►
Description
DevOps has been the center-piece of transforming the way organizations build and deliver software over the last couple of years. While DevOps adoption is still on the rise and many teams are in the midst of absobring DevOps values and principles, GitOps appears to be the new milepost for these teams. In this keynote, you will learn about how GitOps workflows relate to DevOps movement and how it paves the way toward a successful DevOps adoption
B
Thanks
sarah
I'm
happy
to
be
here
and
welcome
everyone
to
argo
khan.
I
want
to
talk
to
you
today
about
the
journey
that
we
see
a
lot
of
organizations
and
teams
that
we
talk
to
or
taking
from
devops
to
get
out
so
what
problems
they
have
run
into,
that
git
ops
is
really
unblocking
them
and
and
allows
them
to
progress
in
their
adoption
journey,
but
before
we
even
get
to
that,
I
wanted
to
what
levels
a
little
bit
about
what
we
mean
by
device
and
refresh
your
memory.
B
This
is
something
that
most
of
you,
perhaps
all
of
you
are
familiar
with,
given
that
given
the
popularity
of
devops
and
the
statistics
and
numbers
that
we
see
from
number
of
organizations
that
are
adopting
devops
from
various
analysts
and
the
conferences
and
the
reason
for
devops,
the
main
driver
is
that
a
lot
of
organizations
want
to
be
able
to
deliver
better
software,
much
faster,
to
be
able
to
deploy
more
frequently
bring
the
changes
to
to
their
customers,
but
also,
at
the
same
time
maintain
or
increase
the
quality
of
that
software.
B
And
the
reason
for
that
is
that
a
lot
of
us,
regardless
of
what
kind
of
industry
we
are,
including
like
my
company
red
hat,
we
are
usually
three
categories
of
challenges
that
we
face:
we're
either
and
a
traditional
organization
that
have
existed
with
all
their
business
models
and
now
we're
getting
pressure
from
newer
computers
coming
into
the
market
focusing
on
digital
economy,
and
we
have
to
reinvent
ourselves.
Fine
find
new
ways
of
doing
business,
bring
our
our
know-how
and
expertise
and
and
that
computer
advantage
that
we
have.
A
B
Another
category
that
is,
that
are
those
newer
competitors
that
that
the
first
category
of
challenges
are
competing
with
so
smaller
actors,
often
that
yours,
your
software,
is
really
their
competitive
edge,
that's
how
they
are
winning
against
their
competitors.
So
this
is
their
bread
and
butter.
They
have
to
be
able
to
deliver
faster,
otherwise
they
need
to
be
able
to
come
to
market
innovative
solutions
really.
B
Otherwise,
the
large
employees,
the
larger
competitors,
would
take
away
their
market
share
and
the
third
group
of
child.
The
third
group
of
companies
we
see
is
that
which
is
quite
important
in
the
in
the
financial
sector,
for
example,
is
that
the
consumer.
B
Is
changing?
The
users
are
moving.
For
example,
when
you
look
at
a
bank
banking
sector
from
a
web
to
to
mobile
devices
in
europe.
When
you
look
at
this
test,
for
example,
most
of
the
users
do
their
online
banking
through
their
mobile
phones.
They
say
it's
not
on
on
the
internet,
banking,
anymore
and
gradually
there
is
a
move
to
towards
smartwatching
and
applewatch.
B
So,
and
the
financial
organization
needs
to
be
able
to
cater
to
these
new
behavior
users
and
they
have
to
be
able
to
release
software,
and
that
becomes
something
that
that
helps
them
to
to
to
keep
the
customer
to
be
able
to
to
compete.
So,
regardless
of
what
the
driver
is,
what
is
very
common
between
organizations,
regardless
of
their?
B
The
reason
for,
for
that
is
that
they
need
to
become
a
lot
faster
than
they
are
more
agile,
deliver
quicker
with
better
quality
and
that's
how
devops
got
a
lot
of
attention,
because
it's
a
promise
the
way
you're
working.
