configuration management database (CMDB) infrastructure as code (IaC)


What is GitOps?

GitOps is an operational framework that applies DevOps practices, such as continuous integration/continuous delivery (CI/CD) and version control, to infrastructure automation.

GitOps can be used by teams that often work with Kubernetes and want to start moving toward continuous operating models, such as CI, deployment or testing.

How GitOps works

GitOps uses a Git repository as a single source of truth to deliver infrastructure as code (IaC). Code changes are tracked, which provides version control if a rollback is needed. Once declared in Git, a GitOps agent is used to apply all code configurations automatically in development, test, staging and production environments.

GitOps is based around the idea of pull requests. Once a pull request is initialized, the user can see an overview of changes in each branch in a repository base. The user can then add a summary of proposed changes, review changes, add labels and mention other contributors. After the pull request is created, a commit from a topic branch can be added where contributors can view any proposed changes. Once everyone approves the request, the changes are merged with the pull request.

Changes to an application or cluster could include updates to container images, fixes to errors in the environment or updates to specifications. Troubleshooting with GitOps is fast, as users can fix any issues that appear with a pull request rather than in the underlying system.

GitOps works with any CI and Git server. It can also use other tools for Git pushes, development and continuous integration. Jenkins X, for example, is an open source tool that works with GitOps to provide CI/CD as well as other automated testing tools designed for cloud-native applications -- specifically in a Kubernetes environment. Other tools, including Bitbucket, GitHub and Amazon Web Services CodeDeploy, can be used in GitOps as well.

The GitOps pipeline
GitOps works using CI and CD to ensure a continuous development workflow within Kubernetes.

Core components of GitOps

GitOps requires a range of core components, including the following three processes:

  • CI/CD. GitOps uses a CI/CD pipeline in automation processes, such as for automating infrastructure updates.
  • IaC. IaC is an IT practice of keeping all infrastructure configurations stored as code. Git tracks all code management changes and uses Git repositories to deliver infrastructure as code.
  • Merge requests and pull requests. MRs and PRs are used in GitOps as a change mechanism for infrastructure updates. These requests are made to review or approve merge commits.

GitOps includes the following core tool or service components:

  • Build server. A build server is software that automates the build of all deployable updates.
  • Container image registry. Container image registries are a collections of repositories that store container images.
  • Container platform. In GitOps, the container platform is designed around Kubernetes.
  • Git hosting service. The hosting service lets users host Git-based projects. For GitOps, this is useful for hosting application code and configuration data. The most common Git hosting services are GitHub and GitLab.
  • GitOps agent. A GitOps agent, also called a reconciliation agent, is software that bridges Git and Kubernetes. It ensures an application running on Kubernetes matches what's in a Git repository.

Uses of GitOps

GitOps can be used for several applications; for example, teams might use it to implement continuous deployment for Kubernetes. Besides enabling an organization to push applications out more quickly, continuous deployment removes the need for any individual deployment management systems.

GitOps can also be used to implement continuous delivery for Kubernetes. Continuous delivery typically enables development teams to build, test and deploy software at a fast pace through incremental updates. Continuous delivery for Kubernetes also enables a continuous integration and runtime pipeline, which should be able to read and write files to Git, update container repositories and load container images.

GitOps also lets an organization use a single tool for controlling infrastructure, enabling version control for changes in configuration files and constant monitoring of changes and send alerts.

GitOps benefits

The underlying Git protocol isn't resource-intensive and is open source. It offers the following additional benefits:

  • Increased productivity through the enablement of CD and deployment.
  • Reliability and security through declarative states, versioned storage, continuous state reconciliation, revert and rollback, and fork features.
  • Standardized workflows centered around Git.
  • A single set of tools.
  • A reduced number of potential variables in infrastructure management.
  • Visibility and a clear change history.
  • Smaller potential attack surfaces.

GitOps disadvantages

Some disadvantages of GitOps, however, include these drawbacks:

  • Teams must look out for broken YAML manifests, in which syntax or object references could be broken.
  • By handling development through a pull approach, teams are limited to using only tools that execute pulls.
  • There's the potential for application programming interface throttling, as GitOps consistently polls Git repositories.
  • Large teams that frequently make updates might push a change at the same time, writing to the same files simultaneously.
  • At scale, matching an environment's desired state to Git is difficult without more tools.
  • GitOps doesn't offer a way to manage authentication or other sensitive data without additional tooling.

GitOps vs. DevOps

GitOps and DevOps are similar sounding portmanteaus, which have equally important similarities and differences.

DevOps is a combination of the words development and operations. It's a collaborative approach to tasks performed by an organization's application development and IT operations teams. Some of the main goals of DevOps are to promote collaboration between development and operations teams and to adopt programmable software development, automation and infrastructure deployment practices.

GitOps is a subset or extension of DevOps that specifically uses the Git tool. One of the main goals of GitOps is to automate the development process and speed up release cadences, which is a shared goal of DevOps. However, GitOps is a paradigm or technique, whereas DevOps is more of a culture or philosophy. GitOps is tied to the use of Git and Kubernetes, whereas DevOps isn't tied to any single tool.

Future of GitOps

Some believe GitOps could be the future of DevOps, as it's both a declarative and a cloud-native approach to configuration management. GitOps is useful in situations when using version control to manage infrastructure and application deployment would otherwise be difficult. GitOps is also useful for continuous deployment automation and for managing hybrid cloud architecture.

A GitOps workflow is helpful for managing modern cloud infrastructure. The operational framework is structured around and based on Kubernetes cluster management. GitOps continues to grow, though, as GitOps software is being developed to function on non-Kubernetes systems.

However, GitOps might not be the right fit for everyone, as not every organization views itself as being reliant on a single tool -- or even just using Git pull requests -- as the most optimal workflow for its infrastructures.

GitOps might not outgrow DevOps, but the methodologies continue to be refined and redefined over time.

Learn how to evaluate GitOps models and how GitOps compares to other development practices.

This was last updated in May 2023

Continue Reading About GitOps

Dig Deeper on Systems automation and orchestration

Software Quality
App Architecture
Cloud Computing
Data Center