Getting Started with GitOps
In the fast-paced world of software development, organizations are constantly seeking ways to streamline processes and improve efficiency through automation. The shift from waterfall models to hyper-agile methodologies, coupled with the adoption of microservices architecture, has led to much faster software releases. GitOps has emerged as a powerful approach to enable this rapid deployment cycle, implementing a control-loop pattern often seen in Kubernetes.
GitOps offers a more consistent and reliable way to handle infrastructure and deployment. In this blog, we'll explore what GitOps is, why it's gaining popularity among DevOps teams, and take a closer look at popular GitOps tools like Argo CD and Flux CD.
What is GitOps?
GitOps, a combination of 'Git' and 'Operations', is an approach to continuous deployment for cloud-native applications. It uses Git as the single source of truth for declarative infrastructure and applications. This means storing and managing all configuration files that describe how our application should be deployed and run in Git repositories.
The core principle of GitOps is treating everything - from application code to infrastructure - as code that can be version-controlled and managed using Git. When changes are needed, instead of manually executing commands or scripts, we make changes to our Git repository. A controller then detects these changes and applies them to our infrastructure.
Benefits of GitOps
Consistency and Reliability: With GitOps, the entire system configuration is stored in version control, providing a clear, auditable record of what should be deployed.
Faster Recovery and Easier Rollbacks: In case of issues, rolling back to a previous state is as simple as reverting to a previous commit in the Git history.
Security: Git's central point of control allows for strict access controls and enforced code reviews before changes are applied.
Improved Developer Experience: Developers can use familiar Git workflows to manage infrastructure, bridging the gap between development and operations.
Visibility and Traceability: All changes are recorded in Git, providing a clear record of who changed what and when.
Increased Automation: Pushing changes to Git can automatically trigger deployments, reducing manual work and speeding up processes.
Environment Consistency: GitOps makes it easier to maintain consistency between different environments (development, staging, production).
Increased Productivity: DORA's research suggests teams can ship 30-100 times more changes per day, increasing overall development output by 2-3 times.
Availability: With all configuration data in Git, organizations can easily deploy the same Kubernetes platform across different environments, leading to better availability.
Argo CD vs Flux CD
When implementing GitOps for Kubernetes, two popular tools stand out: Argo CD and Flux CD. Both are excellent choices, but they have some differences. Here's a comparison of their features:
| Feature | Argo CD | Flux CD |
|---|---|---|
| Kubernetes-native | Yes | Yes |
| UI | Rich web-based UI | Capacitor GUI dashboard |
| Multi-tenancy | Built-in | Limited |
| Helm support | Native | Via Helm Operator |
| Kustomize support | Native | Native |
| Sync Mechanism | Automatic sync | Controller-based sync |
| Rollback capabilities | Yes | Yes |
| Health status | Yes | Relies on Kubernetes status |
| Image Updater | Add-on | Built-in |
| Advanced Deployment Strategies | Integrated with Argo rollouts | Supported via Flagger |
Comparison between ArgoCD and FluxCD
In the next section, we will have a look at a quick demo of Argo CD and Flux CD.
Argo CD
In this quick demo of Argo CD we will go through the step-by-step process of Argo CD installation on kubernetes cluster. We will use Argo CD to deploy a sample guestbook application.
Prerequisites
Kubernetes cluster
Kubectl installed and configured.
Configuration of the git repository
Argo CD Installation
To install Argo CD, we need to have a Kubernetes cluster and kubectl installed and configured. You can check out the guide to install kubectl here.
Create a namespace for Argo CD
kubectl create namespace argocd
Install Argo CD
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
Access the Argo CD api server
Port-forward the Argo CD server service
kubectl port-forward svc/argocd-server -n argocd 8080:443
Get the initial password of the admin user to authenticate
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
Use this password to log into the Argo CD UI using username admin at the forwarded port on the localhost, in this example, it is http://localhost:8080
Deploy a sample application - guestbook
To deploy an app, we need to create an Application object. The spec will have information such as the source of the Kubernetes manifests to deploy the application, destination Kubernetes cluster, namespace, and sync policy. You can also provide more image updater specs via annotations. In this example, we are not using an image updater.
