Those are certainly trendy topics. But based on the work I do on an everyday basis helping businesses plan and execute DevOps strategies, I’m noticing a different set of salient trends in the world of DevOps. Although much is being said about how technologies like AI might impact DevOps, the biggest changes I’m seeing right now involve other types of solutions and techniques.

Here’s a look at what I view as the three most important DevOps trends at present, as well as a breakdown of how they are poised to change DevOps tools and processes.

Trend 1: Policy-based management and IaC enable drive DevOps security innovation

Security has always been a priority for most DevOps practitioners. But right now, I’m seeing DevOps teams adopting new strategies in a bid to improve the security of the applications and environments they support.

One large-scale change is greater use of cloud-based policy management as a means of enforcing security best practices in cloud environments. Teams are configuring cloud services and resources using the code-based configuration frameworks that cloud providers support, then scanning the configurations to detect risks.

This approach makes it possible to enforce cloud governance consistently, centrally and automatically. Instead of simply writing governance policies and hoping that engineers remember to follow them when they are configuring cloud resources, businesses are increasingly building automated governance guardrails via policy-based management.

In a similar vein, more and more of the DevOps teams I work with are embracing static code analysis of Infrastructure-as-Code (IaC) templates as a means of detecting risks. As with policy-based management of cloud resources, an IaC-centric approach to infrastructure provisioning makes it possible not just to automate infrastructure management, but also to identify security risks earlier in the development lifecycle.

What’s more, some teams are making use of cloud policy and IaC code scanning as a way of warning each other about security policy changes that might cause an application or service to break. They do this by inserting configuration changes into their code using “audit” mode if their configuration framework supports it, or by simply configuring IaC scanners to flag changes if an audit feature is not available. This allows engineers to detect whether a change might cause a problem for an existing deployment.

This is important because within many organizations, the security team operates separately from application teams. When the two groups lack an efficient way of communicating with each other about changes, they may end up disrupting each other’s operations – an issue I like to call the “right hand/left hand” problem. Configuration scanning provides a systematic way of ensuring that each group is on the same page when it comes time to introduce changes – and the “audit” mode approach provides a grace period that allows time to react before a change actually takes effect.

Trend 2: Doubling down on DevOps automation with GitOps

Another overarching trend that is currently reshaping DevOps is the use of GitOps to make DevOps automation more efficient and consistent.

GitOps is the use of Git (or a similar source control system) to manage automated DevOps workflows. It involves defining configurations using code, then applying them through features like GitHub actions.

When you opt for GitOps, you move DevOps automation controls from individual workstations to centralized source control repositories. The result is the ability to track and manage all automated workflows via a central hub, which increases efficiency and mitigates issues like different engineers working with different versions of the same automation frameworks on their personal desktops.

In addition, GitOps automatically generates records of what has changed and how it has changed, since every action is logged through the source control system. This isn’t exactly documentation in the traditional sense, but it does mean that GitOps comprehensively documents every change – which is beneficial because human engineers tend not to be so thorough when it comes to documenting their actions.

To be sure, GitOps is not without its challenges. Implementing GitOps effectively requires additional skills – namely, expertise with both IaC frameworks and source control systems – that not all DevOps engineers possess. I also notice a tendency on the part of some teams to set up GitOps pipelines, but rely on manual approvals instead of automated actions to trigger changes – an approach that largely undercuts the value of automating pipelines in the first place.

However, these are challenges that teams can solve through education and by fully leaning into GitOps. In addition, techniques like automated testing of GitOps configuration code can help to build teams’ confidence in automations and reduce reliance on manual approvals.

Going forward, expect to see more and more adoption of GitOps techniques among teams seeking to level-up their approach to DevOps automation. Automating individual DevOps processes like software testing and deployment won’t be enough; truly efficient organizations will turn to GitOps as a way of automating their entire DevOps workflows, from end-to-end.

Trend 3: Investing in developer experience

Making software delivery processes more predictable and efficient is merely a step toward the ultimate goal of DevOps, which is to help developers become more productive and satisfied with their jobs.

To that end, I’m noticing a great deal of interest and investment right now in the realm of developer experience. This is playing out through two interrelated types of initiatives.

One is platform engineering, which involves creating DevOps teams who specialize in certain functions – such as network management or security – and designating them to support those functions throughout the organization. This approach reduces cognitive overhead for developers by freeing them from having to handle types of work that are not their main focus. In other words, instead of forcing developers to be DevOps generalists, platform engineering lets different teams focus on doing what they know and enjoy best – leading to greater productivity and higher levels of job satisfaction.

