GKE (v0.9.2).pdf
byJo Hoon
 
FOSDEM 2017: GitLab CI
byOlinData
 

Similar to Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossplane

PDF
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
byWeaveworks
 
PDF
DX, Guardrails, Golden Paths & Policy in Kubernetes
byWeaveworks
 
PDF
Free GitOps Workshop
byWeaveworks
 
PDF
Weave GitOps - continuous delivery for any Kubernetes
byWeaveworks
 
PDF
Speeding up your team with GitOps
byBrice Fernandes
 
PPTX
Cloud Native Apps with GitOps
byWeaveworks
 
PDF
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
byWeaveworks
 
PDF
Observe and command your fleets across any kubernetes with weave git ops
byWeaveworks
 
PDF
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
byWeaveworks
 
PDF
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
byWeaveworks
 
PDF
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
byWeaveworks
 
PDF
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
byWeaveworks
 
PDF
Delivering Quality at Speed with GitOps
byWeaveworks
 
PDF
Weave GitOps 2023.04 Release: Optimizing Developer Productivity & Experience ...
byCezzaineZaher1
 
PDF
Intro to GitOps with Weave GitOps, Flagger and Linkerd
byWeaveworks
 
PDF
Simplifying Hybrid EKS
byWeaveworks
 
PDF
PDF GitOps Cookbook (Third Early Release) Natale Vinto download
byxamysakuchuk
 
PDF
Intro to Kubernetes & GitOps Workshop
byWeaveworks
 
PDF
Weave GitOps Core Overview (Free GitOps Workshop)
byWeaveworks
 
PDF
Cloud Native Engineering with SRE and GitOps
byWeaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
byWeaveworks
 
DX, Guardrails, Golden Paths & Policy in Kubernetes
byWeaveworks
 
Free GitOps Workshop
byWeaveworks
 
Weave GitOps - continuous delivery for any Kubernetes
byWeaveworks
 
Speeding up your team with GitOps
byBrice Fernandes
 
Cloud Native Apps with GitOps
byWeaveworks
 
Achieve Data & Operational Sovereignty: Managing Hybrid & Edge EKS Deployment...
byWeaveworks
 
Observe and command your fleets across any kubernetes with weave git ops
byWeaveworks
 
Overcoming Regulatory & Compliance Hurdles with Hybrid Cloud EKS and Weave Gi...
byWeaveworks
 
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
byWeaveworks
 
Webinar: Capabilities, Confidence and Community – What Flux GA Means for You
byWeaveworks
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
byWeaveworks
 
Delivering Quality at Speed with GitOps
byWeaveworks
 
Weave GitOps 2023.04 Release: Optimizing Developer Productivity & Experience ...
byCezzaineZaher1
 
Intro to GitOps with Weave GitOps, Flagger and Linkerd
byWeaveworks
 
Simplifying Hybrid EKS
byWeaveworks
 
PDF GitOps Cookbook (Third Early Release) Natale Vinto download
byxamysakuchuk
 
Intro to Kubernetes & GitOps Workshop
byWeaveworks
 
Weave GitOps Core Overview (Free GitOps Workshop)
byWeaveworks
 
Cloud Native Engineering with SRE and GitOps
byWeaveworks
 

More from Weaveworks

PDF
Weave AI Controllers (Weave GitOps Office Hours)
byWeaveworks
 
PDF
Flamingo: Expand ArgoCD with Flux (Office Hours)
byWeaveworks
 
PDF
Six Signs You Need Platform Engineering
byWeaveworks
 
PDF
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
byWeaveworks
 
PDF
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
byWeaveworks
 
PDF
Flux Beyond Git Harnessing the Power of OCI
byWeaveworks
 
PDF
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
byWeaveworks
 
PDF
How to Avoid Kubernetes Multi-tenancy Catastrophes
byWeaveworks
 
PDF
Building internal developer platform with EKS and GitOps
byWeaveworks
 
PDF
GitOps Testing in Kubernetes with Flux and Testkube.pdf
byWeaveworks
 
PDF
Implementing Flux for Scale with Soft Multi-tenancy
byWeaveworks
 
PDF
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
byWeaveworks
 
PDF
The Story of Flux Reaching Graduation in the CNCF
byWeaveworks
 
PDF
Flux’s Security & Scalability with OCI & Helm Slides.pdf
byWeaveworks
 
PDF
Flux Security & Scalability using VS Code GitOps Extension
byWeaveworks
 
PDF
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
byWeaveworks
 
PDF
Robust Network Security and Observability with GitOps and Cilium
byWeaveworks
 
