[EN] update GitOps #1334
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| @@ -1,31 +1,25 @@ | ||||||||||||||||
| --- | ||||||||||||||||
| title: GitOps | ||||||||||||||||
| status: Completed | ||||||||||||||||
| category: Concept | ||||||||||||||||
| tags: ["methodology"] | ||||||||||||||||
| --- | ||||||||||||||||
|
|
||||||||||||||||
| ## What it is | ||||||||||||||||
|
|
||||||||||||||||
| GitOps is a set of best practices based on [shared principles](https://github.com/open-gitops/documents/blob/release-v1.0.0/PRINCIPLES.md), applied to a workflow that depends on software agents to continuously and automatically reconcile an actual running system with its desired state declared in an immutably versioned state store like Git. | ||||||||||||||||
| These software agents and practices are used to execute a cohesive workflow and extends this practice to applications, infrastructure, and operational procedures. | ||||||||||||||||
|
There was a problem hiding this comment. What does a "cohesive workflow" and "extending it to..." mean? Also, maybe this should go in the "how" section? There was a problem hiding this comment. +1 that this belongs more the how section |
||||||||||||||||
|
|
||||||||||||||||
| ## Problem it addresses | ||||||||||||||||
|
|
||||||||||||||||
| Existing processes for infrastructure configuration management – including scripting and tightly coupled CI/CD – are often error prone and can face challenges such as configuration drift, failed deployments, relying on a system's previous state for success, missing documentation, or unknown development history. | ||||||||||||||||
|
There was a problem hiding this comment.
Suggested change
Broke sentence down for better readability. We have an entry for continuous deployment and delivery. Is linking to one better than to another? There was a problem hiding this comment. Please not introduce 'configuration drift ' as a new term.
Suggested change
|
||||||||||||||||
| Event driven CD does not address drift that may happen independently of CI. | ||||||||||||||||
|
|
||||||||||||||||
| Giving external automation tools credentials to your production systems widens the attack footprint. | ||||||||||||||||
|
There was a problem hiding this comment. When and why would you give credentials your automation tools? Seems like context is missing here. |
||||||||||||||||
| Adopting a GitOps workflow can help alleviate these issues, among several others. | ||||||||||||||||
|
|
||||||||||||||||
| ## How it helps | ||||||||||||||||
|
|
||||||||||||||||
| The GitOps paradigm can be applied to a workflow to help manage applications and cloud system infrastructure. | ||||||||||||||||
|
There was a problem hiding this comment. This doesn't answer the question 'How it helps' - it only says it can be applied. There was a problem hiding this comment. Can we say methodology instead of paradigm? That way, we keep it simple. Paradigm is a little more abstract and confusing. What does applying workflows to apps and infrastructure mean? We probably need to define workflow above (or use another term) to use it here. And to @wojtekidd's point, we'd need to add: "...help manage apps and cloud system infrastructure by...[the how it helps is missing]" |
||||||||||||||||
| It enables organizations several advantages such as better coordination, transparency, stability, and reliability of a system, and faster mean time to recovery. | ||||||||||||||||
|
There was a problem hiding this comment.
Suggested change
There was a problem hiding this comment. Advantages im comparison to what? I think there are many things that create the mentioned advantages. "Simple" CICD does that as well. IMHO the specific advantage of GitOps in comparison to "simple" CICD should be in focus. |
||||||||||||||||
| Direct access to desired state store and continuous reconciliation allows GitOps agents to ensure the current live state of a system matches the desired target state, regardless of when or how any system failure or drift between the two may occur. | ||||||||||||||||
|
There was a problem hiding this comment. Some of what is here, is captured in the Google doc but in simpler language. Can repurpose some of this?
|
||||||||||||||||
| Using GitOps for CD improves security by separation of duty between CI and CD, where CI no longer needs credentials to your live system. | ||||||||||||||||
|
There was a problem hiding this comment. I think you meant CD tools?
Suggested change
|
||||||||||||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm afraid this is really hard to understand for non-technical people. What are workflows and agents? The concept of reconciling a system is also new. Combined with the other two terms makes it really challenging for people not familiar with these concepts to understand what we are talking about. That's why I tried to simplify it in the Google doc to something more like this.
Isn't that the essence of what that means but without all these industry terms? Let's keep it really simple and avoid introducing other technical terms if we don't have to.
This was new in the Google doc, but it feels like it really helps understand what we are talking about. Can we add it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Still, we need to add that the desired state is reflected in a git repository (hence "git"ops), so perhaps
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The fact that the desired state is reflected in a git repo belongs more to the How it help section IMHO