Introduction to GitOps Tools, Best Practices and Benefits

October 27, 2018 

Introduction to GitOps Tools, Best Practices and Benefits

What is GitOps?

GitOps is a method used for Continuous Delivery. It uses Git as a single source of truth for infrastructures like declarative infrastructure and the applications. On Git, set delivery pipelines, make pull requests, accelerate and simplify both the application deployments and the operations task to Kubernetes. By using Git, create new features in the Applications rather than focusing on operations tasks.

  • Code - We can write our application code and push it to Git.
  • Build (Pipeline as Code) - Build pipeline code(yaml) in Git to build code using CI tools.
  • Provision (Infrastructure as Code) - Write a terraform file or Ansible playbook in Git to provision a Kubernetes cluster.
  • Deploy - Write a deployment manifest for Kubernetes or on the basis of the application.

GIT

  • Distributed Version Control System
  • Manage Source Code
  • Any Text file tracked
  • Collaboration

Ops

  • Configure,build,test,deploy
  • CI/CD
  • Monitor, fix
  • Upgrades
  • Rollbacks
  • Automation

GitOps

  • Ops practices using Git
  • Use Git as a source of truth
  • Drive operations through git repo
  • Get version control, history, peer review and rollback
  • Continuous Delivery- Automates pipelines
  • Webhooks: push to trigger build/test
  • PR's & merge branch to deploy

GitOps Pattern

  • CI build artifacts
  • Updates Config (in a git repo)
  • Trigger Rollout(PR merge/commit)
  • Observe
  • Control

Git Source of Truth

  • Infrastructure as Code - Terraform, CloudFormation.
  • System Configuration as Code - Ansible, Chef, Puppet.
  • Application Configuration as Code - Kubernetes, Hasura.
  • Application Source Code

How GitOps Works?

The deploy component divided into two parts: one is a Flux Automator used to observe new builds and update configurations on the new release, and second Flux synchronizer to ensure that orchestrator is in the correct state.

Workflow for the new creation or updating of a new feature -

  • First, make a pull request for a new feature pushed to GitHub.
  • Go for the code review and merge to Git.
  • Then Git automatically merge the triggers, the process of CI and builds the pipeline, runs tests and then builds a new image and deposits to a registry.
  • The Deployment Automator checks the image registry, reviews the image, and then it pulls the new image from the registry and updates the YAML file of that project in the config repo.
  • The Deployment Synchronizer installed to the cluster and detects that the cluster is out of date.Then It pulls the changes in the manifests from the config repo and then deploys the new feature to production.

Benefits of GitOps

Fast development

GitOps manages all the updates and features of the Kubernetes more rapidly. By continuously pushing features to updates making businesses more Agile and respond quickly to the customer as per the demands.

Better Ops

GitOps have the complete pipeline. Continuous Integration and Continuous Deployment pipelines driven by pull request and operations tasks fully reproducible with the help of the Git.

Stronger security guarantees

Git backed with the strong cryptography to manage changes in it, ability to sign amendments to prove author and origin key of the desired state of the cluster. If the immutable and auditable source of truth recreates a new system independently of the compromised then it reduces downtime with a much better incident response.

Why GitOps Matters?

Git is a tool to support the various project and team setups by coordinating the workflow of projects. Git is a tool set up on different Operating Systems at the same time without thinking about the Operating System used while working on large projects.

GitOps uses single tool and interface to control infrastructure. It provides version control for all of the changes done in configuration. Moreover handy for rolling back changes and auditing purposes. It also detects changes and generates automatic alerts. No need to learn a new tool to manage infrastructure. It is an Open Source system used by a large community.


How to Adopt GitOps?

  • Create a new Repository.
  • Create a new directory, open it and perform a "git init" to create a new git repository.
  • Checkout Repository.
  • Create a working copy of a Local repository by running the command "git clone /path to the directory.
  • While using a remote server, enter Username and Password.
  • Create Required Files as per the requirements of the Application.
  • Then by using "git add " add those files on the Repository at Login.
  • After Adding files do the commit by using this command "git commit -m "Commit message."
  • Changes done on local working, now copy to send those changes to the remote repository, execute "git push origin , approve code review and merge to Git.
  • After Code pushed on Git Repository, then the CI pipeline automatically starts and runs tests.
  • Then build new Image saved in Registry Like Docker Hub.
  • Git automatically merges, triggers the process of CI and builds the pipeline, and runs tests, builds a new image and deposits to a registry.
  • The Deployment Automator checks the image registry, reviews the image, and then it pulls the new image from the registry and updates the YAML file of that project in the configuration repo.
  • The Deployment Synchronizer installed to the cluster and detects that the cluster is out of date. It pulls the changes in the manifests from the configuration repository and then deploys the new feature to production.

Best Practices of GitOps

  • Declarative Infrastructure as Code.
  • Immutable deployment.
  • Code & config version controlled.
  • Rollback functionality.
  • Operational changes made by Pull Request; don't let CI push updates into the Kubernetes cluster or use kubectl by hand.
  • Build each container image just once and 'promote' it through each test sequence/environment, do not rebuild each time. Must update declarative configuration changes in Git.
  • Monitorable & observable services & infrastructure.
  • Different tools detect/alert divergence.
  • Sync tools enable convergence.
  • Completely automated delivery pipeline.

Key GitOps Tools