Helmholtz Federated IT Services (HIFIS) provides shared IT services in across all fields and centres in the Helmholtz Association. HIFIS is a joint platform in which most of the research centres in the Helmholtz Association collaborate and offer cloud and fundamental backbone services free of charge to scientists in Helmholtz and their partners. Furthermore, HIFIS provides a federated authentication and authorization infrastructure that enables a unified login across all services.
DESY provides several of those cloud services in this Helmholtz Cloud, which include HedgeDoc, JupyterHub, the HIFIS Cloud Portal and more. The Cloud Portal is developed at DESY and provides a central entry point for users to find and access services in the Helmholtz Cloud. These services have been deployed on a shared Kubernetes cluster to ensure availability and scalability. To manage the deployments, a GitOps approach was taken to provide an automated deployment process that facilitates fast rollouts and accountability. This was achieved by using Gitlab and FluxCD to manage the configurations and apply them to the cluster. Additionally, for the Cloud Portal Gitlab pipelines have been developed that automatically deploy completely separated review environments for merge requests that enable full end-to-end tests.
This contribution describes the process to employ this new operational framework and the challenges that had to be overcome as well as organizational agreements taken within the administrating team.
|Consider for long presentation||No|