GitOps

Overview

GitOps is a deployment template that uses the Git repository to manage applications. The Git repository is the only source for deploying applications in Kubernetes clusters to achieve continuous application deployment and multi-cluster GitOps delivery, meeting requirements such as high-availability application deployment and distribution of system components across clusters. GitOps assumes that each infrastructure is represented as a file in a storage system with versioning functions, and there is an automated process that seamlessly synchronizes modified applications to the operating environment.

This idea can be better implemented based on declarative APIs and control loops in the Kubernetes ecosystem. This system builds on declarative specifications leading to eventual convergence and consistency.

Constraints

Before enabling the configuration management function for a non-Huawei Cloud cluster, ensure that the cluster can pull public network images.

Implementation

• Based on the Git workflow, development and O&M personnel can extend the existing process from application development to deployment, application lifecycle management, and infrastructure configuration. Thanks to the instant availability, customers do not need to maintain the GitOps tool.
• The GitOps plug-in combines the built-in Kustomize with base/overlay artifact organization modes and HelmRelease with valuesFrom/valuesFiles capabilities to meet customers' differentiated configuration management requirements.
• The latest artifact configuration information in the Git repository is synchronized to multiple clusters. Version management and permission control are performed on application release. Release rollback, version iteration control, and audit and tracing are implemented.
• The required infrastructure status is automatically applied to the infrastructure without any manual intervention. The infrastructure is continuously monitored to ensure that it complies with the configuration in the Git repository and works properly.
  Figure 1 GitOps implementation
  

Advantages

• Easy usage: Git is easy to be accepted by developers and easy to integrate without extra learning costs.
• High security: Developers do not need any Kubernetes cluster permission for using GitOps and only need the Git repository permission, ensuring cluster security and reliability.
• High reliability: Version management is implemented for the delivery lists of native Kubernetes resources, Helm Chart resources, and Kustomize resources, facilitating application deployment, incremental changes, and application configuration rollback.
• Continuous application deployment: The application statuses in the Kubernetes cluster and Git repository are automatically synchronized to ensure consistency.

Benefits

• Version management is implemented for the delivery lists of native Kubernetes resources, Helm Chart resources, and Kustomize resources, facilitating application deployment, incremental changes, and application configuration rollback.
• Refined differentiated configurations across clusters and environments:
  • The delivery template of the same application component is reused (for example, one connection pool template of the database for multiple business lines) and serves as the best practice template.
  • Operations are more flexible, such as label/string/version number replacement, dynamic parameter embedding, and patching.