VSHN.timer #10: GitOps

Welcome to another VSHN.timer! Every Monday, 5 links related to Kubernetes, OpenShift, CI / CD, and DevOps; all stuff coming out of our own chat system, making us think, laugh, or simply work better.

This week we are going to talk about GitOps, the new trend in the world of cloud-first apps and Kubernetes.

1. Our industry is famous for its buzzwords, trends, and hype. But the truth is, people cannot memorize computer industry acronyms anymore. And “GitOps” appears to be just another one of those. The question then is, what is GitOps? Jack Wallen from The New Stack published a great article explaining what GitOps is. TL; DR: “GitOps is centered around using a version control system (such as Git) to house all information, documentation, and code for a Kubernetes deployment, and then use automated directors to deploy changes to the cluster.” Push your changes to your repository, and watch your cluster rebuild itself continuously. But of course there is more than that!

https://thenewstack.io/what-is-gitops-and-why-it-might-be-the-next-big-thing-for-devops/

2. Still not entirely sure about what GitOps is, and how it could be useful to you? Fear not. Weaveworks (credited by The New Stack as the origin of the word “GitOps”) published a extensive GitOps guide, with pretty much all the information you need to understand, apply, verify and advocate for GitOps. At VSHN we use it internally to help us guide our customers towards the Holy Grail Of The Single Source Of Truth™®© and automated deployment. An invaluable resource to bookmark and review every so often!

https://www.weave.works/technologies/gitops/

3. The New Stack article that started this edition mentions very quickly something about “SOC 2 Compliance“. Even more important, according to the founder and CEO of Weaveworks, Alexis Richardson, “in GitOps, we MUST use continuous observation and verification, to enable app & cluster management”. For many regulated industries, like pharma, finance, and government institutions, that also means ensuring continuous compliance, and this article by Dave Farley explains how to achieve precisely that. Through automated CI / CD pipelines, teams can automatically generate audit reports, track human decision making, update documentation, and verify sign-offs. A fantastic resource!

http://www.davefarley.net/?p=285

4. Of course, no amount of validation, continuous integration, or verification will guarantee that you are building the right product (although you might be building the product right!) Jonathan Smart published an excellent piece about making sure that your team builds the right product. Jonathan defines four common anti-patterns found in many “agile” organizations, and how to tackle them: “Local Optimisation & the Urgency Paradox”, “Milestone Driven Predicted Solutions”, “Headless Chickens”, and “Start starting”. Somewhere, right now, a project slows down because of one or many of these anti-patterns. Do not fall into the trap of misreading the Agile Manifesto into something it is not.

https://medium.com/sooner-safer-happier/agility-build-the-right-thing-69d316aeb56b

5. And to finish this edition, the tool of this week comes from none other than the Linux Academy: the list of free courses offered during September 2019 include some GitOps-related ones, such as DevOps Essentials, Git Quick Start, and System Tooling with Go. Excellent content for free! You have just run out of reasons not to implement GitOps in your daily workflows.

https://linuxacademy.com/blog/uncategorized/free-courses-at-linux-academy-september-2019/

Would you like to share other GitOps-related links with us? Are you already using GitOps in your organization? Do you have any best practices you would like to share with the community? Get in touch with us through the form at the bottom of this page, and see you next week for another edition of VSHN.timer.