The other major trend currently playing out in the realm of developer experience is developer self-service. This means the ability of developers to obtain the technical solutions they need on-demand, without a complicated procurement process. In most cases, organizations enable self-service by implementing Internal Development Platforms, or IDPs, which host ready-made infrastructure resources and software environments that developers can deploy on a self-service basis.

There are risks inherent in these trends. They require specialized types of skills, and when poorly implemented, platform engineering and IDP solutions can create more problems than they solve. However, when you ensure that your teams have the requisite expertise, and when you deploy a carefully planned IDP that gives developers access to the resources they actually need, you’re likely to see a significant reduction in friction within your organization, and a boost in developer productivity and happiness.

Conclusion

Admittedly, discussing DevOps trends that center on security, automation and developer experience may not be as exciting as debating whether AI will take away DevOps engineers’ jobs. But if you want to know what’s actually changing in the world of DevOps – as opposed to which conversations are most hype-worthy – these are the places to look.

Security, automation and developer experience are also among the domains of DevOps where there is a great deal of opportunity at present to innovate – and, indeed, where adopting new tools and techniques will be critical for organizations that don’t want to be left behind as DevOps evolves.

The post Security, automation and developer experience: The top DevOps trends of 2024 appeared first on SD Times.

The acquisition in part is to strengthen Octopus’ support for Kubernetes, according to the company’s announcement. 

“Octopus is thrilled to welcome Codefresh into the team,” said Paul Stovell, founder and CEO of Octopus Deploy, said in a statement. “We’re adding Codefresh’s considerable technology to empower software teams to deploy freely. It represents a big investment in open source and the Argo project that Codefresh maintains and scales with its enterprise offering.”

The integration of Codefresh into the Octopus platform will provide what the company called in its announcement “unparalleled benefits for software teams, including advanced CD, deployment automation, release orchestration, environment progression, observability and enterprise compliance across all workloads.” 

According to Octopus Deploy, the acquisition will make the company platform and technology the most comprehensive CD solution at scale, bringing CD, CI and GitOps into a unified software delivery pipeline platform.

“We are eager to bring the power of Codefresh’s Continuous Integration and cloud-native GitOps – based on Argo – to Octopus Deploy,” said Raziel Tabib, founder and CEO of

Codefresh, in the statement. “With Codefresh and Octopus, we will elevate the capabilities available to software teams and drive innovation in Continuous Delivery.”

Dan Garfield, co-founder and chief open source officer at Codefresh, said in a statement: “We’re thrilled to find a home in Octopus, where they believe in the community we’ve helped build around Argo and GitOps. We’re going to be able to invest even more in open source and continue to grow Argo and other open-source initiatives with our community partners.”

With the recent closure of Weaveworks, which defined GitOps and created Flux CD, that project and Argo CD remain the two leading open-source efforts for CD, Kubernetes and GitOps, where they are incubating at the Cloud Native Computing Foundation.

The post Octopus Deploy acquires Codefresh, expanding its CI/CD capabilities with GitOps appeared first on SD Times.

According to Richardson, while the company was bringing in over $10 million in revenue, the sales growth wasn’t consistent. The company really needed a long-term investor, and was in the process of being acquired when the deal fell through. 

This follows the recent acquisition of another continuous delivery (CD) company, Armory, whose intellectual property and technology is now owned by Harness. 

In terms of what Weaveworks shutting down means for GitOps, Gopal Dommety, CEO of OpsMx, another CD company in the space, said that though Weaveworks was one of the originators of the idea, it has spread widely across the industry at this point. 

“GitOps is still the right answer for fast, automated, flexible, and secure software delivery and operations,” he said. 

According to Paul Delory, research vice president at Gartner, the industry is “indebted to them for creating this category,” but “clearly that didn’t translate to commercial success.”

Delory attributes this to two main reasons. First, Flux, which is an open-source CD solution for Kubernetes that Weaveworks was sponsoring, was facing strong competition from another open-source GitOps project, ArgoCD. 

“I feel like there was much more interest in ArgoCD of late, which is simpler to use … Functionality-wise, there’s much less daylight between the two products than there used to be,” he said.

