RC 1 draft #21
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,49 @@ | ||||||||||||||
| # GitOps Glossary | ||||||||||||||
|
|
||||||||||||||
| This glossary accompanies the [GitOps Principles](./PRINCIPLES.md), and other supporting documents in this repository. | ||||||||||||||
|
|
||||||||||||||
| - ## Break Glass | ||||||||||||||
|
|
||||||||||||||
| The temporary suspension of GitOps principles, often accomplished by pausing automated _Reconciliation_. | ||||||||||||||
| While these principles apply to typical operations, it may at times be necessary to temporarily pause reconciliation, for example during incident management activities. | ||||||||||||||
| In these cases, other modes of operations should be considered (e.g. manual intervention), followed by any necessary updates to the desired state declarations, and finally resuming reconciliation of the system with the updated declarations. | ||||||||||||||
| Pragmatic exceptions to these guiding principles are expected from time to time during the journey toward a system being fully managed by GitOps. | ||||||||||||||
|
|
||||||||||||||
|
There was a problem hiding this comment.
Suggested change
I would remove this because it is not the language used in the principles. The glossary should only include terms in the principles and not act as a place for exploring other ideas like when GitOps should and shouldn't apply. There was a problem hiding this comment. Agree with what you said here #21 (review):
Making minor grammar, formatting and link fixes is ok even after others have reviewed this PR, but I am more comfortable leaving this as-is for now and discussing your point as part of the feedback for RC 1, given that the goal of that is to get wider feedback through an RC/feedback process from the group (including us) and wider community. Otherwise I think we'd need to wait for re-review by everyone on this PR. Instead let's meet the milestone to release RC 1 today. |
||||||||||||||
| - ## Continuous | ||||||||||||||
|
|
||||||||||||||
| By "continuous" we adopt the industry standard to mean that _Reconciliation_ continues to happen, not that it must be instantaneous. | ||||||||||||||
scottrigby marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||
|
|
||||||||||||||
| - ## Declarative Description | ||||||||||||||
|
|
||||||||||||||
| Describing the desired state or behavior of a system without specifying how that state will be achieved, thereby separating configuration (the desired state) from the implementation (commands, API calls, scripts etc.) that actually achieves the desired state described in the declarative description. | ||||||||||||||
|
|
||||||||||||||
| - ## Desired State | ||||||||||||||
|
|
||||||||||||||
| The aggregate of all configuration data for a system form its _Desired State_ which is defined as data sufficient to recreate the system so that instances of the system are behaviourally indistinguishable, but does not include the state of any data stored within the system, eg. user data. | ||||||||||||||
scottrigby marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||
|
|
||||||||||||||
| - ## Drift | ||||||||||||||
|
|
||||||||||||||
| When a system's _Actual State_ changes for any reason other than its versioned _Desired State_ declarations having changed, we say that the system has drifted from its _Desired State_. | ||||||||||||||
scottrigby marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||
|
|
||||||||||||||
| - ## Reconciliation | ||||||||||||||
|
|
||||||||||||||
| The process of ensuring that the _Actual State_ of a system matches its versioned _Desired State_ declarations. | ||||||||||||||
scottrigby marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||
| Contrary to CIops, any divergence between the two will trigger reconciliation, regardless of where changes occured. | ||||||||||||||
| Divergence could be due to the actual state unintentionally _Drifting_ from the desired state declarations, or a new desired state declaration version having been changed intentionally. | ||||||||||||||
scottrigby marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||
|
|
||||||||||||||
| - ## Software System | ||||||||||||||
|
|
||||||||||||||
| We currently understand a software system to include: | ||||||||||||||
|
|
||||||||||||||
| - One or more Runtime environments consisting of resources under management | ||||||||||||||
scottrigby marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||
| - In each Runtime, the management Agents which act on resources according to security policies | ||||||||||||||
scottrigby marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||
| - One or more software Repositories for storing deployable artifacts that may be loaded into the runtime environments, eg. configuration files, code, binaries and packages | ||||||||||||||
|
There was a problem hiding this comment.
Suggested change
There was a problem hiding this comment. I will suggest removing this section and the one about administrators from the glossary in RC1. Not a show stopper. There was a problem hiding this comment. OK, I'll "unresolve" this conversation thread to help remind us to bring up this question during the process of discussing feedback on RC 1 🕐 I believe the question is, "how do we define a 'software system'? Do we include only the mechanical self-contained elements, or does it also include the CD management and human/policy element like in a systems theory point of view?" I think the question is not necessary academic but how we want to define the terms we use in this and supporting documents in OpenGitOps. Needs further WG discussion. |
||||||||||||||
| - One or more Administrators who are responsible for operating the runtime environments ie. installing, starting, stopping and updating software, code, configuration, etc | ||||||||||||||
| - A set of policies controlling access and management of repositories, deployments, runtimes | ||||||||||||||
|
|
||||||||||||||
| - ## State Store | ||||||||||||||
|
|
||||||||||||||
| A system for storing immutable versions of _Desired State_ declarations. | ||||||||||||||
| This state store should provide access control and auditing on the changes to the Desired State. | ||||||||||||||
| Git is the canonical example used as this State Store, and where GitOps derived its name, but but any other system that meets this criteria may be used. | ||||||||||||||
| In all cases these must be properly configured, and special precautions must be taken to comply with requirements set out in the GitOps Principles. | ||||||||||||||
scottrigby marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,74 +1,22 @@ | ||
| # GitOps Principles {{version}} | ||
|
|
||
| GitOps is a set of principles for operating and managing software systems. | ||
| These principles are derived from modern software operations, but are also rooted in pre-existing and widely adopted best practices. | ||
|
|
||
| The [desired state](./GLOSSARY.md#desired-state) of a GitOps managed system must be: | ||
|
|
||
| 1. **Declarative** | ||
|
|
||
| A [system](./GLOSSARY.md#software-system) managed by GitOps must have its desired state expressed [declaratively](./GLOSSARY.md#declarative-description). | ||
|
|
||
| 2. **Versioned and Immutable** | ||
|
|
||
| Desired state is [stored](./GLOSSARY.md#state-store) in a way that enforces immutability, versioning and retains a complete version history. | ||
|
|
||
| 3. **Pulled Automatically** | ||
|
|
||
| Software agents automatically pull the desired state declarations from the source. | ||
|
|
||
| 4. **Continuously Reconciled** | ||
|
|
||
| Software agents [continuously](./GLOSSARY.md#continuous) observe actual system state and [attempt to apply](./GLOSSARY.md#reconciliation) the desired state. | ||
|
There was a problem hiding this comment. I'd like to hear what you think about this section of the PR description above: "items left out of this PR" > "existing principal 5" > "5. Operated in a closed loop"? This is the principle that addresses a feedback loop based on configurations in the desired state and the output of attempts to apply to the actual state. There was a problem hiding this comment. After thinking about it I think I'm more in favor of There was a problem hiding this comment. Sounds like this is not a blocker for RC 1. @williamcaban let's continue to discuss this during the process when we send out RC 1 for feedback for folks. Most likely that will be in the form of a GitHub Discussion ❤️ There was a problem hiding this comment. My concern with How can we phrase it in a way that an There was a problem hiding this comment. WRT leaving principle 5, agree as it might be covered by principle 3. At least I have not found any extremely compelling example not covers by the other principles. The more concise the better. |
||
Uh oh!
There was an error while loading. Please reload this page.