Best practices for running CI/CD on Kubernetes

This blog discusses best practices for running CI/CD workloads on Kubernetes, focusing on security, observability, frugality, and flexibility concerns. Security measures include implementing role-based access controls and restricting service communication to prevent privilege escalation. Observability is crucial for understanding trends and patterns over time, as well as identifying performance issues. Frugality involves managing costs by separating clusters for build, test, and deploy, using spot instances or different instance sizes, and setting resource limits on CPU and memory. Finally, flexibility allows for rethinking CI/CD workloads and leveraging open-source tools like Kustomize, Helm, and Flagger to customize the cluster and deployment techniques.