PDF
Intro to GitOps & Flux.pdf
byWeaveworks
 
PDF
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
byWeaveworks
 
PDF
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
byWeaveworks
 
Weave AI Controllers (Weave GitOps Office Hours)
byWeaveworks
 
Flamingo: Expand ArgoCD with Flux (Office Hours)
byWeaveworks
 
Six Signs You Need Platform Engineering
byWeaveworks
 
SRE and GitOps for Building Robust Kubernetes Platforms.pdf
byWeaveworks
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
byWeaveworks
 
Flux Beyond Git Harnessing the Power of OCI
byWeaveworks
 
Automated Provisioning, Management & Cost Control for Kubernetes Clusters
byWeaveworks
 
How to Avoid Kubernetes Multi-tenancy Catastrophes
byWeaveworks
 
Building internal developer platform with EKS and GitOps
byWeaveworks
 
GitOps Testing in Kubernetes with Flux and Testkube.pdf
byWeaveworks
 
Implementing Flux for Scale with Soft Multi-tenancy
byWeaveworks
 
Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS
byWeaveworks
 
The Story of Flux Reaching Graduation in the CNCF
byWeaveworks
 
Flux’s Security & Scalability with OCI & Helm Slides.pdf
byWeaveworks
 
Flux Security & Scalability using VS Code GitOps Extension
byWeaveworks
 
Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps
byWeaveworks
 
Robust Network Security and Observability with GitOps and Cilium
byWeaveworks
 
Intro to GitOps & Flux.pdf
byWeaveworks
 
Simplifying Hybrid Kubernetes with Weaveworks and EKS.pdf
byWeaveworks
 
Building a Security First Approach Across Hybrid Cloud with GitOps and Policy...
byWeaveworks
 

Recently uploaded

PDF
Accessibility & Inclusion: What Comes Next. Presentation of the Digital Acces...
byAssociazione Digital Days
 
PDF
Mulesoft Meetup Online Portuguese: MCP e IA
byPedro Baroni
 
PDF
How Much Does It Cost To Build Software
bycollinmishell2
 
PDF
How Much Does It Cost to Build an eCommerce Website in 2025.pdf
byPixlogix Infotech
 
PDF
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
PDF
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
PDF
10 Best Automation QA Testing Software Tools in 2025.pdf
byRohitBhandari66
 
PDF
Cybersecurity Prevention and Detection: Unit 3
byVICTOR MAESTRE RAMIREZ
 
PPTX
4_ii_Analysis of Indeterminate Structures (Slope-Deflection Method).pptx
byrohitpatel130020
 
PDF
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
PDF
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
PPTX
Leon Brands - Methodical GPU Profiling (Graphics Programming Conference 2025)
byleonbrands1998
 
PDF
[BDD 2025 - Full-Stack Development] PHP in AI Age: The Laravel Way. (Rizqy Hi...
byWintari Yasmin
 
PDF
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
PDF
[DevFest Strasbourg 2025] - NodeJs Can do that !!
bymoassiongbon
 
PPTX
Connecting the unconnectable: Exploring LoRaWAN for IoT
byasasiraarthur
 
PDF
Parallel Computing BCS702 Module notes of the vtu college 7th sem 4.pdf
byMatheshVishnu
 
PPTX
Penetration Testing: Enhancing Cyber Defenses Through Realistic Attack Simula...
bySentry Cyber
 
PPTX
UFCD 0797 - SISTEMAS OPERATIVOS_Unidade Completa.pptx
byscribddobruno
 
PDF
ODSC AI West: Agent Optimization: Beyond Context engineering
byShashikant Jagtap
 
