aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • Automation
  • Cloud-Native
  • Tools

Add GitOps Without Throwing Out Your CI Tools

  • aster.cloud
  • August 19, 2022
  • 4 minute read

Many teams are hesitant to introduce changes to their CI pipeline to not disrupt the often complex continuous deployment (CD) patterns. GitOps however is more than CD, it provides automation, eliminates unpredictability of configuration drift and enhances security.

Many Continuous Integration (CI) tools claim to do GitOps but what they actually do is Continuous Deployment (CD). Continuous Deployment is not GitOps but GitOps does provide Continuous Deployment and so much more. If you want to do true GitOps, do you have to deprecate all the work you’ve done building out your CI tooling? Read on to find out.


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

CD is not GitOps

Continuous Deployment (CD) is not GitOps. To be true GitOps the following principles as defined by OpenGitOps must be followed.

  • Declarative – A system managed by GitOps must have its desired state expressed declaratively.
  • Versioned and Immutable – Desired state is stored in a way that enforces immutability, versioning and retains a complete version history.
  • Pulled Automatically – Software agents automatically pull the desired state declarations from the source.
  • Continuously Reconciled – Software agents continuously observe actual system state and attempt to apply the desired state.

Continuous Integration (CI) tools easily conform to the first two points, it’s points three and four where they fall short. CI tools typically take a push approach and lack any form of feedback; push and forget.

Push vs Pull

A Continuous Integration pipeline is typically triggered by a merge into the main branch of a Git repository; some form of webhook is called to trigger the start of the pipeline. The repository is cloned into the build system, artefacts are built, pushed to a registry and finally the runtime configuration is pushed to the target environment.

Read More  TiKV + SPDK: Pushing The Limits Of Storage Performance
A continuous integration pipeline - push methodology

This approach works well until changes are directly made to the runtime environment, shortcutting Git and the CI/CD pipeline. The result is that the actual state, running in Kubernetes, no longer matches the desired state, defined in Git. You’ve lost control and configuration has started to drift. There’s no audit trail of who changed what, the changes have not been subject to Policy as Code checks nor peer review. Things are going to get chaotic.

GitOps works in a similar way to the above flow but with some important differences. It does not replace the Continuous Integration tooling, it follows on to provide the Continuous Deployment functionality; sort of CI/GitOps. Continuous Deployment with GitOps differs in that it automatically pulls changes and continually reconciles those changes; not push and forget.

First of all let’s look at a simple scenario where a configuration change is made without requiring the building of an artefact. The change is made in Git via a pull request, policy as code check and peer review. There will not be a trigger for the CI pipeline because nothing requires building. The GitOps agent running on the Kubernetes cluster notices the change merged into the main branch; no requirement to configure webhooks etc. The configuration change is automatically applied to the cluster.

Now let’s see what happens when there’s a source code change requiring an artefact to be built. As before the change is facilitated by the usual workflow of PR, review and merge. This time because the source code was modified, the CI pipeline will be triggered to build, test and push the artefact to the registry. The GitOps agent running on the Kubernetes cluster notices a new image tag available in the registry and updates the configuration in Git with the new image tag; this can be a direct merge into main or via a pull request. The agent applies the new configuration to the cluster resulting in the version being deployed.

Read More  Apple introduces AirPods 4 and the world’s first all-in-one hearing health experience with AirPods Pro 2
A continuous integration pipeline - pull methodology

The pull methodology used by GitOps provides higher levels of automation, reducing the burden on the DevOps team of defining and maintaining pipeline definitions.

Continuous Reconciliation

The differences between push and pull outlined in the previous section are perhaps subtle and ultimately both achieve the same result. I’ve saved the best ‘til last. Continuous Integration tools push the new configuration to the target environment, the pipeline finishes and that’s it. With GitOps the reconciliation between the desired state, stored in Git, with the actual state, running in Kubernetes, is continuous; big difference.

Constant reconciliation diagram flow

Taking the first scenario from the previous section, a simple configuration change. Sometime after the change was completed, either accidentally or maliciously a change is directly applied to the configuration of a Kubernetes entity. The CI tooling is oblivious, the pipeline has finished execution. GitOps, however, is continuously reconciling between desired and actual state, rather like Kubernetes does, the directly applied change affects the actual state, it no longer matches the desired state. GitOps will revert the directly applied change back to the desired state, zero configuration drift, order is maintained and chaos is averted. This significantly improves system maintainability, you know exactly how the environment is configured. There are implications for the security of the environment too, unauthorized changes are just not possible.

