UDS Bundles
What is a UDS Bundle?
A UDS Bundle is a collection of capabilities designed to facilitate the delivery of software solutions for specific
missions or software delivery processes. Each bundle serves as a collection of capabilities grouped together to enable
a particular aspect of the mission’s objectives. With UDS Bundles, teams can efficiently adapt to the unique
requirements of each mission without sacrificing the reliability and security of the software delivery process.
UDS Bundles enable:
- A structured and repeatable approach for delivering software solutions tailored to diverse mission needs. Each bundle serves as a collection of capabilities, facilitating the delivery of software solutions for specific mission objectives.
- Efficient adaptability to the unique requirements of each mission without compromising the reliability and security of the software delivery process.
- Secure and consistent software delivery by bundling tools and configurations required for specific mission capabilities, ensuring a standardized and reusable approach.
Benefits of UDS Bundles
Consistency: UDS Bundles provide a standardized approach to software delivery, ensuring consistency across different
missions and environments.
Reusability: The modular nature of UDS Bundles allows for the reuse of capabilities, saving time and effort in
software delivery.
Security and Compliance: By incorporating controls and documented configurations, UDS Bundles promote secure and
compliant software deployments.
Scalability: UDS Bundles can be adapted and extended to accommodate different mission requirements and environments.
Key Features
Modularity and Reusability
UDS Bundles are designed to be modular and reusable, allowing teams to combine different bundles as
needed to meet the specific requirements of their missions or projects. By leveraging pre-defined capabilities and
tools, UDS Bundles provide a standardized and consistent approach to software delivery.
Composition of UDS Bundles
Each UDS Bundle is composed of a set of capabilities, where each capability is achieved by selecting specific tools or
functional components to perform the required functions. This composition ensures that essential functionalities and
configurations are encapsulated within the bundle, making it easier to deploy and operate the software solutions.
UDS Core Bundle
The UDS Core Bundle holds a significant role within the UDS architecture. It serves as the foundational bundle that must
be delivered before deploying any other optional bundles or mission capabilities. The UDS Core Bundle establishes
the basic architecture and secure runtime environment needed for successful software delivery using UDS.
Versatility of UDS Bundles
UDS Bundles are versatile and can be shared and deployed across different environments, enabling consistent and
reliable results in various scenarios. This adaptability makes UDS Bundles suitable for diverse mission needs and environments.
Security and Compliance
UDS Bundles incorporate OSCAL (Open Security Controls Assessment Language) validation capabilities to ensure compliance with security standards during the deployment process. OSCAL validation scans the configuration settings, access controls, and network policies of the cloud environment to identify any deviations from the expected security baselines. Any non-compliant configurations are flagged, allowing users to promptly address and remediate potential security risks. Each UDS Bundle comes with a comprehensive document outlining all the controls available for applications running
within the bundle. These controls encompass a range of functionalities, including security measures and configuration
requirements. The documentation ensures the proper configuration of applications and facilitates the inheritance of
controls within the UDS Bundle.
1 -
Tutorials
Sample Application with UDS Core
This tutorial uses UDS CLI to deploy an example application, podinfo, on top of UDS Core as a UDS Bundle.
Prerequisites
Quickstart
To begin, a Zarf Package needs to be created for podinfo
. See the Zarf documentation for in-depth information on how to create a Zarf Package, or simply use the information provided below.
Make a Directory
Make a new directory for this package using the following command:
Create the following zarf.yaml
in the new directory:
kind: ZarfPackageConfig
metadata:
name: podinfo
version: 0.0.1
components:
- name: podinfo
required: true
charts:
- name: podinfo
version: 6.4.0
namespace: podinfo
url: https://github.com/stefanprodan/podinfo.git
gitPath: charts/podinfo
images:
- ghcr.io/stefanprodan/podinfo:6.4.0
actions:
onDeploy:
after:
- wait:
cluster:
kind: deployment
name: podinfo
namespace: podinfo
condition: available
Create the Zarf Package
Run the following command in the same directory as the above zarf.yaml
. This will create a Zarf Package named zarf-package-podinfo-amd64-0.0.1.tar.zst
:
zarf package create --confirm
Create the UDS Bundle
Create the UDS Bundle in the same directory as the package
directory. The following bundle includes:
- k3d cluster:
uds-k3d
. - Zarf init package:
init
. - UDS Core:
core
. - Locally built example application:
podinfo
.
Create the following uds-bundle.yaml
:
kind: UDSBundle
metadata:
name: podinfo-bundle
description: Bundle with k3d, Zarf init, UDS Core, and podinfo.
architecture: amd64
version: 0.0.1
packages:
- name: uds-k3d
repository: ghcr.io/defenseunicorns/packages/uds-k3d
ref: 0.3.1
overrides:
uds-dev-stack:
minio:
variables:
- name: buckets
description: "Set Minio Buckets"
path: buckets
- name: svcaccts
description: "Minio Service Accounts"
path: svcaccts
- name: users
description: "Minio Users"
path: users
- name: policies
description: "Minio policies"
path: policies
- name: init
repository: oci://ghcr.io/defenseunicorns/packages/init
ref: v0.32.1
- name: core
repository: oci://ghcr.io/defenseunicorns/packages/uds/core
ref: 0.9.1-upstream
- name: podinfo
path: ./package/
ref: 0.0.1
UDS Bundles can easily be configured to include additional applications and capabilities. For example, if you would like to deploy dos-games instead of podinfo
, in the uds-bundle.yaml
simply replace:
- name: podinfo
path: ./package/
ref: 0.0.1
with:
- name: dos-games
repository: oci://defenseunicorns/dos-games
ref: 1.0.0
Note
Most UDS Packages are published as Zarf Packages in an OCI registry. This makes it easier to pull packages down into a UDS Bundle. If no OCI artifact is published for a certain application or capability, a new zarf.yaml
and Zarf Package must be created. Alternatively, you have the option to publish a Zarf Package to an OCI compliant registry.
Create and Confirm the UDS Bundle
This process will take a few minutes while UDS CLI pulls down the images that will be deployed. This command will produce a UDS Bundle named uds-bundle-podinfo-bundle-amd64-0.0.1.tar.zst
:
Deploy
You can now deploy the bundle to create the k3d cluster in order to deploy UDS Core and podinfo
. This process will take approximately 5 to 10 minutes to complete:
uds deploy uds-bundle-podinfo-bundle-amd64-0.0.1.tar.zst --confirm
Interact with Cluster (Optional)
Once successfully deployed, you have the option interact with the deployed cluster and applications using kubectl or k9s. Please note that the output for your podinfo
pod will likely have a different name:
kubectl get pods -n podinfo
NAME READY STATUS RESTARTS AGE
podinfo-67bf846d65-hrl59 1/1 Running 0 66s
Connect to podinfo
using kubectl port-forward
:
kubectl port-forward pod/<pod_name> <local_port>:9898
Example command using the above sample output from get pods
:
kubectl port-forward pod/podinfo-67bf846d65-hrl59 9898:9898 -n podinfo
You can now use a web browser to naviage to http://localhost:<local_port>
to interact with podinfo
.
Clean up
Execute the following command to clean up your cluster: