GitOps: The future of DevOps? How the industry is shifting towards a more automated and efficient workflow

✏️ This article is written by Lee Van Steerthem, Head of DevOps at Devoteam G Cloud Belgium and Keren Rodrigues Castelli, Head of Change Management at Devoteam G Cloud Benelux & UK.

History

Agile (agile manifesto dated from 2001) made it possible to iterate development processes and shorten the feedback loop. DevOps (coined in 2009) came to close the gap and started collaborating on solutions and driving the business forward. However, particular components were absent in delivering applications to their respective destinations: virtual machines, Kubernetes clusters, serverless environments, or others. Applications always have their particular way of deployment, businesses found it hard to find a single simple flow to deploy all the applications in production. Many times they resorted back to operations managing the orchestration tools to deploy. They lost some advantages of working together and having that fast feedback loop. Because of automation tools like Puppet and Ansible, manual deployments became more automated flows. Writing this automation takes time, and requires love and constant care. So at the end of the day, the “shift left” on one of the most crucial elements wasn’t managed, getting the application deployed and ready for the end user. It took eight years of trial and error with many companies to have found a solution. 

Weaveworks pioneered the GitOps model and its interesting backstory was described in a 2021 blog post. In 2017, Weaveworks hosted applications on their SaaS platform using Kubernetes as the infrastructure layer. When a configuration change caused a system-wide outage, their DevOps team was able to restore the platform in just 40 minutes thanks to their GitOps process. Think about it, a full restore of your systems in less than 1 hour. It still is crazy to know this is possible. Now they kept everything stored and versioned in Git, implementing infrastructure as code and taking advantage of Kubernetes’ declarative configurations. This is the golden combination the industry was waiting on.

Why GitOps is so powerful: Streamlining Deployments and Accelerating Time to Market

GitOps provides a declarative approach to infrastructure and application deployments, allowing teams to define their desired state in Git repositories and use tools to continuously reconcile the actual state with the desired state. This ensures that the deployment process is automated, repeatable, and auditable, reducing the risk of errors and improving overall reliability.

But how does GitOps address the challenges faced in the DevOps workflow and fill the gaps? Let’s take a closer look.

• Deploy as close as possible to the application code 

To provide a broader understanding, the crucial aspect is to deploy the application code as closely as possible to how it should be executed. The remarkable advantage of GitOps, which I will delve into later, lies in the ability to unify teams around a single deployment approach. The most remarkable aspect is that it requires minimal manual intervention, making it truly hands-off.

• Closing the Last Mile Gap: faster iterations 

“The last mile” in the DevOps journey refers to the crucial step of deploying your application for the end-user. It’s the point where your code transforms into a functional product. However, many enterprise companies struggle with the speed of getting their applications to the end user. Lengthy release cycles spanning weeks or even months can hinder the overall experience and cause frustration.

GitOps steps in to solve this problem by enabling faster and smaller iterations. Rather than combining numerous changes into a single deployment, GitOps encourages fixing one thing at a time and deploying it. This approach minimises the risk of multiple issues arising simultaneously. By shortening the deployment cycle, teams can iterate faster, ensuring that the end user gets the latest updates and bug fixes promptly.

• Easy Roll-back to previous versions 

GitOps also enables teams to easily roll back changes to previous versions of the deployment in case of issues, improving resilience and recovery time. Additionally, since everything is defined in code, it promotes collaboration and transparency across teams, reducing the risk of silos and knowledge gaps.

• Faster time to market 

By embracing GitOps, you’re not only closing the last mile gap but also accelerating your time to market. You’ll be able to deliver your applications faster, delighting your end-users and boosting your overall efficiency. So, say goodbye to lengthy release cycles and welcome the streamlined power of GitOps into your DevOps workflow. It’s time to take your deployments to new heights and leave your competitors in the dust.

• Automated Testing and Continuous Integration/Delivery

GitOps leverages automated testing, placing a heavy emphasis on continuous integration and continuous delivery (CI/CD). CI involves building and testing the code, ensuring its integrity. At the end of the factory line, you obtain a trusted package ready to be deployed on a server.

Continuous Delivery, on the other hand, focuses on the automated flow of testing. Once the code has undergone and passed all tests, it produces a reliable package. This package can be confidently handed over to an end-user without manual intervention. By automating the delivery process, GitOps eliminates unnecessary delays and reduces the chances of human error during deployments.

• Pushing limits: Seamless Continuous Deployment

Continuous deployment is a natural extension of GitOps. When code successfully goes through the factory line of CI/CD, it’s automatically deployed to the target environment. This streamlined approach ensures that any approved changes reach the end user without additional manual steps.

GitOps provides the foundation for a seamless and hands-off deployment process. By embracing automation and defining infrastructure and application configurations in code, teams can achieve greater reliability, collaboration, and transparency. In the event of issues, GitOps also enables easy rollback to previous versions, enhancing resilience and minimising recovery time.

An example of how GitOps can significantly improve your software delivery process 

A lot of companies lack standardised deployment approaches, which leads to time-consuming and complex processes, where each deployment is unique.