It's
a
movement
that
really
focuses
specifically
in
in
these
values.
In
solving
this
problem
for
a
lot
of
organizations
and
the
devops
itself,
I'm
not
going
to
define
it
here
again,
you're,
hopefully
familiar
with
that,
but
but
the
gist
of
it
is
really
focused
on
on
collaboration.
Is
it's
not
a
thing?
It's
not
a
process.
B
B
Obviously,
and
there
are
technologies
that
goes
with
that,
and
so
they
all
talk
a
lot
of
the
values
and
and
the
ways
of
working
at
an
abstract
level
and
at
the
same
time,
it
brought
to
the
table
a
list
of
practices
and
principles
to
help
us
realize
these
values.
Continuous
integration,
perhaps,
is
one
of
the
most
famous
practices
that
comes
from
devops
or
most
popular
ones.
B
Automated
testing
version
control,
artifacts,
high
trust
culture
and
a
lot
of
a
lot
of
more
more
practices
with
a
varying
level
of
difficulty
in
in
realizing
them
and
incorporating
them
into
organization
because
of
the
dependencies
that
they
have
on
on
the
organization
culture.
On
the
on
on
the
structure
of
the
organization
and
the
workflows
that
are
in
them
in
the
organization,
most
teams,
a
lot
of
organizations
that
I
speak
with,
and
they
have
quite
often
started
with
continuous
integration.
They
have
perhaps
forgotten.
B
A
B
Is
that
how
do
I
persist?
So
I
know
about
the
values
of
devops.
I
know
about
the
the
practices,
the
principles,
but
what
do
I
do
next?
Where
do
I
go
from
here?
Should
I
pick
a
new
tool
now
or
is
it
a
is?
My
team
needs
to
change
in
a
way
or
do
I
need
to
bring
new
skills
in
the
team?
It's
it's
not
that
prescriptive,
and
that's
one
of
the
problems
like
biggest
barriers
of
adoption,
that
we
see
among
customers
that
they
can't
really
evolve
after
a
certain
level,
because.
B
Devops
is
is
about
values
and
an
abstract
concept
and
is
not
an
a
prescriptive
way
of
achieving
those.
So
if
you
look
at
100
organizations
that
are
adopting
devops,
it's
very
likely
that
you
see
100
different
variants
of
of
devops
adoption,
different,
tooling
different
ways
of
working
different
ways
that
are
more
suited
to
those
organizations
right.
But
the
challenge
is
that
every
single
organization
has
to
go
figure
out.
What
do
they
do
next?
What's
what's
the
next?
B
What
how
the
how
they
should
do
that
and
and
another
shift
that
we
see
alongside
this
happening-
is
that
initially
most
devops
practitioners
are
focused
on
cr,
a
commission
and
that
that's
the
most,
perhaps
obvious,
step
for
bringing
into
the
organization,
but.
B
That
these
organizations
are
just
shifting
their
focus
to
cd,
not
that
they
have
a
solution
for
it,
but
rather
to
raise
the
problems
and
have
racial
maturity
that
are
figuring
out.
So
how?
What
do
we
need
to
do
be
able
to
expand
our
devops
adoption,
a
level
of
automation
that
we
have
and
the
collaboration
and
the
process
changes
into
our
cd
process?
B
Cdb
here
continues:
delivery
focus
on
deployment
delivering
actually
the
application
that
is
produced
to
those
environments
that
it
needs
to
run
into
very
distributed
order
to
to
the
customers,
and
this
is
really
where
we
see
githubs.
Coming
to
the
picture
I
mean
github's
provides
a
quite
a
descriptive
way
of
how
to
implement
cd
as
a
part
of
devops
adoption.
So
it's
you
could
call
it.
B
The
blueprint
of
continuous
delivery
under
the
same
umbrella
as
devops
is
perhaps
a
new
new
buzzword,
but
it's
really
in
one
section
of
really
devops
set
of
practices
and
values
and
what
the
value
provides
a
lot
of
our
customers.