Second, it’s possible there’s just not a commercial market for GitOps, even though there’s a lot of hype around this. There are many reasons for this, such as that it’s mainly limited for use with Kubernetes, there is a long setup process before GitOps can even be up and running, and there’s also confusion about who to sell GitOps products to: developers, IT teams, platforms teams, etc. 

Overall, Delory says that the freely available open-source market of GitOps tools makes it hard to justify buying a commercial tool. 

“Even if an IT organization is amenable to your sales pitch, you’re still looking at a long, high-touch sales process while you figure out who in a particular IT organization has the desire and the budget to sign the contract,” he said. “That makes a steady stream of venture capital even more critical, while you wait out these long sales cycles. But VC money is harder to come by right now. As Alexis alluded to in his blog post, Weaveworks couldn’t get its hands on enough capital to sustain itself while its technology and sales efforts came to fruition.”

Many people may also be wondering what the shutdown means for the future of the Flux open source project, since Weaveworks was heavily involved in contributions. 

Chris Aniszcyk, CTO of the CNCF, which is the current home for the project, says that many Flux maintainers have already been hired by other companies and will continue work on the project. 

“CNCF will do our best to notify our member companies to pitch-in when it comes to these situations like we have in the past,” he said. “The CNCF Technical Oversight Committee (TOC) reviews the health of projects often and in cases where a project is forked or is lacking maintainers, we work with our member community. Not so long ago, the Cortex project ran into issues where Grafana forked it and maintainers were moved to focus on that project. CNCF made a call to our members to see if folks can help and AWS and Red Hat stepped in.”

Richardson also said in his LinkedIn post that he was working directly with “several large organizations” to ensure the future of Flux. 

“The story does not end here – our open source software is used everywhere,” Richardson said. 

The post State of GitOps now in Flux as Weaveworks shuts down appeared first on SD Times.

This release brings developers the ability to code and test service with Telepresence, deploy canary releases with Argo, and run production apps with Emissary-ingress. It is available now and free to use for one Kubernetes namespace, and additional namespaces can be achieved for $5 a month. 

“We built Ambassador Cloud to help developers do what they want to do most, which is write great code,” said Richard Li, founder and CEO at Ambassador Labs. “The power of Kubernetes and the tools ecosystem to manage it adds a lot of complexity to the development process. Ambassador Cloud directly addresses the learning curve for developers to master this complexity with ease, allowing them to use their existing tools to simplify how they code, test, ship, and run their Kubernetes workflows from a single pane of glass and with just a few clicks.

Harness announces enterprise Harness GitOps

Harness GitOps enables enterprise continuous delivery workflows for application and infrastructure deployments. With this, teams gain a declarative solution built with enterprise security, governance, and scale. 

Any developer currently working with GitOps workflows can now use important software delivery tools such as continuous integration, feature flags, cost control, deployment verification, drift detection, application sync, and cluster reconciliation. Additionally, this release allows for enterprise features including Open Policy Agent-based governance in order to meet security requirements. 

Ahana unveils new security capabilities 

These new security features have been added to the Ahana Cloud for Presto managed service and include multi-user support for Presto and Ahana, fine grained access control for data lakes with deep Apache Ranger integration, and audit support for all access. These new capabilities come in addition to the one-click integration with AWS Lake Formation.

Notable new features include: 

• Multi-user support for Presto: Data platform admins can manage users without complex authentication files as well as add and remove users for their Presto clusters 
• Apache Ranger support: The open-source plugin allows users to enable authorization in Ahana-managed Presto with Apache Ranger for the Hive Metastore or Glue Catalog queries 
• Audit support: Customers can enable centralized auditing of user access to Ahana-managed Presto clusters for comprehensive visibility

AdaCore launches GNAT Dynamic Analysis Suite

Provider of software development and verification tools AdaCore recently launched a bundle of analysis, testing, verification, and code coverage technologies, GNAT Dynamic Analysis Suite. This is intended to help Ada developers build safe and secure software as well as meet security and quality procedures.

Benefits of this release include the GNATtest automated test- harness generator for Ada; the GNATcoverage tool for analyzing and reporting Ada and C program coverage; sound analysis, test, and verification evidence; and early access to emerging cybersecurity technologies. 

“From decades of experience helping customers build critical software systems, we know that the most successful workflows incorporate multiple approaches to testing,” said Arnaud Charlet, lead of product engineering at AdaCore. “Our new GNAT Dynamic Analysis Suite does just that, integrating in one package our code coverage and unit testing tools, as well as emerging technologies, like fuzz testing, which is on the near-term roadmap.”

