In this article, we’ll explore how the GitOps concept makes it easier for developers and operations teams to work together to manage and deploy applications and infrastructure. What benefits can organizations achieve by moving to GitOps? Get ready for a major upheaval in the way you manage your applications and infrastructure. You’ll be rewarded with greater speed, reliability and security in software development and application operations.
We started our mini-series on cloud management with an article on how to patch cloud systems. We followed that up with an article on cloud security and vulnerability scanning, and now we’ll wrap up the series with a description of the end-to-end process that will tie cloud management all together nicely.
Enter GitOps – a modern approach to managing and operating applications and infrastructure that brings a new approach to managing development, deployment and monitoring. It is based on the Everything as Code principle and emphasizes versioning, collaboration and automation through the Git versioning system.
DevOps and GitOps – what’s the difference?
DevOps (which is the subject of this article) is a philosophy that emphasizes collaboration between development and operations teams. Its goal is to break down walls and encourage co-responsibility for software deployment, maintenance, and operations.
DevOps is a management approach that combines software development (development) with infrastructure operations and management (operations). DevOps teams strive to remove barriers between departments, promote automation (CI/CD) and agile methods.
GitOps is a specific methodology and technique that falls under the broader DevOps framework. It is based on the idea that the entire state of infrastructure and applications should be described and stored in the Git versioning system. This means that all changes to infrastructure and code are captured in a Git repository and can be versioned, maintained and monitored as code.
While DevOps focuses on the broader cultural and organizational aspects of software delivery and operations, GitOps provides specific implementation and best practices within the DevOps framework, using Git as a key tool for managing infrastructure and application configurations.
Basic concepts of GitOps
Before we dive deep into GitOps, let’s briefly explain a few basic concepts:
Git is a distributed version control system used to track changes to code and facilitate collaboration between multiple “developers” on a single project. With Git, developers can easily track change history, revert to previous versions, and resolve conflicts.
A key concept of Git is the “commit”, which is a basic unit of change that can be easily marked up and described. Commits are uploaded to a central repository where they are linked to other changes from different developers. This way, everyone can see what changes have been made by their peers.
Git therefore allows developers to collaborate efficiently and maintain code quality at a high level.
2) Git branching
Git branching is a key feature of Git that allows developers to work on different features independently. When a new branch is created, it creates a copy of the current state of the project that developers can modify and experiment with without affecting the main development branch (typically called master or main).
Once the changes are done and verified, they can be merged back into the main branch using “merge”. Git branching thus increases developer productivity and makes conflict resolution easier.
3) Git merge request
A merge request (also called a pull request) is a process that allows developers to propose and discuss changes made to their code branches and then incorporate them into the main development branch.
Submitting a merge request allows the team and project manager to review the proposed changes, make revisions to the code, or discuss the changes before merging them into the main branch.
4) Infra as Code (IaC)
Infrastructure as Code (IaC) is an approach to managing and administering infrastructure through code. Instead of manually setting up and configuring the infrastructure, IaC relies on scripts and configuration files that describe the desired state. This code can be stored in a versioning system such as Git and easily shared and managed by the team.
With IaC (which we write about in more detail here), the infrastructure can be deployed, scaled and refreshed quickly and consistently. The automated nature of IaC minimizes the risk of human error, leading to more efficient management and greater reliability of the entire IT environment.
5) CI/CD pipeline
The Continuous Integration/Continues Delivery (CI/CD) pipeline is a set of steps and tools operating on top of git versioning that can be used to automatically create a running system from application source code and IaC scripts. The CI/CD pipeline makes the entire deployment process fully automated, fast, reliable and repeatable (more about deployment pipelines in this article).
When these five principles are properly combined into a GitOps process, we get reliability, consistency, and simplicity when deploying and scaling our IT system.
GitOps in details
GitOps is an operational paradigm that combines the power of Git with the principles of IaC and automation. It brings a declarative approach to managing and maintaining infrastructure and applications throughout their lifecycle.
Within the GitOps workflow, the desired system state (including infrastructure configuration, application code, and deployment configuration) is defined and stored as code in a Git repository. This code serves as the single source of truth.
The basic idea behind GitOps is to use Git as the primary means of managing and propagating changes to the system. With Git as the control layer, all changes are made through commits and merge requests. This approach ensures that all changes are auditable, versioned, and subject to code commits.
GitOps uses CI/CD principles for automated change deployment. When changes are committed in Git, the CI/CD pipeline automatically builds, tests, and deploys the updated configuration. This automated process ensures consistency and reliability and reduces error-prone manual tasks.
One of the main benefits of GitOps is the Git-driven and auditable change management process. A complete history of changes (including who made them and when) is stored in Git, allowing for easy traceability and rollbacks should they be necessary.
GitOps and cloud
And how does GitOps relate to patching cloud systems, or cloud security and vulnerability scanning that I mentioned in the beginning of the article? The main thing is to be able to deploy changes, e.g. security patches, without much effort and yet with 100% quality. This is exactly what the GitOps practices described above will provide.
So if you opt for the GitOps concept, it will bring efficiency, reliability and security to your infrastructure and application management process. It will help your teams collaborate better, increase the speed of change deployment, and ensure consistency and reliability of your IT systems. And that’s no small feat.