Cloud Management 3: Move to GitOps - a modern approach to managing and operating applications and infrastructure
In this article, we'll explore how the GitOps concept makes it easier for developers and operations teams to work together to manage and deploy applications and infrastructure. What benefits can organizations achieve by moving to GitOps? Get ready for a major upheaval in the way you manage your applications and infrastructure. You'll be rewarded with greater speed, reliability and security in software development and application operations.
Petros Georgiadis
We started our mini-series on cloud management with an article how to patch cloud systems. We followed up with an article about cloud security and vulnerability scanning and now we'll wrap up the series by describing the end-to-end process that will tie the whole cloud management together nicely.
Entering the scene GitOps - a modern concept for managing and operating applications and infrastructurewhich brings a new approach to managing development, deployment and monitoring. It is based on the principle of Everything as Code and emphasizes versioning, collaboration and automation through the Git versioning system.
DevOps and GitOps - what's the difference?
DevOps (which is discussed in more detail in this article) is a philosophywhich emphasises cooperation between development and operations teams. It aims to break down the walls and promote co-responsibility for software deployment, maintenance and operation.
DevOps is a management approach that combines software development with operations and infrastructure management. DevOps teams strive to remove barriers between departments, promote automation (CI/CD) and agile methods.
GitOps is a concrete methodology and technology that falls under the broader umbrella of DevOps. It is based on the idea that the entire state of infrastructure and applications should be described and stored in the Git versioning system. This means that all infrastructure and code changes are captured in the Git repository and can be versioned, maintained and monitored as code.
Whereas DevOps focuses on the broader cultural and organizational aspects of software delivery and operations, GitOps provides specific implementation and best practices within the DevOps framework, using Git as a key tool for managing infrastructure and application configurations.
Basic concepts of GitOps
Before we dive deep into GitOps, let's briefly explain a few basic concepts.
1) Git
Git is a distributed version control system that is used to track code changes and facilitate collaboration between multiple "developers" on a single project. With Git, developers can easily track change history, revert to previous versions and resolve conflicts.
A key concept of Git is the "commit", which is a basic unit of change that can be easily labeled and described. Commits are uploaded to a central repository where they are linked to other changes from different developers. This way, everyone can see what changes have been made by their peers.
Git therefore allows developers to collaborate effectively and maintain code quality at a high level.
2) Git branching
Git branching is a key Git feature that allows developers to work on different functionalities independently. When creating a new branch (branches) create a copy of the current project state that developers can modify and experiment with without affecting the main development branch (typically called the master or main).
Once the changes are done and verified, they can be merged back into the main branch using "merge". Git branching thus increases developer productivity and makes conflict resolution easier.
3) Git merge request
Merge request (also called pull request) is a process that allows developers to propose and discuss changes made to their code branches and then incorporate them into the main development branch.
Submitting a merge request will allow the team and project manager to assess proposed changes, make code revisions, or discuss the changes further before merging into the main branch.
4) Infra as Code (IaC)
Infrastructure as Code (IaC) is access to control and management of infrastructure through code. Instead of manually setting up and configuring the infrastructure, IaC relies on scripts and configuration files that describe the desired state. This code can be stored in a versioning system such as Git and easily shared and managed by the team.
Thanks to IaC (which we write about in more detail here), the infrastructure can be quickly and consistently deploy, scale and recover. The automated nature of IaC minimises the risk of human error, leading to more efficient management and greater reliability of the entire IT environment.
5) CI/CD pipeline
Continuous Integration/Continues Delivery (CI/CD) pipeline is a set of steps and tools that operate on top of the git versioning system with which we can automatically create a running system from application source code and IaC scripts. The CI/CD pipeline makes the entire deployment process fully automated, fast, reliable and repeatable (more about deployment pipelines in this article).
When these five principles are properly combined into a GitOps process, we get reliability, consistency and simplicity in deploying and expanding our IT system.
GitOps in detail
GitOps is an operational paradigm that combines the power of Git with the principles of IaC and automation. It brings a declarative approach to managing and maintaining infrastructure and applications throughout their lifecycle.
As part of the GitOps workflow, the desired system status (including infrastructure configuration, application code and deployment configuration) defined and stored as a code in the Git repository. This code serves as the single source of truth.
The basic idea behind GitOps is to use Git as the main means of managing and promoting changes in the system. With Git as the control layer, all changes are made through commits and merge requests. This approach ensures that all changes are auditable, versioned and subject to code revisions.
GitOps uses CI/CD principles for automated change deployment. When changes are committed in Git, the CI/CD pipeline automatically builds, tests, and deploys the updated configuration. This automated process ensures consistency and reliability and reduces error-prone manual tasks.
One of the main advantages of GitOps is Git-driven and auditable change management process. A complete history of changes (including who made them and when) is stored in Git, allowing for easy traceability and rollback if necessary.
GitOps and the cloud
And how does GitOps relate to patching cloud systems, or cloud security and vulnerability scanning that I mentioned in the beginning of the article? The key is to be able to deploy changessuch as security patches, without much effort and yet with 100% quality. This is exactly what the GitOps procedures described above provide.
So if you choose GitOps, it will bring efficiency, reliability and security to your infrastructure and application management process. It will help your teams collaborate better, increase the speed of change deployment, and ensure consistency and reliability of IT systems. And that's no small feat.