Radware extends its cloud application security 

With this extension, Radware has added fully automated API discovery capabilities. This, combined with newly automated security policy optimization, come as a part of the integrated   Application–Protection–as–a–Service solution, which features cloud-based web application firewall, bot management, API security, and DDoS protection. 

“Many organizations are facing a knowledge gap on how to protect their APIs or incorrectly assume an API gateway can provide comprehensive protection. Frequent application changes and faster release cycles are only making this difficult situation worse,” said Gabi Malka, Radware’s chief operations officer and head of products and services. “With our frictionless technology, we take human intervention and error out of the security equation. By automatically discovering undocumented APIs and applying a tailored security policy, we can accurately and effectively protect those APIs and keep them up to date.”

The post SD Times news digest: Ambassador Labs releases latest version of Ambassador Cloud; Harness announces enterprise GitOps; Ahana unveils new security capabilities appeared first on SD Times.

“Today, many Enterprises struggle to deliver their business outcomes with traditional monitoring technology as the majority of legacy tools are incapable of providing holistic business-level observability of a hybrid IT world,” says Mehdi Daoudi, CEO of Catchpoint. “These new capabilities are another important milestone towards empowering IT teams so they can manage the visibility challenges associated with everything hybrid.”

Customers can now perform mesh monitoring to diagnose or fault isolate network-related issues between multiple locations, including ones within an enterprise premise. 

Additional details are available here.

Codefresh announces new GitOps features 

Codefresh launched its new GitOps controller and “current state” dashboard, which makes it easier for developers to install and maintain an ArgoCD instance while the GitOps dashboard offers comprehensive support for ArgoCD’s App of Apps.

“This GitOps controller allows our users to really do GitOps at scale,” said Dan Garfield, Codefresh’s chief open-source officer. “To be able to track changes, drift, and trace everything back to tickets, comitters, and changes means identifying regressions is simple. This gives teams the confidence to deploy more often.”

It offers the ability to make quick visual assessments and provides real-time determination of configuration drift to ensure that deployments are in sync. 

Sopheon releases latest version of Accolade

Sopheon’s latest release of the Accolade innovation management platform connects corporate strategy to portfolio planning and execution processes. 

This release adds new integration capabilities with off-the-shelf integrations of over 100+ third-party systems. 

It also includes a complete product enhancement system that simplifies user feedback and features a new Rich Text formatting of information along with the ability to conditionally show data and other improvements as part of an improved user experience by reducing reliance on external documents.

Snowflake announces support of Unified ID 2.0

Snowflake announced support for Unified ID 2.0 to help organizations easily enrich audience data without sharing users’ personally identifiable information.

Snowflake customers will be able to optimize their data-first advertising strategies by directly activating audiences on any platform that has adopted Unified ID 2.0.

Brands will be able to join purchase data and ad exposure data tied to Unified ID 2.0s, publishers will be able to activate their first-party data with Unified ID 2.0s and data partners will be able to augment data assets of brands and publishers. 

Go 1.17 RC

The Go 1.17 Release Candidate 1 adds support of 64-bit ARM architecture on Windows and the 64-bit MIPS architecture on OpenBSD (the openbsd/mips64 port) now supports cgo.

The new version also adds three small enhancements to the language including conversions from slice to array pointer, “unsafe.Add” and “unsafe.Slice.”

The package unsafe enhancements were added to simplify writing code that conforms to unsafe.Pointer’s safety rules, but the rules remain unchanged.

Go 1.17 is expected to be released in August 2021.

The post SD Times news digest: Catchpoint updates, Codefresh announces new GitOps features, Sopheon releases latest version of Accolade appeared first on SD Times.

OpenShift GitOps provides IT teams with GitOps workflows to use for cluster configuration and application delivery. It is based on the idea of GitOps, which enables developers and operations teams to use a Git repository as a single source of trust. 

According to Red Hat, one of the key benefits of GitOps is the automation of infrastructure and deployment requirements, which leads to faster, more secure, and scalable development.

RELATED CONTENT: GitOps: It’s the cloud-native way

OpenShift Pipelines runs in each step of the CI/CD pipeline in its own container. It allows each step to scale independently, which helps reduce the cost and overhead for running the pipeline. 

