GitOps Best Practices

“GitOps Best Practices” Awedis Keofteian DevOps Engineer at Anghami AWS
UG Leader /awedis

Agenda Using IaC in the wrong way Infrastructure as Code
- IaC What is GitOps How does GitOps work CD Pipeline: Push vs. Pull Model Increasing Security

Oscar’s Story Heard about GitOps Did I Misunderstood the core
concepts? Hmm this coffee tastes really good

Using IaC the wrong way Directly modifying the live environment
Lack of version control No testing or validation Lack of reviews and approvals Directly commits to the master branch Making changes directly to the live production environment Oscar skips the review process and directly applies changes to the production Doesn't perform proper testing or validation of changes before applying

Infrastructure as Code Instead of creating it manually Can be
easily reproduced Infrastructure as Code Network as Code Policy as Code Configuration as Code Security as Code

What is GitOps? Treat Infrastructure Code the same as Application
Code Separate Git Repository for Infrastructure Full CI/CD pipeline for it Automated Process More Transparency Quality IaC Easy Rollback Better Security

How does GitOps work? IaC hosted on Git Repository (Version
Controlled & Collaborated) GitOps Flow Run CI Pipeline Run Automated Tests Create Pull/Merge Request Approve Changes Run CD Pipeline & Deploy

CD Pipeline: Push vs Pull Model Push Deployment Pull Deployment
CI/CD (like Jenkins etc..) Push to Deployment Environment Agent installed in the environment, e.g. in K8s cluster Applies the needed changes to get to desired state Monitors and compares desired state with actual state

CD Pipeline: Push vs Pull Model Push Git Pull Deploy

Increase Security Not everyone has access to the infrastructure (or
K8s Cluster) Anyone can propose changes in the git repository Smaller group can approve the changes (DevOps, SRE etc..) Less Permission to Manage More Secure Environment

Thank you, Questions time Awedis Keofteian DevOps Engineer at Anghami
AWS UG Leader /awedis

GitOps Best Practices

GitOps Best Practices

awedis

More Decks by awedis

Other Decks in Technology

Featured

Transcript

“GitOps Best Practices” Awedis Keofteian DevOps Engineer at Anghami AWS

Agenda Using IaC in the wrong way Infrastructure as Code

Oscar’s Story Heard about GitOps Did I Misunderstood the core

Using IaC the wrong way Directly modifying the live environment

Infrastructure as Code Instead of creating it manually Can be

What is GitOps? Treat Infrastructure Code the same as Application

How does GitOps work? IaC hosted on Git Repository (Version

CD Pipeline: Push vs Pull Model Push Deployment Pull Deployment

CD Pipeline: Push vs Pull Model Push Git Pull Deploy

Increase Security Not everyone has access to the infrastructure (or

Thank you, Questions time Awedis Keofteian DevOps Engineer at Anghami