GitOps drives new IT infrastructure automation agilities

Swedish bank, Swedbank, satisfies regulators and tests automated infrastructure deployments with GitOps.

By Bethan Williams, Global Consulting Lead, Dell Technologies

In the wake of pandemic-driven disruption, business supply chains have had to reshape and become more digital-first, purpose-driven and customer-focused. Global brands including Nike, Alibaba, PepsiCo, Nestlé, L’Oréal and Covid-19 vaccine manufacturer Johnson & Johnson (J&J) have all adopted new business models and shaken up their supply chain relationships and mechanics.

Key among the most transformational approaches that many of these firms have adopted is GitOps, a set of practices to manage IT infrastructure and application configurations using Git, an open-source version control system.

Taking infrastructure agility to the next level

In a world of continuous delivery and continuous deployment, CIOs now need to think about how they build inherent dynamism and agility into their IT stacks. GitOps can provide that control because it uses a fundamentally different way of describing what the IT stacks should be composed of and how those components should behave. This is known as a “declarative” model. It allows organizations to build an IT system based upon a declaration of what it should do, as opposed to how it should do it.

Traditionally, IT organizations have used a more procedural approach called an “imperative model”, to quickly define sequences of instructions (procedures) that automate away manual tasks. However, operations teams are now discovering these procedures can’t be easily adapted. Most steps would need to be re-sequenced and the current state constantly checked before any action can be taken–rendering what initially seemed simple and quick to create, inflexible, unpredictable and hard to maintain.

As well as circumventing these procedures, GitOps can perform quick fixes. If something in the automation code breaks, we can ‘roll back’ and let the GitOps process take care of correcting the system. Through Git, infrastructure can be version-controlled, audited and even updated using the same push, pull and merge actions that developers use when writing applications.

In fact, with GitOps, no changes go into production without going through the right gates, the right tests and the right governance, which means infrastructure updates are always predictable and quality assured.

Software developers have been using Git to manage application code change for some time. Clearly, there’s a huge benefit to extending GitOps to IT infrastructure management, as well as other aspects of the business.

Unifying processes is also advantageous. By checking infrastructure code into the same repository management tool as developers and aligning infrastructure and software development teams around GitOps, the business can synthesize the same requests from different teams to arrive at one true desired state. In so doing they can prevent drift between desired and actual state.

Real-world implementation

As much as GitOps represents a necessary technical progression, a broader cultural and skills shift is also needed. Embracing GitOps requires commitment from the organization to gain new skills, change its processes and secure consensus on how new services should be built and operated. This is often the “highest friction'” part of an entire GitOps initiative–something Stockholm-headquartered Swedbank would also testify to.

Our Dell Technologies Infrastructure-as-Code (IaC) team has partnered closely with Swedbank over the last two years to assess and implement how and where Swedbank could apply the appropriate levels of automation to its IT services and wider software stack. Operating some 5,000 virtual machines, Swedbank and our Dell team are working closely together to engineer a GitOps-centric infrastructure automation platform for deployments on-premise and in cloud, to support its customer base.

It’s been quite the journey, with more ground to cover. Graciously, Max Ahston, head architect of Digital Banking & IT at Swedbank is keen to share some of his early learnings.

“Real-world implementation can always be challenging. Even when the ambitions and beliefs of software engineers hinge on managing infrastructure through declarative methodologies, statements and tools in a GitOps universe, the reality of the modern stack often requires a mix of techniques. Not every part of today’s IT estate is cloud-native quite yet,” says Ahston.

However, Ahston follows, “Even in these blended real-world environments, we can operate from a foundation built on GitOps, using Continuous Integration and Continuous Delivery methodologies.

“This action enables us to construct different ‘triggers’ for automation to push code towards Git, which in itself initiates a wider pipeline for automation. Overall, even in scenarios where an IT function has started on traditional infrastructure rather than from more programmable software-defined cloud-native ground zero, GitOps paves the way to scale-up opportunities and further ROI.”

In so doing, it can move towards its “desired state,” by triggering and automating changes seamlessly, and safely. The latter is particularly important to Swedbank, a financial services company in a heavily regulated market.

At the banking level, all transactions need to be categorized and managed accurately, while customer data orchestration must be executed with granular accuracy. At the pure IT level, Swedbank has to ensure it builds a functional User Interface (UI), migrates the bank’s codebase accurately and delivers stability across end-to-end services with APIs and portal integration.

By using GitOps to oversee and fix testing concerns relating to the above functions, Swedbank can satisfy regulators by demonstrating it can effectively manage real-world outliers. Under its GitOps-enabled operational purview, the bank can adhere to a secure process framework when deploying applications and infrastructure. Regulators appreciate this due diligence. The same framework controls assets information in its Configuration Management Database (CMDB), without any of the headaches associated with keeping abreast of changes to asset records.

The route to genuine automation

To date, most companies are still doing a lot of simple procedural scripting, spending more time maintaining that automation and falling back on manual effort when they don’t need to. The technology and opportunity to work smarter and better has arrived.

As enterprise IT stacks move to adopt Infrastructure-as-Code and take advantage of the operational flexibility it affords, GitOps can shape the way an enterprise IT stack is able to operate and refocus resources in the face of global disruptions and a constantly changing technology landscape.

With these approaches, we are able to build a future-proof change engine that can ride the wave of the next disruption, instead of fearing it.

Lead photo by Markus Spiske on Unsplash.