GitOps — CD for cloud native apps

What Is It

GitOps is a paradigm for kubernetes cluster management that uses Git as the source of trust for declarative applications and infrastructure

How Is It Different

GitOps Is a Pull-Based Model

  • The majority of CI/CD tools available today use a push-based model. A push-based pipeline means that code starts with the CI system and then continues its path through a series of encoded scripts to push changes to the Kubernetes cluster
  • Pull relates to the Operator installed to the cluster that watches the image repository for new updates

Why Use This Approach

  • GitOps takes full advantage of the move towards immutable infrastructure and declarative container orchestration
  • The approach helps to prevent configuration drift

What Does This Look like

In a pull pipeline, a Kubernetes Operator reads new images from the image repository from inside of the cluster.

At the centre of the GitOps pattern is the Operator/Agent. It monitors the single source of truth (a config repo) that contains deployment manifest and the actual state in the cluster

Separation of Concerns

The pipelines can only communicate by Git updates:

  • Whenever the Operator detects drifts, monitoring and alerting tooling are notified


  • Consistency -> Prod states matches your test environments
  • Reliability -> With Git’s capability to revert/rollback and fork, you gain stable and reproducible rollbacks
  • Developer Experience -> Focus on dev code rather than kubernetes exp (faster onboarding)
  • Standards and Consistency -> One model for apps, Infra and kubernetes changes
  • Enhanced security -> reduced potential to expose credentials outside of your cluster

Argocd in 5 Mins (Example)


To be installed and running

Set Alias

alias k=kubectl

Create Namespace and Install Argocd in Your Local Cluster

k create namespace argocdgit clone docker-development-youtube-series/argo/k -n argocd apply -f argo-cd/install.yaml

View Running Pods

k -n argocd get pods

Set Port Forwarding

k port-forward svc/argocd-server -n argocd 8080:443

Login to the UI


k get pods -n argocd -l -o name | cut -d'/' -f 2
username: admin
password: (result of query)

Deploy Sample App and View in the UI#

k apply -n argocd -f argo-cd/app.yaml

Delete / Cleanup

- k -n argocd delete -f install.yaml
- k delete -n argocd -f app.yaml
- k delete namespace argocd

Useful Tools




Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Scott Griffiths

Scott Griffiths

Engineer, Consultant, Trainer, Learner, SRE, DevOps and Hiker