Let’s say that you’ve successfully scaled your application infrastructure. You’re using DevOps for rapid and collaborative software development, and underlying application infrastructure scales to meet current demand via container orchestration like Kubernetes or HashiCorp Nomad. Writing and deploying new code is going great…until it isn’t–until the application configuration or other components have drifted from alignment, or until a radical need for refactoring becomes present, with no easy way to recreate an environment, or when a rollback to previous state becomes a sink or swim moment, etc.
Automating declarative infrastructure deployment and configuration not only makes it easier to quickly ship code with stunning new features and improvements, but also alleviates the conflicts of drift, and maintains control of the state of the deployment environment. Whereas cloud-native applications are built to run in fluid and dynamic cloud environments, this is where GitOps really shines.
What is GitOps?
GitOps is more than just another buzzword that has pushed its way into the very crowded software development space. GitOps is an operational framework that aims to streamline and automate the deployment and management of applications and infrastructure using Git as the single source of truth. GitOps is rapidly gaining popularity in the cloud-native ecosystem, particularly in Kubernetes-based environments.
The hype around GitOps may sound to some, like a pillowy repackaging of DevOps. And if you already have a solid DevOps culture in place, what does GitOps bring to the table?
GitOps vs. DevOps
DevOps brings a set best practices to the software development lifecycle–including version control, collaboration, compliance, CI/CD, logging and monitoring–for developing and delivering quality applications. GitOps is an operational implementation of these best practices for managing and automating the entire deployment environment.
GitOps leverages a version-controlled git repository as a single source of truth. CD pipelines control the desired, declarative state of your cloud infrastructure, and changes merged into the central repository trigger the mechanisms to enforce that state.
GitOps automates application code deployments and infrastructure management. Adhere to best practices by creating separate repos for your application code, and configs. Updates to the application repo trigger processes with your CI/CD tooling to update the config repo. The config changes are then pushed/pulled to the deployment environment.
A GitOps approach complements the rapidity and flexibility of cloud-native development. Repeatable processes and unified deployment methodologies allow teams to work asynchronously without sacrificing collaboration– this is the key to bringing stable and scalable products to market faster.
Benefits of GitOps
The benefits of using a GitOps approach include:
- Operational efficiency. Automating the testing and deployment of all aspects of your infrastructure greatly reduces the cost and time spent on engineers performing manual and/or repetitive tasks. Teams are able to speed up the development of bug fixes or new features. Less time spent on directly managing infrastructure gives time back to focus on monitoring and optimization.
- Better collaboration: Development, Operations, and DevOps teams all use the same familiar interface (git repositories) and leverage the same procedures for peer review and merging of pull requests. A unified approach to deployment and CI/CD process enables these teams to work together more closely and efficiently, all while adhering to the same best practices.
- Reliability: GitOps automation greatly reduces the risks of and impact of human error since mistakes are caught in the CI testing pipeline before they are deployed into selected environments. Should an incident occur, a major advantage of a version controlled state, is the ability of rapid rollback to a previous stable version.
- Tighter security: In a push-based approach, only the automation tooling needs write access to the environment. In a pull-based approach, the environment just needs read access to the git repository. This greatly reduces the attack surface and eliminates the need for most individuals and/or teams to have any direct access to the environment.
- Compliance and auditing: A git repository as the single interface for all changes makes it easy to programmatically enforce policy as code to ensure that infrastructure continually meets compliance standards. Version control simplifies auditing with a readily available and documented history of the entire repository.
- Automated deployment of multiple environments. Some common and strongly recommended deployment strategies include having separate dev, staging, and production environments, blue/green deployments, multi-cloud and/or multi-region deployments. This can be a cumbersome, time consuming, and error-prone process to do manually. A GitOps approach provides a faster and stable method for deploying these multiple environments.
Want to learn more? Download our Understanding GitOps ebook to understand the essential principles of GitOps and consider your implementation strategy.