Setting up Gitops using Truefoundry
GitOps is a method of managing and deploying software applications using a version control system like Git. Think of it as a way to automate and streamline the process of updating and maintaining your applications. The key advantages of using Gitops - specially for production environments are the following:
- Source of Truth: In GitOps, Git repositories serve as the single source of truth for your infrastructure and application configurations. Everything needed to run your app is stored as code in these repositories.
- Version Control: Since everything is in Git, you have a complete history of changes. This makes it easy to track who made changes, revert to previous versions if needed, and collaborate with others.
- Automation: GitOps uses automation tools to continuously monitor your Git repositories. When changes are detected, these tools automatically update your applications and infrastructure to match the new configuration. This ensures that what you have in your Git repository is exactly what is running in your environment.
- Consistency and Reliability: By using Git as the source of truth and automating deployments, GitOps ensures that your environments are consistent and reduces the chance of human error, making deployments more reliable.
- Collaboration: Teams can collaborate more effectively since they can propose changes through pull requests, review code, and discuss potential impacts before deploying.
Truefoundry makes it easy to build and deploy ML models and applications on Kubernetes. While a lot of the focus is on making it easier for developers to interact with Kubernetes, we also wanted to design things in a way so that moving to production doesn't require any additional steps and conforms to the guidelines and guardrails imposed by the Platform / Devops teams. Gitops has been a big theme and is generally preferred for production deployments because of the ease of usage, auditability and the in-place approval process built in.
Truefoundry provides the following features out of the box to make sure its easy to setup Gitops:
Fully declarative configuration management
Truefoundry provides a yaml spec for every deployment made on the platform. This is auto-generated based on the configuration done by the developer / datascientist on the platform - so no-one needs to learn to write YAML spec. There is a yaml spec for cluster, workspace, deployment and even the integrations configuration in truefoundry.
tfy apply command to apply any spec
Any yaml spec can be applied to Truefoundry using the tfy apply command. This command is idempotent - so we can apply it multiple times without any changes. Truefoundry will automatically apply all the changes in the spec and this makes it really easy to move to Git from the UI.
tfy apply -f cluster.yaml
tfy apply -f workspace.yaml
tfy apply -f service.yamldry-run to validate the spec before applying
Truefoundry also support applying a spec in dry-run mode so that we can validate if the spec is correct before applying. This is specially useful to do on PR updates.
Bringing the complete Gitops stack together
We provide a sample github repository comprising of the files organization along with the Github actions that take care of validating and applying the YAML files. This repository: https://github.com/truefoundry/truefoundry-gitops-sample-repository comprises of all the code for a couple of sample clusters.
The files are organized according to the hieracry below:
clusters/
├── cluster1/
│ ├── cluster1.yaml
│ └── workspaces/
│ └── workspace1/
│ ├── workspace1.yaml
│ └── applications/
│ └── app1.yaml
└── cluster2/
├── cluster2.yaml
└── workspaces/
└── workspace1/
├── workspace1.yaml
└── applications/
└── sample-app.yamlAny change in any of the resources requires a PR to be raised which then runs the Github action: dry_run_on_pr.yaml that validates the configuration.
On push to the main branch, the changed files are applied using tfy-apply and this makes sure that the truefoundry state is consistent with the state in the Github repository.
If you are using any other CI system apart from Github actions, feel free to adapt the files here: https://github.com/truefoundry/truefoundry-gitops-sample-repository/tree/main/.github/workflows to your CI system.