GitOps Completes your CI Pipelines

GitOps does not replace your CI pipelines, it enhances them. Providing greater automation, eliminating the unpredictability of configuration drift and enhancing security by preventing unauthorized changes. Retain your investment in your current Constant Integration tooling and use GitOps to provide Constant Deployment. It’s time to switch to CI/GitOps.

Read More  Relaunching Kubernetes Community Days with KCD Africa, Bengaluru

 

 

Guest post originally published on the Weaveworks blog
Source CNCF


For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

aster.cloud

Related Topics
  • CI
  • CNCF
  • GitOps
  • OpenGitOps
You May Also Like
notta-ai-header
View Post
  • Featured
  • Tools

Notta vs Fireflies: Which AI Transcription Tool Deserves Your Attention in 2025?

  • May 16, 2025
View Post
  • Cloud-Native
  • Multi-Cloud

Oracle Expands Multicloud Capabilities with AWS, Google Cloud, and Microsoft Azure

  • September 11, 2024
zedreviews-Apple-iPhone-16-Pro-finish-lineup-240909
View Post
  • Featured
  • Gears
  • Tech
  • Technology
  • Tools

Apple debuts iPhone 16 Pro and iPhone 16 Pro Max

  • September 10, 2024
zedreviews-Apple-AirPods-Active-Noise-Cancellation-240909
View Post
  • Featured
  • Gears
  • Tech
  • Technology
  • Tools

Apple introduces AirPods 4 and the world’s first all-in-one hearing health experience with AirPods Pro 2

  • September 10, 2024
Cloud computing concept image double exposure Digitally Enhanced Smart City Concept with Cloud Computing
View Post
  • Cloud-Native
  • Computing
  • Hybrid Cloud
  • Multi-Cloud
  • Public Cloud

Make Your Business Resilient By Integrating These Best Practices Into Your Cloud Architecture

  • July 29, 2024
Huawei Cloud Cairo Region Goes Live
View Post
  • Cloud-Native
  • Computing
  • Platforms

Huawei Cloud Goes Live in Egypt

  • May 24, 2024
View Post
  • Cloud-Native
  • Computing
  • Engineering

10 Cloud Development Gotchas To Watch Out For

  • March 29, 2024
Storage Ceph
View Post
  • Cloud-Native
  • Data

The Growth Of IBM Storage Ceph – The Ideal Foundation For A Modern Data Lakehouse

  • January 30, 2024

Stay Connected!
LATEST
  • 1
    Just make it scale: An Aurora DSQL story
    • May 29, 2025
  • 2
    Reliance on US tech providers is making IT leaders skittish
    • May 28, 2025
  • Examine the 4 types of edge computing, with examples
    • May 28, 2025
  • AI and private cloud: 2 lessons from Dell Tech World 2025
    • May 28, 2025
  • 5
    TD Synnex named as UK distributor for Cohesity
    • May 28, 2025
  • Weigh these 6 enterprise advantages of storage as a service
    • May 28, 2025
  • 7
    Broadcom’s ‘harsh’ VMware contracts are costing customers up to 1,500% more
    • May 28, 2025
  • 8
    Pulsant targets partner diversity with new IaaS solution
    • May 23, 2025
  • 9
    Growing AI workloads are causing hybrid cloud headaches
    • May 23, 2025
  • Gemma 3n 10
    Announcing Gemma 3n preview: powerful, efficient, mobile-first AI
    • May 22, 2025
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • Understand how Windows Server 2025 PAYG licensing works
    • May 20, 2025
  • By the numbers: How upskilling fills the IT skills gap
    • May 21, 2025
  • 3
    Cloud adoption isn’t all it’s cut out to be as enterprises report growing dissatisfaction
    • May 15, 2025
  • 4
    Hybrid cloud is complicated – Red Hat’s new AI assistant wants to solve that
    • May 20, 2025
  • 5
    Google is getting serious on cloud sovereignty
    • May 22, 2025
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.