• GitOps eliminates the manual ticket shuffle by empowering teams to execute deployments independently.
• Standardisation is achieved through clear guidelines that ensure every deployment follows a set of standardised steps.
• GitOps leverages Git’s powerful change-tracking capabilities, providing a logbook of all changes made and their respective authors.
• The ability to review the system’s state at any given time enables easy rollback procedures and simplifies compliance with auditing requirements.
• Over time, GitOps enables seamless auditing for ISO and security purposes, making it easier to demonstrate the system’s evolution and track who made specific changes.

Example: A notable example of GitOps in action is highlighted in this blog post, where they discuss deleting one-third of their production environment and successfully restoring it using GitOps. This process enabled them to recover from a major incident in just 45 minutes. Such experiences demonstrate the resilience and benefits of implementing GitOps practices.

How GitOps became so popular

GitOps has gained significant traction in the industry over the past few years, with ArgoCD and Flux being two of the most popular GitOps tools. Both ArgoCD and Flux have been CNCF Graduated, which is the highest standard in CNCF, indicating that they have met the criteria for maturity, stability, and adoption.

Furthermore, many products have integrated ArgoCD into their product, including Istio, OpenShift, and GitLab, among others, showing that the industry is not looking to recreate GitOps but to embrace it.

How does GitOps contribute to improving the security and reliability of software deployments?

Security 

When it comes to security, GitOps may not directly improve it, but it plays a crucial role in auditing. By implementing a CI/CD pipeline that encompasses building, testing, and security testing, you ensure that your software is continuously updated with the latest packages and libraries, free from vulnerabilities. With this setup, whenever a package update occurs, the pipeline is triggered automatically, and you can swiftly deploy the updated version. This means you no longer have to wait for tickets to be resolved, reducing the risk associated with delayed security updates.

Reliability 

GitOps improves reliability by providing a systematic approach to managing infrastructure and application configurations through version control. By using Git as the single source of truth, GitOps ensures consistency, traceability, and reproducibility of changes. This eliminates manual intervention and reduces the risk of human errors, resulting in more reliable deployments and easier rollback capabilities if issues arise. 

Is the industry rapidly adapting GitOps?

GitOps has rapidly gained popularity in the industry, as evidenced by the high demand for GitOps-related talks and workshops at events like KubeCon. At Kubecon 2023 in Amsterdam, in multiple talks people were not able to look at the talk because the room was full, it had lines of between 50-100 people that would have loved to learn more. That shows the interest is there and it’s a hot topic. Many organisations are looking for experience in how to do GitOps properly, and the trend shows no signs of slowing down.

What are the downsides of GitOps?

While GitOps has many advantages, it is not without its challenges. One of the main concerns with GitOps is scalability, with some users reporting issues with ArgoCD in large-scale environments. Another potential issue is the need for strict access controls to ensure that only authorised personnel have access to the Git repository, reducing the risk of unauthorised changes. However, these changes can be and are already solved. The biggest hurdle is trusting the process, as it will deploy the moment there is a change in git (config) or your application image is updated by your CI system. 

Next to that, GitOps challenges the habit of manual interventions. With GitOps, you’re encouraged to trust the system and make changes on the repository side, rather than directly on the server. This means that if a customer wants a rapid change to be showcased for just an hour, it won’t be possible because GitOps automatically overwrites any changes. 

But there’s a workaround. If you urgently need a manual change without syncing it, you can communicate this to the GitOps controller, requesting it to hold off until you give the green light again. However, it’s important to understand the system and its flow; otherwise, attempting manual fixes without proper knowledge can lead to repeated breakages.

To overcome this challenge, change management becomes crucial. Training people and making them aware of the GitOps process is essential. It’s not just about teaching them how to use it, but also explaining the outcomes and implications of the system. Once individuals comprehend how GitOps works, they can adapt their processes around it. For example, they can develop strategies for rapidly restoring a failed service if needed.

Example: Consider a scenario where a customer requests a rapid change that needs to be showcased for just an hour. In a GitOps workflow, this becomes challenging because the system automatically overwrites any changes made. Instead of resorting to manual alterations, the focus is on making changes on the repository side. For instance, if there is a bug that takes an hour to build and test an application, and you cannot afford to wait, you might be tempted to make a manual change and instruct the controller not to synchronise until given the green light. However, if you’re not familiar with the system and its workings, you may invest significant effort in fixing the issue, only to have it break again within minutes.

Change management is crucial 

To address this, change management becomes crucial. By training people and making them aware of how GitOps is implemented, they gain a better understanding of not only how to use the system but also the outcomes it produces. In change management, we address the all-important “What’s in for me”. Once individuals comprehend the flow of GitOps, they can develop their processes around it. For example, they can devise strategies for rapidly bringing up a service if it fails. By following established procedures and leveraging the GitOps approach, teams can respond effectively to failures and recover services promptly.

In conclusion, Agile and DevOps have paved the way for faster development and collaboration, but the challenge of deploying applications in a streamlined and automated way remained. Weaveworks’ GitOps model has addressed this challenge by providing a declarative approach to infrastructure and application deployments, resulting in a more automated, repeatable, and auditable deployment process. GitOps has gained significant popularity in the industry, with ArgoCD and Flux being two of the most popular GitOps tools, and many products integrating GitOps into their offerings. While GitOps has many advantages, scalability and access control remain potential challenges. However, with the industry’s interest in and adoption of GitOps, these challenges will likely be addressed and overcome shortly.