Accessibility & Inclusion: What Comes Next. Presentation of the Digital Acces...
byAssociazione Digital Days
 
Mulesoft Meetup Online Portuguese: MCP e IA
byPedro Baroni
 
How Much Does It Cost To Build Software
bycollinmishell2
 
How Much Does It Cost to Build an eCommerce Website in 2025.pdf
byPixlogix Infotech
 
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
10 Best Automation QA Testing Software Tools in 2025.pdf
byRohitBhandari66
 
Cybersecurity Prevention and Detection: Unit 3
byVICTOR MAESTRE RAMIREZ
 
4_ii_Analysis of Indeterminate Structures (Slope-Deflection Method).pptx
byrohitpatel130020
 
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
Leon Brands - Methodical GPU Profiling (Graphics Programming Conference 2025)
byleonbrands1998
 
[BDD 2025 - Full-Stack Development] PHP in AI Age: The Laravel Way. (Rizqy Hi...
byWintari Yasmin
 
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
[DevFest Strasbourg 2025] - NodeJs Can do that !!
bymoassiongbon
 
Connecting the unconnectable: Exploring LoRaWAN for IoT
byasasiraarthur
 
Parallel Computing BCS702 Module notes of the vtu college 7th sem 4.pdf
byMatheshVishnu
 
Penetration Testing: Enhancing Cyber Defenses Through Realistic Attack Simula...
bySentry Cyber
 
