GitOps — The DevOps for infrastructure automation

2022-01-29 11:31:22
ZenTao ALM
Original 727
Summary : GitOps provides a way to automate and manage the Infrastructure. It does this through best practices of the DevOps that many teams have already applied, such as versioning, code review, and the CI / CD pipeline.With GitOps, teams can automate the infrastructure configuration process. You can use declaration files to write the Infrastructure as Code (IaC). We can store them in the Git repository just as we store the application development code.

GitOps — The DevOps for infrastructure automation

GitOps provides a way to automate and manage the Infrastructure. It does this through best practices of the DevOps that many teams have already applied, such as versioning, code review, and the CI / CD pipeline.


Due to the great potential of DevOps in improving productivity and software quality, many companies have been adopting DevOps. We have found ways to automate the software development life cycles. However, it is still mainly a manual process in infrastructure setup and deployment.


With GitOps, teams can automate the infrastructure configuration process. You can use declaration files to write the Infrastructure as Code (IaC). We can store them in the Git repository just as we store the application development code.

How does GitOps work?

The Kubernetes management company, Weaveworks, originally proposed the concept of GitOps. So the discussion about GitOps is done primarily in the context of Kubernetes. The conversion to micro-services running in containers creates a need for the orchestration platform. The supply and management of container-based applications can be complex and challenging. GitOps helps to simplify this by applying technologies that have been validated in the DevOps world.


The idea is popular among DevOps enthusiasts, representing an upgraded model of the IaC concept. It revolves around the three main sections:

  • Infrastructure is the code
  • Make the request
  • CI/CD

1. Infrastructure is the code

The IaC provides and manages the Infrastructure as a declaration file (stored as code). All operational procedures can be optimized by leveraging the IaC and version control teams.


The GitOps is centered on the declarative model of the IaC. That is why Kubernetes is an excellent example of implementation. Declarative means that configuring is more of a statement of the expected state than a set of commands. For example, in Kubernetes, you can define the number of pods required for the service in the manifest. The system will handle it. The engineer does not need to write a command script that reaches the required pod number.


Any local cloud software that fits the declarative model can be considered code. We use AWS Cloud Formation to write the AWS infrastructure, a declarative tool. This means that we can view the Infrastructure itself as the code. Declaration of the required status as the code. The system applies changes to automate the status.


That said, the declarative model is not required in GitOps. Command-defined environments can do this, too.

2. Pull the request

The main idea behind the GitOps concept is that the versioning control system is the only source of fact. We use Git as the change management system for the application code. We can also use it in the infrastructure code. So the whole declaration file set is in a place to collaborate. This allows us to manipulate changed pull requests using the fundamental concept of Git.


We use the main branch as the release branch in the application development workflow. Developers create functional branches from the main branch. Develop a specific feature or story and create a pull request to merge it into the main branch. The same approach is also convenient for the infrastructure code.


Before integrating the code to another branch of the code base, creating a pull request enables the code to go through a code review process. Code checking prevents wrong code from entering the test or production environment. This is even more important for the infrastructure code. Getting formal approval through a code review dramatically helps with the audit and troubleshooting.

3. Git organization

The deployment process in GitOps requires at least two repo's: the application repo and the environment configuration repo. The first contains the source code of the application and its deployment manifest. The second contains the desired state of the entire system described using the declarative specification for each environment. You can describe your environment as development, testing, production in a code repository that contains applications and infrastructure services that can run with a specific version of the environment.


In the Infrastructure case, the main branch can represent an environment. We can implement the change in the feature branch. A pull request is then created to merge the changes in the main branch. In this way, we can implement collaboration while remaining transparent about who made what changes. This is also for problem tracking to the root cause as all changes are submitted in Git.


GitOps can be used for any Git-based system, such as GitHub, BitBucket, or GitLab. It does not depend on any tool or technology.

4. CI/CD

To achieve a complete GitOps, you need a CI / CD pipeline. With the automatic delivery pipeline, you can pass the infrastructure changes to the specified environment each time you change the Git repository. The pipeline here connects Git pull requests to the orchestration system. The business process system performs the task when you use pull requests to trigger the pipeline.


There are two possibilities for GitOps deployment policies: push pipelines and pull pipelines. The difference between them is ensuring the deployment environment similar to the required Infrastructure.

