GitOps: Just Getting Started (and So Should You)
November 18, 2021

Brendan O'Leary
GitLab

When GitOps entered the scene in 2017, it was introduced as an extension of DevOps, taking its best practices and applying them to infrastructure automation. Now, developers expect not only an extension of DevOps, but an evolution of GitOps.

GitOps happens in the same version control system as application development, enabling teams to collaborate in a central location. It is comprised of three key components: infrastructure-as-code, merge requests, and CI/CD. With GitOps, infrastructure changes become codifiable, repeatable, and traceable, which leaves less room for human error and gets everyone on the same page.

While cloud container orchestrators like Kubernetes are where GitOps first emerged, it's a common misconception that it can't be adopted for other types of computing environments. Today, we understand GitOps to be more than just a new way of delivering applications, it's a strategy for more flexible development of applications and infrastructures, uniting several, once disparate pieces of IT work.

Why GitOps? Why Now?

Interest in GitOps is not dying down anytime soon, it's accelerating forward. At Kubecon EU 2021 in May, over 45% of GitLab survey respondents said that GitOps is a top priority for their organization in the short term. The interest in GitOps topics was so high that CD Conference (by CNCF) had to spin out a separate GitOps Conference.

With infrastructure environments getting more complex, we need infrastructure teams to improve automation, resilience, and compliance. This ensures that they are able to keep up with the pace of development teams. GitOps provides an operational framework to achieve just that. As more companies look for ways to streamline infrastructure management, more organizations will begin to adopt GitOps. It's been less than a year since the CNCF announced its GitOps working group, so now is the time for companies to get in on the ground level.

Pick Your Approach to GitOps

There are two main approaches to GitOps, a push-based approach, and a pull-based approach. In a push-based approach to GitOps, a CI/CD tool pushes changes into the environment. In pull-based approaches, an agent installed in a cluster pulls changes whenever there is a deviation from the desired configuration.

The best way to support GitOps principles is with three types of deployment targets and environments:

1. A single application for infrastructure code

2. Configurations using CI/CD for automation

3. Merge requests for collaboration and controls

GitOps principles can be used in a variety of ways to meet teams wherever they are at. Teams need access to many different options because the typical organization has a mixed IT landscape, with various heterogeneous technologies in a number of different environments. GitOps is flexible for you and, therefore, makes your teams more flexible.

GitOps Strategies Add Value to the SDLC

Once GitOps has been embraced, development and operations teams see improvements such as:

Improved collaboration— More engineers can collaborate on infrastructure changes. Once the change, merge request, review, and approval process is solidified, senior engineers can focus on other areas beyond critical infrastructure management while maintaining the ability to review and contribute as needed.

Improved access control— With infrastructure components divided up, credentials to all components are better protected. Changes are only automated by your CI/CD needs, which means what's safe and operating well remains secure in its cluster.

Faster time to market— Execution via code is faster than manual development, test cases can consistently be automated and made repeatable to deliver more stable environments, more rapidly and at scale.

Less errors— With infrastructure defined and codified, actions are repeatable and less prone to human error.

Better compliance— As all changes to infrastructure are tracked, changes in the SDLC are traceable for audits. If necessary, an organization could easily roll back to a previous desired state or make tweaks with ease.

Reduced costs— The automation of infrastructure and its testing eliminates several manual tasks, which in turn improves productivity. Additionally, downtime is reduced due to built-in revert and rollback capabilities.

Less risk — Taking a shift-left approach to infrastructure-as-code helps organizations identify and resolve issues before a problem reaches its end-users. Without a shift-left approach to IaS, problem applications and products are rolled out to production with hastily-built, less-secure code. GitOps helps businesses avoid unexpected downtime, providing environment stability and reliability, which ultimately drives better user experiences.

Grow with GitOps

The spirit of DevOps has been infused throughout GitOps. Despite businesses still being in the early phases of GitOps adoption, developers are already expecting the next evolution, including seamless code reviews and the simplification of complicated development environments, as well as the incorporation of CI (as opposed to just CD), agents, and push/pull. This is achievable through a single platform that offers collaboration, end-to-end software development visibility, and the automated tools needed to build a winning GitOps strategy. It's possible that until organizations find the right place to leverage infrastructure-as-code, merge requests, and CI/CD, their business potential goes to waste. But for those who want to step into the next phase of software efficiency, the answer is a GitOps workflow.

Brendan O'Leary is Staff Developer Evangelist at GitLab
Share this

Industry News

December 02, 2021

Mirantis announced DevOpsCare, powered by Lens, a vendor-agnostic, fully-managed CI/CD (continuous integration/continuous deployment) product for any Kubernetes environment, offering developers higher levels of productivity more quickly.

December 02, 2021

The D2iQ Kubernetes Platform (DKP) is now available in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services, Inc. (AWS).

December 01, 2021

Bugcrowd announced the availability of Bugcrowd's cybersecurity solutions on the AWS Marketplace, providing customers with easy access, simplified billing, quick deployment, and streamlined license management.

December 01, 2021

Kublr received Microsoft Azure Arc-enabled Kubernetes validation, including for Azure Arc-enabled Kubernetes for Data Services.

December 01, 2021

CloudSphere achieved Amazon Web Services (AWS) Migration and Modernization Competency for discovering, planning, and helping enterprise customers move business services to AWS to reduce cost, increase agility and improve security.

November 30, 2021

JFrog introduced a new container registry and package manager for running JFrog Artifactory with Kubernetes clusters on-premises, in the cloud, or both.

November 30, 2021

Docker announced the availability of Docker Official Images directly from Amazon Web Services (AWS).

November 30, 2021

Weaveworks announced the general availability of Weave GitOps Enterprise, a GitOps platform that automates continuous application delivery and Kubernetes operations at any scale.

November 30, 2021

Amazon Web Services announced AWS Mainframe Modernization, a new service that makes it faster and easier for customers to migrate mainframe and legacy workloads to the cloud, and enjoy the superior agility, elasticity, and cost savings of AWS.

November 29, 2021

Quali announced the newest release of Torque Enterprise, which includes enhanced integration with Terraform, new custom tagging capabilities, and improved cost visibility dashboards, unleashing an entirely new level of self-service access to application environments on demand.

November 29, 2021

Vertical Relevance (VR), a financial services-focused consulting firm, achieved Amazon Web Services (AWS) DevOps Competency status.

November 18, 2021

Loft Labs announced the launch of Loft version 2 with a focus on ease of use that overcomes the major complaint that Kubernetes is complex and hard to set up.

November 18, 2021

Perforce Software announced new functionality to speed remediation of discovered defects in automated scans.

November 18, 2021

Lacework raised $1.3 billion in growth funding at a valuation of $8.3 billion.

November 17, 2021

Parasoft announced the 2021.2 release of Parasoft C/C++test, the unified C and C++ development testing solution for embedded applications.