GitOps delivers on Kubernetes' vision of declarative ops

By Weaveworks
February 15, 2022

Declarative is a mindset, which is a concept that has been widely involved in cloud native tooling. Kubernetes made declarative possible, but GitOps makes declarative ops a reality. Find out how in this post.

Related posts

Cloud-Native Now Webinar: Containers Kubernetes Management

Kubernetes Security - A Complete Guide to Securing Your Containers

Weave Policy Engine is now Open Source

Making technology systems declarative is a key priority for today’s system architects and platform builders. They leverage Kubernetes to achieve this goal of declarative systems but find that Kubernetes alone isn’t enough. It takes a set of modern practices that start from early in the software supply chain and go all the way to production Kubernetes clusters. In this post we provide an overview of how GitOps allows Kubernetes to easily manage declarative ops.

What is a declarative system?

In a declarative system, the user (usually a Platform Engineer or the like) defines the desired state of the system to start with. From here, a series of commands are executed that take the desired state through a pipeline, and applies it to production.

Infrastructure as Code (IaC) was an early example of a declarative system where the configuration of hardware and software components was implemented by an automation server. Kubernetes is similar, but with the ability to execute more complex declarative deployments thanks to its pluggable architecture, YAML config files, and wide ecosystem of tools to support various pipeline requirements.

Kubernetes made declarative systems possible

One of the fundamental principles of Kubernetes is to make systems declarative.

This means you define the system’s state, and Kubernetes takes care of executing that state. Kubernetes has many smart defaults like replica nodes, and automatic load balancing that enable this declarative approach.

However, many organizations that adopt Kubernetes find themselves missing out on a truly declarative experience. This is because they configure and tweak every part of the system manually in production. This is cumbersome and leads to ‘drift’ where the actual state of the system in production is quite different from its formally declared desired state.

Part of the reason for this is there wasn't an easy way to declare the system as code. Yes, there were YAML files that describe each part of the Kubernetes system, but there wasn’t an easy and scalable way to manage these YAML files, and integrate them with developer workflows early in the pipeline. That’s until we realized the value of Git to do this.

GitOps makes declarative systems a reality

Git is a great place to store Kubernetes YAML files and have them versioned, and moved across the software supply chain. Not just Kubernetes YAML files, Git is also a store for application code unsurprisingly. There is an entire body of best practices that has risen to support this flow, and it’s called GitOps.

GitOps combines application development practices such as collaboration, version control, and CI/CD with infrastructure as code capabilities (via Kubernetes), and delivers end-to-end infrastructure automation. It allows teams to collaborate and bring software faster to market while minimizing outages.

GitOps is about declaring the entire system (infrastructure, networking, and applications) in Git. This is where the state is defined, and Git becomes the single source of truth. In this way GitOps is able to track and manage changes to code in a compliant manner.

GitOps is enabling declarative applications and declarative infrastructure the Kubernetes way. With GitOps, you describe systems with declarative specifications and those specifications eventually form the basis of continuous everything. GitOps combines Git with Kubernetes’ convergence properties and serves as an operating model for developing and delivering Kubernetes-based infrastructure and applications.

Flux as a GitOps agent

Flux is the leading open-source GitOps agent that is closely integrated with the Kubernetes ecosystem of tools. It is a continuous delivery solution that enables developers to automate application delivery pipelines to Kubernetes clusters. Developed initially by Weaveworks, it was later open-sourced to the Cloud Native Computing Foundation (CNCF) special interest group Open GitOps..

Flux reconciles production with Git

Flux works as a Kubernetes controller, continuously monitoring running applications and comparing the live state against the desired target state. Flux automatically ensures that the ​​Kubernetes cluster state matches the desired configuration in Git. Once the state of a ​​Kubernetes system is stored in YAML files in Git, Flux reads the state and applies it to a production Kubernetes environment. This automatic synchronization between a cluster and a version control repository ensures that any changes to the repository are automatically deployed to the cluster.

In addition, any modifications made to the desired state in the Git can be automatically applied in the specified target environments. If the admin needs to make a change to the system, they don't touch the production clusters, instead, they edit a Git repository. Flux notices the change and automatically applies it to production. This is the declarative ops way, the GitOps way.

Flux corrects drift in production

It doesn’t stop here, though. If there is any drift in the cluster (change after deploying), Flux automatically reverts the production cluster back to its original state. This is called a rollback, and is the secret sauce that makes Flux a far better option than any static CI/CD pipeline. With Flux, you can push code rather than containers and build your entire stack with operators in a YAML manifest.

Start building declarative systems with Weave GitOps

Declarative configuration management is one of the key strengths of Kubernetes, in which you define everything as a desired state. This perfectly matches the GitOps approach, allowing Git pull requests to manage infrastructure provisioning and software deployment. When it comes to Kubernetes clusters and GitOps, Flux by Weaveworks is one of the most lightweight platforms to define Kubernetes configuration declaratively. Weave GitOps Enterprise is a ready-made solution that includes Flux and enables declarative ops. If you’ve adopted Kubernetes but are still to experience the power of declarative operations, it’s time to augment your Kubernetes practices with GitOps

Related posts

Cloud-Native Now Webinar: Containers Kubernetes Management

Kubernetes Security - A Complete Guide to Securing Your Containers

Weave Policy Engine is now Open Source

Production-ready Kubernetes - What it Means and how to Achieve it