5. Push pipeline

Many popular CI / CD tools are using this strategy. We store the application's source code and its deployment inventory in a repository. The generation pipeline triggers when a new update occurs in the application code. The pipeline builds a container image and pushes the changes to the environment. This strategy brings in greater flexibility, as it can support any Infrastructure. The downside is that it allows the CI / CD tools to access your environment.

A push-based DevOps deploymen

6. Pull pipeline

The community considers the Pull pipeline approach a safer practice for GitOps. In this way, the operators are introduced. The operator is a component between the pipeline and the compilation tool. It constantly compares the target state in the environmental repository to the actual state in the deployment infrastructure. If the operator detects any changes, he changes the Infrastructure to fit the environment repository. In addition, you can also monitor the image registry to determine the new version of the image that you want to deploy. That's why GitOps is so special.

A pull-based DevOps deployment

In GitOps, environment updates occur only if changes occur in the environment repository. If the implemented infrastructure changes are not defined in the environment repository, the system recovers any changes made.


For most applications, you may need multiple environments. GitOps allows you to create multiple pipelines to change the environment repository. You can manage more environments with different branches in the environment repository. The operator can respond to changes in one branch by deploying to the production environment or another branch by deploying to testing.

What are the advantages of the GitOps?

1. Use the DevOps as the Best Practices

Since GitOps is a model focused on existing best practices such as Git work-flow, IaC, CI / CD pipelines, imvariable servers, tracking, and observability, it represents a more advanced state of Kubernetes cloud native application management. Therefore, the company's current experience and experience can provide many services.

2. Continuous deployment — simplification

Continuous deployment means a faster and more frequent deployment. Due to different considerations, proper continuous deployment has been challenging, such as system statute, downtime resistance, upstream/downstream dependencies, and many other organization-related processes and dependencies.


The GitOps allows you to do this without managing a bunch of tools as everything happens in versioning systems. This provides structure and automation because of using deployment operations.


This also improves productivity and faster MTTD (average deployment time). The continuous deployment of automation ensures that the team can publish 30-100 times changes per day, thus increasing the average production performance by 2-3 times.

3. Reduce the average repair time (MTTR)

The MTTR is one of the key metrics that the DevOps team should measure. In microservice architectures, even minor problems are challenging to fix. Since GitOps retains all changes in the version control system and management is automated, MTTR can be significantly reduced. You thoroughly understand how the environment changes, and error recovery becomes very easy.

4. Simplify Kubernetes management

Without gaining insight into Kubernetes, developers can use familiar tools (such as Git) to handle Kubernetes upgrades and features quickly. New embedded developers will easily keep up and become active in days rather than months.

5. Improved standardization across the company

Because GitOps has a framework for rendering applications, software, and Kubernetes additional modifications, transparent end-to-end workflows throughout the enterprise. The Git can also fully copy the action activity.

How to prepare for the GitOps?

Establish a stable code review and testing process. Careful inspection of the code changes indicates some alleged actions, such as adding a global variable. It prevents the destructive code from being released. You can then submit the validated code via a pull request without allowing the developer to submit any changes directly. Once the request is checked and merged, the pipeline can be triggered. This is the first step in maintaining high-standard code and subsequent system stability.


Joining GitOps means having a high level of automation, which requires thorough testing of the applications published by the pipeline. Although GitOps allows for a relatively easy rollback, publishing good code with good test cases makes the process more reliable.

1. Key monitoring

GitOps allows repeatable operating procedures to improve traceable system status, releases, and rollbacks. Careful monitoring can help you identify and prevent unexpected offsets and system changes in your configuration. So, before starting with GitOps, review your monitoring skills and strengthen your monitoring capabilities to allow them to cope with this change.

2. Accept culture

Traditional process constraints with long publishing times will only hinder you. Adopting the DevOps culture means leveraging the best strategies to help the team understand the value of development and operational actions. At the same time, they must collaborate to create an overall stable infrastructure, execute applications faster and more smoothly, and manage systems efficiently. A lack of DevOps culture can prevent you from enjoying the benefits of GitOps.

Why is it a GitOps?

GitOps is a perfect workflow mode that efficiently helps you process your cloud infrastructure. GitOps can offer engineering teams many advantages, including better coordination, transparency, stability, and durability.

Write a Comment
Comment will be posted after it is reviewed.