• GitOps is an operation model for cloud-native applications running on Kubernetes (created by Weaveworks).
  • To the most part, it is infrastructure-as-code with continuous integration and continuous delivery.
  • The idea is having Git as the source of truth for all operations.
  • A single Git repository describes the entire desired state of the system.
  • Operational changes are made through pull requests.
  • Changes can be peer-reviewed, versioned, released, rolled back, audited, etc.
  • Diff tools detect any divergence and sync tools enable convergence.
  • GitOps can be used for managing Kubernetes clusters since Kubernetes uses declarative resource definitions.
  • Kubernetes secrets can also be stored in Git repo using one-way encryption (take a look at sealed-secrets)
  • GitOps in contrast to CIOps improves your workflow in the following ways:
    • All of your configurations and changes to them are centralized in one place (easier to track, audit, and reason about).
    • Divergences will be detected and the cluster will be converged again automatically (failed deployments will be retried too).
  • GitOps can be done using either a Push approach or a Pull approach.
  • With push your cluster credentials are in your build system whereas with pull no external system has access to your cluster.

Read More