UFCD 0797 - SISTEMAS OPERATIVOS_Unidade Completa.pptx
byscribddobruno
 
ODSC AI West: Agent Optimization: Beyond Context engineering
byShashikant Jagtap
 

Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossplane

  • 1.
    Confidential do notdistribute Successfully Shift Left Security in Application Delivery with Weave GitOps Enterprise and Upbound’s Universal Crossplane In partnership with:
  • 2.
    2 Webinar Platform -FAQs Using Zoom • You are in listen only mode • This webinar is being recorded • Q&A session will follow the presentation, please use the Q&A panel to submit questions • Hit escape to exit full screen • Slides and recording will be shared after the webinar Technical Issues - please visit Zoom Help https://support.zoom.us/hc/en-us/articles/206175806-Top-Questions
  • 3.
    3 Dan Mangum Principal SoftwareEngineer, Upbound Dan Mangum is a Principal Software Engineer at Upbound and a maintainer of the Crossplane project. In addition to his work in the Crossplane community, Dan has held technical leadership roles in the upstream Kubernetes community. Paul Curtis Principal Solutions Architect, Weaveworks Paul started as a developer working in financial institutions. Paul proceeded to take on technical account management at Netscape & Sun, along with system and dev operations at start ups. Paul now provides field enablement and engineering in the big data world. Speaker introductions
  • 4.
    Confidential do notdistribute 4 The problem: ● Service and resource provisioning slows development ● Resources are spread between different environments (Kubernetes, VMs, Provider Services) ● Managing current state, recovery, and rollbacks is difficult The solution: ● Declarative and auditable provisioning across all resources ● Application and resource lifecycle management with GitOps ● Policy enforcement across all resources Shifting Security Left in Application Delivery
  • 5.
    Confidential do notdistribute 5 Weave GitOps Enterprise with Upbound demo Weave GitOps Enterprise ● Policy guardrails for every declarative action ● Declarative deployment of applications and deployment pipelines across multiple clusters ● Declarative provisioning of Kubernetes clusters and bootstrapping services Upbound ● All the benefits of GitOps across any resource ● Declarative, audited, and observable ● Lifecycle management of resources external to Kubernetes
  • 6.
    Confidential do notdistribute Weaveworks is backed by solid investors Weaveworks is a key partner with all the major infrastructure and Kubernetes vendors Weaveworks: the GitOps company Weaveworks is deeply committed to the Open Source Community
  • 7.
    Confidential do notdistribute 7 Test IDE Build GitOps – An Operating Model for Cloud Native Unifying Deployment, Monitoring and Management. Git as the single source of truth of a system’s desired state ALL intended operations are committed by pull request ALL diffs between intended and observed state with automatic convergence ALL changes are observable, verifiable and auditable Kubernetes GitOps Continuous Integration GIT “Immutability Firewall” Deployment (clusters, apps) Monitoring Logging (Observability) Management (operations)
  • 8.
    Confidential do notdistribute 8 Continuous Application Delivery - use GitOps to deploy and operate applications. Automation increases deployment velocity and developer productivity. Weave GitOps - Use Cases Kubernetes Everywhere - in the cloud or the datacenter Kubernetes is a universal platform that’s easy to manage with GitOps. DevOps Automation - Lifecycle management of the entire platform. All clusters and services, using automation and policy. 1 4 2 5 3 6 Self-Service Platforms - a complete platform giving developers autonomy while ensuring consistency and manageability. Trusted Delivery - shift policy and security left - governance, risk, and compliance are non-negotiable. Progressive Delivery - deploy services across many environments and regions reliably using GitOps
  • 9.
    9 ● Built onOPA standard - Rego ● Curated library of 100+ policies ● SOC II, PCI-DSS, GDPR, HIPAA, MITRE ATTACK ● Security, resilience and coding standards ● Validation throughout SDLC ○ Commit, Pull Request ○ Build ○ Deploy ○ Runtime ● Automatic remediation via pull request Weave GitOps PaC
  • 11.
    Control Plane Revolution 11 🔥3,000+ Companies in Production 🔥 7,000+ Slack channel members 🔥 6,000+ GitHub stars 🔥 40M+ Pulls on Docker Hub 🔥 Open Source and CNCF project Scripting • Legacy • Imperative Configuration Infrastructure As Code (Terraform, Ansible, Chef) • Declarative Configuration • Configuration Management • Provisioning Management • Sprawling Complexity Control Planes The Crossplane Revolution • Compliment IaC • Declarative API • Self-Service • Full Automation 2020s 1990s Who is
  • 12.
    ● Founders of ●Growing 700% YoY ● Commercial, Open-Core Company ○ Ease-of-Use: UX, Marketplace ○ Enterprise-Grade: Scalable, Secure, Controlled ○ Solution-Agnostic: Any cloud, Any environment, Any service ● Complement, rather than compete Who is
  • 13.
    Why Now Enterprises areRe-Platforming - Again! Security Cost Multiple Vendors Developer Productivity Standardization Enforcing best-practices and controls consistently across the entire organization Future Proofing
  • 14.
  • 15.
    Standardizing on Kubernetes+ Crossplane API Abstractions Interfaces Control Plane A B Infrastructure
  • 16.
    Standardizing on Crossplane InterfacesAPI Abstractions Control Plane A B C D Infrastructure
  • 17.
    Standardizing Existing Processes InterfacesAPI Abstractions Infrastructure Control Plane A B C D IaC Vendors
  • 18.
    An Extension ofKubernetes Uniform Declarative Metadata Asynchronous Controllers Authorization Policy Admission Control Audit Logging Composition - Low Code Controllers External Naming and Identity Cross Resource References Connection Secrets Package Manager KRM XRM
  • 19.
    19 Confidential do notdistribute Demo Architecture
  • 20.
    1. Configure managementcluster with UXP and the Crossplane package for Discourse on AWS 2. Create a pull request to a repository added as a Weaveworks GitOps source 3. Observe policy violation 4. Fix policy violation 5. Weaveworks GitOps syncs manifest to cluster 6. UXP provisions infrastructure and application, providing the necessary connection data
  • 21.
    21 Confidential do notdistribute Questions? (Please use the Q&A panel in your Zoom menu)
  • 22.
    22 Whitepaper: Shifting SecurityLeft with GitOps and Trusted Delivery https://bit.ly/3MvzXgQ Learn more about Weave GitOps www.weave.works/enterprise Request a personal demo www.weave.works/contact Thank You
  • 23.
    Next Steps Sign Up Createa Free Account Learn More About UXP Universal Crossplane Visit the Marketplace https://marketplace.upbound.io