Red Hat believes OpenShift Pipelines will provide teams with full control over their delivery pipeline, plugins, and access control without needing to manage a central CI/CD server. 

“With OpenShift GitOps and OpenShift Pipelines, we are working to remove the false wall between developers and IT operations, enabling the teams to work together earlier in the application development process,” said Ashesh Badani, senior vice president of Cloud Platforms at Red Hat. “This not only helps to find and prevent defects more quickly in the software delivery process, but also streamlines the process as a whole by providing increased visibility and security across the lifecycle.”

The post OpenShift GitOps and Pipelines added to reduce DevOps friction appeared first on SD Times.

And it has done its job well. A Fortune Business Insights report released in January of this year projected the size of the DevOps tools market will reach $14.9 million by 2026, noting that in 2018, it was only a $3.7 million market.

Integrations, mostly through APIs, have brought testing, governance and security right into the development pipelines of many organizations, facilitating a “shift left” that has left some developers feeling put upon and more than a bit overwhelmed, though more are buying in to taking on those responsibilities. 

In 2020, we saw DevOps continue to expand into areas such as value streams, GitOps and most recently BizOps.

Value stream management came to software development from the manufacturing world, where eliminating bottlenecks and gaining efficiencies in product delivery were the goal. The same is true in software development, only trickier because the number of moving pieces is greater and the final product isn’t always the same.

After a core group of companies defined and led the market — CloudBees, ConnectALL, digital.ai (which formed this year as the combination of CollabNet VersionOne and XebiaLabs), HCL Software, IBM and Plutora — this year saw a second wave of companies bringing tools to the market even as the number of consulting companies using value streams has increased.

In fact, in a “Predicts 2021” paper released in early October, analysis firm Gartner said that by 2023, 70% of organizations will use value stream management to improve flow in the DevOps pipeline, leading to faster delivery of customer value.

And, in July, VSM DevCon, a virtual training event around value stream management, was launched by D2 Emerge, the parent company of SD Times, and attracted more than 500 attendees. The next event is scheduled for March.

Also in October, a small consortium of companies, led by Broadcom, produced a BizOps Manifesto, which they say is the next evolution of DevOps. Where DevOps has made great strides in tying development more closely to operations, BizOps seeks to do the same thing with development and operations being more closely tied to business outcomes.

The manifesto itself decrees that business outcomes are the primary measure of success for an organization. that business leaders need to make informed technology investment decisions that drive business growth, and that requirements should change frequently based on changes in the market, as well as changes in customer and business requirements.

Meanwhile, GitOps continued to gain traction as organizations derived value from keeping their infrastructure configurations and applications inside their code repositories for greater speed and flexibility of software deployments.

In April, Intuit created Argo CD and it became an incubator project at the Cloud Native Computing Foundation. Red Hat is helping with development and said it is integrating Argo CD with its OpenShift Kubernetes platform. 

Last month, CodeFresh created GitOps 2.0 to provide, in its words, patterns and standards that improve software delivery and reliability. The company said GitOps 2.0 will address an observability gap that existed before, as well as issues of dealing with multiple environments and secrets.

The post DevOps practices continued to morph and expand in 2020 appeared first on SD Times.

According to Steve George, COO of the Kubernetes management platform provider Weaveworks, when you are running applications continuously, operations become a big chunk of the life cycle and the cost to run those applications. “Ultimately you want to improve the development of those applications, that’s why the operations piece is so important,” he said.

GitOps is a new rising force in the industry that is enabling developers to take on more IT operations responsibilities.

What is GitOps?
GitOps was first coined in 2017 by Weaveworks co-founder and CEO Alexis Richardson.
Weaveworks’ definition of GitOps is “a way to do Kubernetes cluster management and application delivery. It works by using Git as a single source of truth for declarative infrastructure and applications. With GitOps, the use of software agents can alert on any divergence between Git with what’s running in a cluster, and if there’s a difference, Kubernetes reconcilers automatically update or roll back the cluster depending on the case. With Git at the center of your delivery pipelines, developers use familiar tools to make pull requests to accelerate and simplify both application deployments and operations tasks to Kubernetes.”

Sven Efftinge, CEO of Gitpod, a development environment solution provider, simplifies the definition as a way to make developers more aware of the operations part or a means to deploying software with a process around it.

