GitOps?

TL;DR

• GitOps is an operation model for cloud-native applications running on Kubernetes (created by Weaveworks).
• To the most part, it is infrastructure-as-code with continuous integration and continuous delivery.
• The idea is having Git as the source of truth for all operations.
• A single Git repository describes the entire desired state of the system.
• Operational changes are made through pull requests.
• Changes can be peer-reviewed, versioned, released, rolled back, audited, etc.
• Diff tools detect any divergence and sync tools enable convergence.
• GitOps can be used for managing Kubernetes clusters since Kubernetes uses declarative resource definitions.
• Kubernetes secrets can also be stored in Git repo using one-way encryption (take a look at sealed-secrets)
• GitOps in contrast to CIOps improves your workflow in the following ways:
  • All of your configurations and changes to them are centralized in one place (easier to track, audit, and reason about).
  • Divergences will be detected and the cluster will be converged again automatically (failed deployments will be retried too).
• GitOps can be done using either a Push approach or a Pull approach.
• With push your cluster credentials are in your build system whereas with pull no external system has access to your cluster.

Read More

• GitOps
• GitOps - Operations by Pull Request
• Kubernetes Anti-Patterns: Let’s do GitOps, not CIOps!
• Managing Secrets in Kubernetes
• GitOps — Comparison Pull and Push
• Argo CD