GitOps establishes Git code repositories as the single source of truth for the declaration of infrastructure code, application code, or configurations. Originally introduced by WeaveWorks to simplify Kubernetes deployments, the GitOps approach has since expanded beyond these boundaries!
GitOps offers several advantages:
- Extension of application development best practices to infrastructure scripting. Each modification must be documented and verified before being validated.
- Historical record of changes through Git, thus improving their traceability, and increasing the granularity of rollbacks. Each commit becomes a snapshot.
- Centralization of deployment methods. The CI/CD tool must be the only one capable of deploying, thus reducing the attack surface and limiting Configuration Drift (the growing gap between the desired and actual configurations due to manual changes)
- And others (harmonization of CI/CD pipelines, simplification of changes when editing configuration files, etc.).
A look at GitOps in practice
GitOps can be implemented in two ways:
The PULL approach: This is the initial approach, a controller monitors and detects possible discrepancies (commonly named drift) between the code repositories and the deployed resources, which it fixes by triggering deployments.
The PUSH approach: this is the simplest and most common strategy, which consists of initiating deployments at each code change. However, such deployments do not necessarily occur as soon as drift is detected. They may be triggered based on an external trigger, during a scheduled deployment, or even manually.
Is GitOps made for everyone?
In the end, GitOps is useful to speed-up your deployments. But it should be implemented well after both your app and infrastructure deployments and configuration are automated! Unless your organization is accepting of all the consequences of « fail-fast » of course 😉
At Wavestone, we’re regularly facing different scenarios that force us to evaluate all options before implementing best-practices. Get in touch with us if you’re wondering about how DevOps culture and practices can speed up your time-to-market!