Weaveworks’ Davis explained the company first realized GitOps was going to be big when they were working on their SaaS offering, which involves Kubernetes, networking and observability, and someone noticed that if they “pushed a button,” the entire system would “blow away.” So, they pushed the button, and the system “blew away,” but because they had GitOps practices like declarative configuration in place, they were able to get the system back up and running in little time. “That was when we had the realization that there was something to this new cloud-native operational pattern,” she said.

According to Davis, GitOps is best suited for cloud native and scenarios where you have applications with cloud-native architectural patterns like circuit breakers and service discovery.

GitOps and Kubernetes
GitOps is most commonly associated with Kubernetes because applications that are taking advantage of cloud-native patterns work best in a Kubernetes setting, Davis explained. Kubernetes is not mandatory for GitOps, but it does provide key elements for implementing it such as being able to declare a state, add reconcilers and an extensible API.

“Kubernetes is going to be and is the major platform used by enterprises going forward. If you started building an application or operating a large application today, your question has to be why not Kubernetes?” said Weaveworks’ George.

Sheng Liang, co-founder and CEO of Rancher Labs, the enterprise Kubernetes management company, explained that Kubernetes’ ability to declare a state is key because it eliminates risk. “With Kubernetes, everything becomes declarative. You say this is what I want the state of my infrastructure or cloud application to be, and Kubernetes makes it happen. It monitors it on an ongoing basis. If things go bad or something breaks, it does its best to get it back to that desired state, and if it can’t, it alerts you,” he said.

GitOps is a natural extension of this since Git enables developers to store that desired state, and “because the desired state description is a document, you just store it in Git and every time something changes, you just push out the new version. If it goes bad, because Git stores the previous version, you can just go back and then Kubernetes will do whatever it takes to get you back up,” Liang went on to explain. “That is why the declarative way of controlling your infrastructure and deploying applications and using GitOps to manage it is becoming very popular.”

According to Priyanka Sharma, general manager at the Cloud Native Computing Foundation (CNCF), GitOps is to Kubernetes as Git was to Linux. “Kubernetes really unleashes the power of cloud computing, containers, and just building software fast and resiliently, but it’s not going to be super useful if developers can’t use it quickly. GitOps is basically utilizing the Git workflows that every developer is used to,” she said. “Not everyone who is touching Kubernetes is using GitOps, but I know everyone wants to because it would make their life easier.”

GitOps and DevOps
GitOps is also being declared as the “next big thing for DevOps” because of their strong connection. According to Weaveworks’ Davis, while DevOps doesn’t have a concrete set of practices, GitOps does provide a concrete way of doing DevOps.

For instance, Davis explained the top DORA metrics include frequent deployments, shorter lead time, mean time to recover, and change failure rate. “There is a direct correlation between those metrics and GitOps patterns,” she said. GitOps enables self-service for development teams because at the platform layer, you can have developers request the resources they need, provide them in a way that is configured, secure and compliant, and have the ability to roll something back if something goes wrong.

“Folks generally want to have a more reliable way to run and deploy applications. That has always been the driving force behind the whole DevOps and GitOps movement,” said Rancher’s Liang.

Because developers are familiar with Git, it also helps them take a larger operations role. “How many frictions do you create in a developer workflow when you are asking them to do more than ever,” said CNCF’s Sharma. “If you want a developer to take on more operational responsibilities, it’s going to be better if they can do it in a workflow they are used to using. That’s why you need GitOps. It becomes an easy, universal language for developers to understand and thereby start being comfortable running and orchestrating their own containers, or turning on and off cloud computing resources.”

What GitOps is not
The definition of what is and what isn’t GitOps has been one of the more controversial issues around GitOps, CNCF’s Sharma explained. People believe if it doesn’t do x, y or z specifically, then it isn’t GitOps, but that’s just one flavor of GitOps, according to Sharma.

“Anyone who is utilizing the Git workflow to do operations in any way, in my opinion, is GitOps,” she said. “My philosophy is if it is a Git-based workflow making a developer operationalize his or her own code successfully, that is a GitOps workflow.”

Sharma believes a lot of people don’t even know they are using GitOps because they are so used to using Git to check code.”If that is the case, they might not know how much further it can enable them in their Kubernetes journey,” she said.

Gitpod’s Efftinge echoed similar sentiments, saying that DevOps pipelines are typically utilizing GitOps because they are using Git as a central canonical source of truth for everything that is automated. “Basically, you put everything into Git and then from there you drive automation, CI/CD, deployments, and new development,” he said.

