-
Notifications
You must be signed in to change notification settings - Fork 0
EN_CS_GitOps
somaz edited this page Mar 30, 2026
·
1 revision
Question: Explain GitOps core principles and how ArgoCD automates Kubernetes deployments. Focus on the Declarative approach and the Reconciliation Loop.
| Term | Description |
|---|---|
| GitOps | Operational model using Git as the Single Source of Truth |
| Declarative | Define what the desired state is (not how to get there) |
| Imperative | Issue commands to reach a state step by step |
| Reconciliation | Process of making actual state match desired state |
| ArgoCD | Kubernetes-native GitOps CD tool |
| Flux | CNCF Graduated GitOps tool |
| Sync | Applying Git state to the cluster |
| Self-heal | Auto-restoring Git state when manual changes are detected |
| Principle | Description |
|---|---|
| Declarative | System desired state is declared, not commanded |
| Versioned & Immutable | All changes tracked in Git; rollback anytime |
| Pulled Automatically | Agent continuously monitors Git; auto-deploys on change |
| Continuously Reconciled | Detects drift between actual and desired state; auto-corrects |
Traditional CI/CD:
Git Commit → CI Build → kubectl apply → Kubernetes
Problem: requires kubectl access, Git and live state can diverge
GitOps (ArgoCD):
Git Commit → CI Build → Container Registry
↓
Git Manifest Repo ← ArgoCD polling → Kubernetes auto-sync
Benefit: only Git access needed; Git always = live state
1. Observe → Read Desired State from Git (replicas: 3)
↓
2. Diff → Read Actual State from Kubernetes (running: 2)
Desired ≠ Actual → Out of Sync
↓
3. Act → Run kubectl apply, create 1 Pod
↓
4. Verify → Re-check state (running: 3) → Synced
↓
Repeat (every 3 minutes by default)
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-app
namespace: argocd
spec:
source:
repoURL: https://github.com/example/my-app.git
targetRevision: main
path: k8s/overlays/production
destination:
server: https://kubernetes.default.svc
namespace: production
syncPolicy:
automated:
prune: true # Remove resources deleted from Git
selfHeal: true # Auto-revert manual changes
syncOptions:
- CreateNamespace=true
retry:
limit: 5
backoff:
duration: 5s
factor: 2
maxDuration: 3m# 1. Commit image tag change to Git
git commit -m "Update app to v2.0.0"
git push origin main
# 2. ArgoCD detects change (polling or webhook)
# 3. Preview diff
argocd app diff my-app
# 4. Auto or manual sync
argocd app sync my-app
# 5. Rollback (Git revert → ArgoCD auto-restores)
git revert HEAD && git push origin main| Feature | ArgoCD | Flux |
|---|---|---|
| UI | Rich Web UI | CLI-focused |
| Sync Method | Pull (every 3min default) | Push + Pull |
| Helm Support | Native | Helm Controller |
| Image Auto-update | Image Updater (separate) | Built-in (Image Automation) |
| CNCF Status | Incubating | Graduated |
| Area | Benefit |
|---|---|
| Security | No direct Kubernetes access needed; controlled via Git permissions |
| Reliability | Declarative consistency, self-healing, easy rollback via git revert
|
| Visibility | Web UI for full state, diff preview, real-time health monitoring |
| Collaboration | Git-based code review, PR-based deploy approval, full audit trail |