GitOps Workflows and Principles for Kubernetes

For many organizations, the process of scaling up and operationalizing their clusters has led to an increase in complexity, particularly when using Kubernetes. With frequent application and environment updates come challenges in maintaining configuration consistency. The result? Lost productivity, downtime and even outages.

So how are organizations managing this challenge when faced with growing complexity? For many (a whopping 64.5% according to the 2020 AWS Container Security Survey), the answer is GitOps. But what is GitOps and how can you make it work for your organization? In this article, we’ll discuss the principles behind GitOps and discuss some of the best practices for using GitOps to simplify your container orchestration, particularly for Kubernetes.

A GitOps Overview

Git has enjoyed rising popularity as an open source version control system, and GitOps uses a Git repository to store all the relevant information for defining, creating and updating applications and infrastructure. The same software development life cycle strategies used by DevOps teams are used for Git such that when changes are made to a Git repository, that code is pushed to production. The result is automated deployments that are done quickly, reliably and predictably.

In essence, GitOps uses the advantages of Git with the practicality and reliability of DevOps best practices. By utilizing things like version control, collaboration and compliance and applying them to infrastructure, teams are using the same approach for infrastructure management as they do for software code, enabling greater collaboration, release speed and accuracy.

GitOps adoption is growing to manage updates and features using familiar tools such as version control for infrastructure-as-code (IaC) in the same manner as application code to enable quicker response to customer demands and market needs.

Advantages of GitOps

Teams that employ GitOps enjoy better standardization, increased security and a streamlined development pipeline because Git acts as a single source of truth for both infrastructure and applications. But the advantages don’t stop there—GitOps also offers the following:

  • Agility: By decreasing the operational overhead for deployments, GitOps teams can focus on development, allowing for increased adaptability and agility.
  • Familiarity: Teams can use the same process to merge code that they use for deployments to Kubernetes clusters. Further, developers and operations teams are better aligned in their operations workflows because they can use a single version control system across apps and infrastructure.
  • Increased security: A reduction in manual processes means a reduction in the likelihood of human error. Any deviation from the intended state can be detected and potentially blocked.
  • Streamlined Pipeline: Deployment speed is greatly increased, with the time to deploy to a cluster reduced to seconds.
  • Reduction in spend: The bottom line is always a consideration, and GitOps helps improve development efficiency and lower costs.
  • Easier audits, increased compliance: With Git serving as the central source of truth, it is easier to trace version history, conduct audits and view changes over time.

Guiding Principles

GitOps core principles align very well with the principles of Kubernetes; one of many reasons why these two strategies work so well together. These principles include the following:

  • Just like Kubernetes, GitOps is declarative. Git declares the desired state, while GitOps works to achieve and maintain that state.
  • As mentioned above, GitOps creates a single source of truth because everything—from your app code to cluster configurations—is stored, versioned and controlled in Git.
  • GitOps focuses on automation. The approved desired state can be automatically applied and does not require hands-on intervention. Having built-in automated environment testing (the same way you test app code) leverages a familiar workflow used in other places to ensure software quality initiatives are being met before merging to production.
  • GitOps is, in a way, self-regulating. If the application deviates from the desired state, an alert can be raised.

Workflows and Procedures

So, how do organizations put GitOps into practice? As with DevOps, much of GitOps centers around automation. GitOps aims to automate infrastructure changes to happen concurrently with application code, generating app binaries. An example of GitOps in action would be a team using GitOps to automate the manual tasks required to deploy a new software feature. You can not only create and check the code for the feature but also update and check in the application manifest. GitOps can enable this check-in to then trigger a deployment of the code and config files to the correct cluster—and if something goes wrong, it is easy to roll the code back.

GitOps also allows control over how your application deploys on Kubernetes simply by setting the strategy. Two strategy options include “recreate” or “rolling update.” The recreate strategy ensures that old pods and new pods don’t overlap. Rolling updates, on the other hand, ensure some pods remain available during the update—helping to ensure the service stays up and running. The only challenge, then, is that the old and new data stores or clients must be able to work with both versions of the pods.

There are also more advanced deployment patterns, such as blue-green and canary. In blue-green, there are two versions of the application, but only one is live at any given time. A canary deployment creates new pods in parallel with the existing one and aims to minimize any problems with the new version to a subset of users.

Tools for GitOps Users

Organizations that can successfully implement GitOps methodologies and workflows use many tried-and-true Git tools, but some users find they realize increased benefits with some additional tools. A few popular GitOps tools available for Kubernetes include ArgoCD, Rafay and Flux.

GitOps in 2022 and Beyond

With more and more organizations turning to GitOps to help fuel their continuous delivery and development, improving their ability to control versioning, conduct code reviews and increase the reliability and scalability of their deployments, GitOps is a trending approach for 2022 and beyond. Combined with increased utilization of Kubernetes by many companies, it is expected that GitOps will continue on its strong adoption-growth trajectory. Will your organization implement GitOps into your development strategy? If you already have, what benefits are you seeing from GitOps? If not, what concerns are holding you back?

Kyle Hunter

Kyle Hunter is Head of Product Marketing at Rafay Systems, a platform provider for Kubernetes Operations. Kyle is a creative product leader with a demonstrated record in messaging and positioning, competitive differentiation, go-to-market strategy, and thought leadership. He has innovative experience leveraging exceptional business acumen and technical expertise to conceptualize and execute strategies driving company and market growth.

Kyle Hunter has 2 posts and counting. See all posts by Kyle Hunter