The presentation discusses the challenges faced in building a Kubernetes-based platform using Argo workflows and events, and the solutions implemented to achieve the goal of a portable platform that can be deployed anywhere.
- The platform being built is a synthetic environment platform for the defense industry that can simulate movements across multiple domains.
- The platform needed to be deployed on any Kubernetes service, including air-gapped facilities, and be infrastructure agnostic.
- Kubernetes and Google Kubernetes Engine were chosen as the orchestrator cluster, with Kubernetes CRDs used for versioning.
- Namespace separation with RBAC was used for customer projects, and a dedicated REST API was built to abstract the Kubernetes and infrastructure layer.
- The presentation covers best practices for building a cloud-native platform to work across multi-cloud environments, rejecting the typical CI/CD model in favor of a custom solution, isolating workflows in multi-tenanted environments, running Terraform in Argo, and managing highly scalable cluster configurations.
The platform needed to be deployed in various environments, including military contexts with zero internet connectivity. This posed challenges such as not being able to pull containers down, which required finding alternative deployment methods such as using USB sticks. The team also had to consider access control and limited access to only the necessary components.