View profile

DevOps and Docker Updates - GitOps

You might have heard of it, but in 2017 the term GitOps was born, and has become a way to describe wh

FasterOps: Improving Your Container DevOps Skills

August 5 · Issue #7 · View online
Commentary on tools and techniques I find interesting around Docker, Kubernetes, Cloud Native DevOps, and DevSecOps.

You might have heard of it, but in 2017 the term GitOps was born, and has become a way to describe what a lot of us were already doing: using Git version control systems (GitHub, GitLab, etc.) as a way to manage the dev-to-prod workflow and “infrastructure as code”, and using Git commits as a way to document change, while keeping the history of changes fully documented in repos for the team to see.
Here’s more to get you started on GitOps and Docker!

Getting Started with GitOps
There are a few requirements here. Obviously knowing Git CLI basics and picking a Git server platform (GitHub, Bitbucket, GitLab, and many more) is a first step. Then understand why GitOps is likely better than what you’ve done in the past.
Building infrastructure, deploying code, configuring servers, adding new stuff, changing old stuff…. These are all normal software management tasks, but tracking change is one of the hardest things. Sure we have logs for everything, and change management tools, and ticketing systems, but they all fall short at simple change tracking because they are often complex, don’t track *all changes*, or aren’t available to everyone who needs to see changes. GitOps isn’t Kubernetes specific, but these two overviews will help you understand what we’re talking about:
GitOps what you need to know GitOps what you need to know
GitOps: Dev, with a Dash of Ops! | CloudBees
How Do You Know If You're Doing GitOps?
Like DevOps, there’s not one single way to “do GitOps” nor a single checkoff list of tasks to implement, but let’s make this simple:
If I can determine the state and configuration of your infrastructure (and app code) by looking at Git commit logs, then you’re doing GitOps.
“Did she change the HTTP proxy to sticky sessions on the web front end yet?” - Look at Git logs
“What tests do we run on the API before the container image is uploaded to our registry” - Look at Git
“Did they upgrade the stagning cluster to Docker 19.03 yet?” - Look at Git logs
Sure, you may not have everything fully automated, even though automation is a big part of DevOps and GitOps. Remember that GitOps is more about having observability of change in a common place all the teams can see, and using those commits to kick off changes once you’ve automated things. Having a central place that all your tools connect to, and using that as the single-source-of-truth, is what will enable you to go faster and automate when you want to.
GitOps: 'Git Push' All the Things - The New Stack
Right Now GitOps is New...
Which means it’s not quite plug-and-play. But, most tools already support Git, webhooks, and some automation that will store its configuration in text so you can use Git to track it. It’s up to you to get all those tools setup the way you want.
The Best CI/CD Tool for Kubernetes Doesn't Exist - The New Stack
Why we use Terraform and not Chef, Puppet, Ansible, SaltStack, or CloudFormation
Final Warning: Understand GitOps vs. CIOps
Kubernetes Anti-Patterns: Let's Do GitOps, Not CIOps! - DZone Cloud
The above is a great blog post on the subtle difference between what I’m talking about in this newsletter and what a lot of us end up doing. Once we have CI/CD, we often want to use it to deploy changes to our servers, and we often let people have access to all the tools like docker, kubectl, and terraform to also change our servers and deploy app updates manually via commands. In order to fully adopt GitOps, all deployments and server updates should be happening through declarative YAML/TOML changes in a git repo. Any commands you’re typing other than “apply this YAML in Git” are lost, and outside the GitOps model, so make it your goal to get everything in declarative files and have the system itself react to Git commits of that infrastructure code.
See ya next week,
Did you enjoy this issue?
If you don't want these updates anymore, please unsubscribe here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue
Bret Fisher, Virginia Beach, Virginia, USA