Ops Automation - GitOps in the Modern Enterprise
As modern enterprises move more towards Kubernetes and its ecosystem of cloud native tooling - all declarative constructs that can be managed as code - the processes for managing infrastructure are evolving that employ similar strategies previously reserved for application development. More on the blog.
In recent years, managing application infrastructure can be managed as code. The days of physically provisioning servers and configuring environments are, for the most part, behind us. That being the case, it’s easy to see the need for new processes that will ensure consistency and stability throughout environments moving forward. In fact, as modern enterprises move more towards Kubernetes and its ecosystem of cloud native tooling - all declarative constructs that can be managed as code - the processes for managing infrastructure are evolving that employ similar strategies previously reserved for application development.
GitOps is an ops automation workflow and set of best practices for managing both infrastructure and deployments for cloud-native applications. Below is an overview of what a GitOps pipeline looks like. We’ll identify the benefits associated with GitOps and then we’ll dig into what an organization must do to effectively adapt GitOps across their organization. For many enterprises, this will require evolution in the skill set of Infrastructure and Operations folks, as well as some cultural changes throughout the organization as a whole.
What is GitOps?
GitOps is a standardized ops automation workflow for how to deploy, configure, monitor, update and manage infrastructure-as-code Kubernetes and all of its components as code - as well as all the applications that run on it.
In GitOps there is a Git repository that contains declarative descriptions of all elements in its currently desired state in the production environment. A process using ops automation ensures that the production environment always matches the described state in the repository.
The principles of GitOps can be summarized as follows:
- The entire system is described declaratively.
- The canonical desired system state is versioned in Git.
- Approved changes can be automatically applied to the system
- Software agents ensure correctness (diffs) and either automatically correct and/or alert on divergence for reconciliation.
A few additional important principles of GitOps bear mentioning. The first is the use of CICD pipelines to roll out infrastructure configuration changes. This prevents the need for developers or other team members from logging into the cluster using the cli
kubectl when making infrastructure changes. The next is the use of declarative configuration. Supported by Kubernetes as well as most of the add-ons and applications in the cloud native ecosystem, the declarative nature by which the infrastructure is configured and manipulated allows for the straightforward comparison of the current infrastructure and that represented by the version in source control. By implementing these principles, several key benefits can be reaped by the organization.
The Benefits of Modern Infrastructure Management Techniques
When GitOps is implemented properly, there are several ways in which an organization can benefit; a few of those are worth mentioning here:
- Stability - The utilization of source control in the context of GitOps allows for versioning of infrastructure code as the infrastructure evolves. While it obviously enables seamless deployment of modifications, it also makes it easy to rollback problematic changes in the event of a failure somewhere along the line. Simply redeploy or rollback to the last stable version of your infrastructure and you are back up and running. This leads to lower time to resolution and, as a result, less interruption to your customers.
- Reproducible and Reliable deployments - Through the use of declarative configuration, it becomes a straightforward process to define the infrastructure in a succinct and readable manner. In the case of GitOps, declarative infrastructure configuration enables an organization to reproduce the same infrastructure over and over in an attempt to scale or to apply the same infrastructure configuration changes across an entire cluster.
Evolving Skill Sets to Meet the Needs of the Modern Enterprise
Understanding the definition of GitOps and the ways in which an organization can benefit, is only half the battle. The other half is ensuring that all personnel within the organization cultivate the necessary skills and understand the culture that must be present for an effective GitOps implementation. To that end, let’s discuss the evolution an organization must undergo in order to successfully implement the model.
Skills for Infrastructure and Operations (I&O)
Years of manual environment configuration and server provisioning have provided Infrastructure and Operations staff with an in-depth understanding of how an environment must be configured for an application to function successfully. That being said, the development landscape today requires everybody to be able to, in a sense, play the role of developer. In other words, coding skills are becoming increasingly valuable for those involved in the adoption of newer methodologies for managing infrastructure. The ability for infrastructure and operations personnel to develop scripts and produce declarative policies is a necessity for achieving ops automation on the level intended by GitOps.
Adoption of the software development lifecycle
Traditionally speaking, operations folks have had little use for the software development lifecycle. In most cases, some form of documentation existed to assist in server setup, and from there it was tweaked and manipulated manually when issues arose.
In the realm of GitOps, however, I&O staff adopt the principles of the software development lifecycle. These principles of design, development, testing, and deployment are applied to the development of resources to produce the entire infrastructure needed to run the application. Additionally, the repo-centric approach of the GitOps model requires operations to familiarize themselves with version control software previously reserved for application development.
Culture Shock: Embrace Automation
Automation can be an uncomfortable word for those involved in server configuration. The fact of the matter is that those with involvement in server provisioning over the past few decades likely feel as if they have manual intervention ingrained in their DNA. Ops automation requires a culture change. No more tweaking a configuration manually outside of the CI/CD process. Everything needs to be done by following the principles set forth by the organization to prevent configuration drift, while ensuring stability and consistency across all environments.
Earlier we made the statement that for ops automation and GitOps to be successful, operations folks would need to begin to adopt some of the skills of the development staff. No developer in their right mind would make an application change directly on a production server itself. This would violate every rule they had ever been taught about the process for application development and producing a high-quality product. With GitOps and ops automation as a whole, the same holds true for operations.
All development organizations are capable of benefiting from the GitOps and ops automation principles that will allow them to streamline the process for infrastructure management. That being said, the path to implementing GitOps successfully requires a commitment from the organization as a whole to embrace the culture change that comes with ops automation. Additionally, I&O personnel must evolve their skill set to include skills previously reserved for developers. These include coding expertise, familiarity with source control software, and an understanding of a defined process for the continuous deployment of code-based infrastructure changes.