GitOps for complex microservices

Liquid Reply optimises CI/CD pipelines

CI/CD pipelines have a disadvantage

Many organisations use Continuous Integration (CI) and Continued Deployment (CD) pipelines to build and deploy their applications in Kubernetes clusters - and to ultimately make IT resources available faster.

While for a client in the automotive industry CI pipelines were well suited to create immutable artefacts from source code, the use of pipelines for CD had two major disadvantages:

  • The pipelines operated on a "fire and forget" principle: a pipeline did not track deployment artefacts (in this case, cubernet resources) after it expired
  • Adding other applications it became difficult to keep the pipelines in a maintainable condition

Reducing deployment complexity

To make the provisioning of IT resources faster, the client needed to reduce the complexity of service delivery.

Therefore, the client contracted Liquid Reply to achieve improved visibility of the deployment status and to eliminate the perimeter drift that occurs during manual hotfixes.

The client's goals

  • A reduced deployment complexity of highly dynamic micro services
  • The prevention of perimeter drifts
  • Establishing live visibility of deployment status and enabling progressive deployment

A GitOps solution

In collaboration with the client Liquid Reply has therefore implemented GitOps solutions such as Flux and ArgoCD in various projects.

A key challenge was to make the GitOps interoperate with the client's source code repositories. As common in large companies, these were not designed for high interactivity and were not yet part of a dynamic agile system.

Alignment with security requirements

On an organisational level frictional losses arose with GitOps, as this approach requires access to source code repositories from within a productive system, which is often, if not always, prohibited by security requirements.

Liquid Reply supported the client not only in the technological adaptation, but also in the necessary organisational adjustments.

The achievements

By replacing the CD pipelines with Kubernetes proprietary GitOps tools, Liquid Reply has successfully reduced the overall complexity in the client's IT. Visibility and confidence in deployment grew, as did the confidence in the internal IT. Within the organisation, the agreement with the security requirements paved the way for further use of the GitOps paradigm.