Monday, February 9, 2026

GitOps – Core Principles

 

GitOps – Core Principles (Important Points)

  • Git as Single Source of Truth

    • All infrastructure and application definitions live in Git

    • Git reflects the desired state

  • Declarative Configuration

    • Define what the system should look like, not how to do it

    • Typically Kubernetes YAML, Helm, Kustomize

  • Automated Reconciliation

    • Continuous comparison of desired state (Git) vs actual state (cluster)

    • Auto-fix drift if they differ

  • Pull-Based Model

    • Cluster pulls changes from Git

    • No direct kubectl apply to production

  • Change via Pull Requests

    • Review, approve, audit before deployment

    • Safer and more controlled

  • Versioning & Rollback

    • Git history = audit log

    • Easy rollback to last known good commit

  • Security & Access Control

    • No human access to production clusters

    • Git permissions define who can change what

  • Collaboration

    • Developers, Ops, SREs collaborate via Git workflows

Imperative vs Declarative Approach (Argo CD Context)

Imperative Approach

  • You tell the system step by step

  • Example:

    • kubectl create

    • kubectl scale

    • kubectl delete

  • Manual and command-driven

  • State lives in the cluster, not Git

  • Harder to track, audit, and rollback

Declarative Approach (GitOps Way)

  • You define the final desired state

  • Example:

    • replicas: 3

    • image: app:v1.4.2

  • Argo CD figures out how to reach that state

  • Git is the source of truth

  • Easy rollback, audit, automation

Argo CD is fully declarative by design

Reconciliation – Meaning (Very Important Concept)

  • Reconciliation = Desired State vs Actual State

  • Argo CD continuously:

    1. Reads desired state from Git

    2. Reads actual state from Kubernetes

    3. Compares both

    4. Fixes differences automatically or flags them

Why it matters

  • Prevents configuration drift

  • Recovers from manual or accidental changes

  • Keeps environments consistent

  • Enables self-healing systems

GitOps Feature Set (Exam / Interview Points)

  • Git as single source of truth

  • Automated reconciliation

  • Pull-based deployments

  • Declarative infrastructure

  • Version-controlled changes

  • Easy rollback

  • Drift detection

  • Strong audit trail

  • Separation of CI and CD

  • Self-service deployments

  • Scalable for large environments

  • Works across multi-cloud and on-prem

  • Enables continuous delivery

Automated Tools Used in GitOps (Key Ones)

  • Argo CD

    • Kubernetes-native GitOps CD

    • Continuous reconciliation

    • Drift detection and auto-sync

  • Flux

    • GitOps operator for Kubernetes

    • Pulls changes from Git automatically

  • Jenkins X

    • GitOps-driven CI/CD for Kubernetes

    • Environment promotion via Git

  • Terraform (with GitOps)

    • Infrastructure as Code

    • Git stores desired infra state

    • Often paired with GitOps workflows

at

RPO and RTO

  RPO — Recovery Point Objective “How much data can we afford to lose?” Simple definition RPO defines the maximum acceptable data loss , ...