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: guestbook
namespace: argocd
spec:
project: default
source:
repoURL: https://github.com/argoproj/argocd-example-apps.git
targetRevision: HEAD
path: guestbook
destination:
server: https://kubernetes.default.svc
namespace: guestbook
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
Create the application
kubectl apply -f application.yaml
After applying the Argo CD application, the Argo CD controller will automatically monitor and apply the changes in the cluster. You can monitor this from the UI or
kubectl get apps -n argocd
Flux CD
In this demo of Flux CD we will understand its installation. We will use flux CD to deploy the ‘fleet-infa’ repository.
Prerequisites
Kubernetes Cluster
GitHub Personal Access Token. If you need help generating GitHub token check out this guide.
Objectives
Bootstrap Flux CD on a Kubernetes Cluster.
Deploy a sample application using Flux.
Customize the application configuration through Kustomize patches.
Install the Flux CLI
The Flux command-line interface (CLI) is used to bootstrap and interact with Flux CD
curl -s https://fluxcd.io/install.sh | sudo bash
Export Your Credentials
Export your GitHub personal access token and username.
export GITHUB_TOKEN=<your-token>
export GITHUB_USER=<your-username>
Check Your Kubernetes Cluster
Ensure your cluster is ready for Flux by running:
flux check --pre
Flux Installation
To bootstrap using a GitHub repository, run:
flux bootstrap github \
--owner=$GITHUB_USER \
--repository=fleet-infra \
--branch=main \
--path=./clusters/my-cluster \
--personal
Clone the Git Repository
Clone the fleet-infra repository to your local machine:
git clone https://github.com/$GITHUB_USER/fleet-infra
cd fleet-infra
Add podinfo Repository to Flux
Create a git repository manifest pointing to the podinfo repository’s master branch:
flux create source git podinfo \
--url=https://github.com/stefanprodan/podinfo \
--branch=master \
--interval=1m \
--export > ./clusters/my-cluster/podinfo-source.yaml
Commit and push the podinfo-source.yaml file to the fleet-infra repository:
git add -A && git commit -m "Add podinfo GitRepository"
git push
Deploy podinfo Application
Create a Kustomization manifest to deploy the podinfo application:
flux create kustomization podinfo \
--target-namespace=default \
--source=podinfo \
--path="./kustomize" \
--prune=true \
--wait=true \
--interval=30m \
--retry-interval=2m \
--health-check-timeout=3m \
--export > ./clusters/my-cluster/podinfo-kustomization.yaml
Commit and push the podinfo-kustomization.yaml file to the repository:
git add -A && git commit -m "Add podinfo Kustomization"
git push
Watch Flux Sync the Application
Use the flux get command to watch the podinfo app:
flux get kustomizations --watch
Verify the Deployment
Check if podinfo has been deployed on your cluster:
kubectl -n default get deployments,services
GitOps best practices
Git Workflows: Separate application repositories from git workflow repositories. Also, avoid using long-lived branches from different environments.
Simplify your Kubernetes files: Use tools like Kustomize and Helm to make your Kubernetes files simpler and easier to manage. Use both together to avoid repeating yourself.
Handle secrets carefully: Do not use your passwords or secrets directly in your Git files even if they are encrypted. Instead, use tools that can fetch secrets when needed.
Separate Build and Deployment Processes: Separate your build process from your deployment process. Let your CI system build and test your app and then let GitOps handle the build and put it in a server.
Ephemeral Environments using GitOps
Ephemeral environments, also known as preview environments, are short-lived environments that allow developers to test and preview changes in a production-like environment before merging them into the main branch.
These environments are typically created automatically when a pull request is opened and destroyed when the pull request is closed.
In the context of Kubernetes, tools like Argo CD and Flux CD can automate the creation and management of ephemeral environments, making it easier to implement this practice in a GitOps workflow. For more information on how to implement preview environments on Kubernetes with Argo CD, check out this guide by Piotr Minkowski.
Conclusion
GitOps is a game-changer for managing infrastructure and applications. It boosts consistency, reliability, collaboration, and workflow. Tools like Argo CD and Flux CD exemplify how GitOps streamlines deployment and enhances efficiency. Our comparison shows the strengths and specific use cases of both tools, highlighting how they make GitOps implementation seamless and effective.
Top comments (0)