What does GitOps mean?
GitOps enables a completely new approach. The term stands for Git and Operations, thus referring to the use of version management for the infrastructure environment.
In classic continuous delivery, the application is rolled out from a CI server to the target environment.
GitOps extends the concept by eliminating the need for the CI server to connect to the target environment.
Instead, the target environment monitors the repository and applies updates in an automated manner. Typically, GitOps is used to roll out an application to a Kubernetes cluster. However, other target environments are also possible.
What are the benefits of GitOps?
- Version management and traceability
These are the only advantages of Git that first catch the eye. You can benefit enormously from Git not only in software development, but also in infrastructure.
- Automated target-actual comparison
The actual state of the target environment is constantly monitored. This ensures that the current version is always in operation. But not only that – there is also a self-healing effect. For instance, if configurations deviate, they are reset to the target state.
- Access control
The CI Server does not need to access the target environment. Therefore, no credentials need to be managed there. The target environment has access to the repository. This is often easier to implement organizationally and harmonizes better with the typical firewall rules for such environments.
- Fast deployment, Simple rollbacks
Changes in the repository are immediately applied to the target environment after release. Depending on the configuration, these changes are first deployed to the quality assurance environment and then only after re-release, they are deployed to the production environment. And if something does go wrong, you can easily roll back the changes and restore the previous working state.
What are the challenges to be overcome?
But there are also some challenges to be aware of before applying GitOps in your own environment. Because of the automated rollout of changes, error handling becomes a bit more complicated when something does go wrong. You have to know how the whole system is interlocked and where to find bug reports.
You also quickly realize that you need a way to store sensitive data, such as authorization tokens in the repository, without violating confidentiality.
Overall, you can see that the learning curve with GitOps is much steeper than in the classic approach.
How do we make GitOps a success?
There are a number of different GitOps solutions. We successfully use Flux CD with our customers and use Sealed Secrets to encrypt authorization tokens in the repository. Would you like to know how GitOps can be used at your site as well? Feel free to contact us.