However, Weaveworks’ Davis said it is so much more than that. While many emphasize the Git in GitOps, it’s really about the Ops part. “Just like the early days of microservices where we saw businesses trying to take legacy apps and patterns, and stick them into microservices and deploy them… people are starting to take old operational patterns, store them in Git and expect magic,” she explained. “We are pretty adamant that isn’t GitOps. Just because you put something in Git doesn’t make it GitOps. It isn’t actually the central part of GitOps. Ops is the central part of GitOps.”

Git is important because it has certain semantics like an immutable version history, but it needs to be connected to software agents.

Weaveworks’ 4 principles of GitOps are:

1. The entire system is described declaratively
2. The canonical desired system state is versioned in Git
3. Approved changes can be automatically applied to the system
4. Software agents are used to ensure correctness and alert on divergence

“The key cloud-native pattern, which is reconciliation of the fact that you are never done, that things are always correcting themselves, and you always have to respond to change is something that is popularized from Kubernetes,” she said. “The biggest misconception is that people don’t think about the reconciliation loops. And it goes back to cloud native, which is all about constant change so you are constantly reconciling.”

“Kubernetes and cloud native are changing the way we are going to be developing and operating applications and GitOps is speaking to those management practices. In many ways, the future for GitOps is the same for cloud native. It is helping teams take advantage of it. We are right at the beginning of that journey,” Weaveworks’ George added.

The post GitOps: It’s the cloud-native way appeared first on SD Times.

The working group is launching to provide skills, knowledge, and competency when implementing GitOps tools and methodologies. 

“The creation of the GitOps Working Group was driven by the accelerating adoption of GitOps tools and methodologies by users of services from Amazon, Codefresh, GitHub, Microsoft, Weaveworks, and hundreds of other leading global companies that are adopting GitOps. This, combined with the recommendation by the Cloud Native Computing Foundation (CNCF) user community to adopt Flux, made it clear that GitOps is fast becoming the methodology of choice for operating modern cloud native infrastructure and applications,” according to the announcement of the working group. 

RELATED CONTENT: GitOps: It’s the cloud-native way

According to the CNCF, users have seen improvements in productivity, stability, reliability and security when adopting GitOps to their cloud-native environments. 

The working group plans to deliver a vendor-neutral GitOps Manifesto that will clearly define the principles and technical aspects of GitOps. The team hopes to have version 1 of the manifesto completed by March 2021. 

The five principles of GitOps are: 

1. Declarative configuration: All resources are expressed declaratively
2. Version control, immutable storage: Declarative descriptions are stored in a repository like git
3. Automated delivery: The delivery of declarative descriptions are fully automated. 
4. Software agents are used to maintain system state
5. Close loop: Actions are performance between the version control declarative configuration and the state of the system system

As part of the formation of the working group, Weaveworks also announced the Certified GitOps Practitioner program to provide credentials for GitOps concepts, skills and technologies. 

“This program aims to share the GitOps methodology with existing software practitioners, to ensure that the principles of GitOps are transmitted faithfully and that organizations can benefit from all of the benefits GitOps brings to software management practice. Technical staff that complete this program and earn a certification in GitOps will be able to take these best practices into their organization and help transform their teams to improve operations, reliability and speed of delivery,” the company wrote on its website.

The post Amazon, Codefresh, GitHub, Microsoft, and Weaveworks launch the GitOps Working Group appeared first on SD Times.

GitOps is a software deployment model for cloud-native applications that has issues currently needing to be addressed, such as dealing with multiple environments, secrets, and observability. The goal of GitOps 2.0 is to “provide patterns and standards that improve software delivery and reliability.”

Codefresh will work with the community to define those patterns and standardize approaches to delivering software.

The company will offer tooling that provides a detailed view of everything released to a release, control over rollback, and larger aggregate views that make it easy to tell what’s going on across all applications. According to Codefresh, that visibility and control gives teams more confidence in release processes, leading to faster, more reliable deployments.

“The adoption of GitOps 2.0 isn’t an all or nothing endeavor. With this release we’re providing onramps for teams to adopt these practices as quickly as their org allows, and ultimately to support the ideal workflows,” said Dan Garfield, chief technology evangelist at Codefresh.

The post Codefresh launches GitOps 2.0 to solve limitations of GitOps appeared first on SD Times.