That
is
is
extremely
prescriptive.
It
shows
exactly
what
you
need
to
do
next
and
how
you
need
to
achieve
that.
B
You
probably
hear
that
multiple
times
throughout
this
day,
but
fortunately
I
have
one
of
the
first
sessions,
so
you
might
not
have
heard
this
before,
but
from
the
way
that
we
define
githubs
with
red
hat,
it's
really
a
developer-centric
approach
to
to
continuous
delivery,
and
I
speak
a
little
bit
about
why
developer
centric
in
a
minute.
But
the
idea
is
quite
simple.
Frankly,
the
idea.
A
B
That
you
treat
everything
that
touches
your
application
or
infrastructure
as
code.
This
is
essentially
infrastructure
as
code
practice
of
devops
set
in
a
set
of
different
words.
So
you
treat
everything
is
code.
You
put
everything
inside
your
git
repository
as
a
single
source
of
truth,
so
the
source
of
truth
is
not
your
cluster.
How
your
infrastructure
will
look
like
it
is.
What.
B
I
already
addressed
a
question
that
I
get
asked
quite
often
about
this
doesn't
have
to
be
git;
no,
it
doesn't
have
to
be
good,
but
because
of
the
git
ups
terminology,
I'm
gonna
stick
to
any
version.
Control
will
do
hearing
by
the
way
I
forgot
to
point
out
because
of
this,
the
nature
of
the
session.
B
I
can't
like
pause
to
answer
questions,
but
please
do
go
ahead
and
answer
your
questions
in
the
chat
I'm
going
to
spend
some
time
in
the
end
and
and
try
to
pick
a
few
of
them
at
least
and
answer
and
speak
about
them
and
the
last
part,
and
the
most
important
part
really
is
that
operations
are
driven
through
github's
workflows
and
are
automatically
reconciled
with
the
state
that
you
have
given
people.
What.
B
If
you
need
to
change
on
some
infra
environment,
that
change
might
be
you're
changing
the
cluster
configuration
or
you
are
deploying
a
new
version
of
your
the
image
of
your
application
on
that
environment,
and
that
change
is
represented
by
changing
the
git
repo,
often
in
form
of
pull
requests
reviewed
merged
to
the
repo.
That
is
the
single
source
of
truth.
And
there
are
tooling
employees
that
automatically
reconcile
that
change.
That
operational
change
or
ask
that
is,
that
is
made
on
the
e3
post
automatically
reconcile
onto
those
environments.
B
And
this
is
also
really
the
very
where
we
see
a
distinction.
A
lot
of
the
organization
that
have
started
from
ci
and
tried
to
expand
into
cd
in
their
devops
adoption,
and
they
have
done
so
by
really.
A
B
On
the
same
set
of
processes
and
tooling
that
they
have
for
ci,
and
just
in
the
end
of
that
deploy
to
the
environments
right,
which
realizes
the
first
two
part
of
how
I
define
githubs,
but
it
has
huge
lags
on
the
last
part
of
it,
because
the
ci
process
is
also
essentially
a
workflow
process.
You
fire
and
forget
about
it,
so
you
ask
operationally
for
something
happen:
deliver
the
new
version
of
this
image
to
that
environment
and
see
if
you're,
successful,
yes,
successful,
forget
about
it.
B
I
I
don't
know
anything
more
about
it
in
the
true
definition
of
githubs
and
implementation.
Your
your
tooling
needs
to
make
sure
the
technology
that
is
employed
make
sure
that
the
state
of
your
cluster
is
always
in
sync,
with
the
state
of
the
the
git
repos
that
you
have
in
its
source
of
truth.
So
it's
dramatic
reconciliation
happens
continuously,
and
there
is
actually
an
official
definition
that
just
came
out
of
the
last
kubecon
from
the
the
githubs
working
guru
as
a
part
of
cncn.
B
It's
called
open
get
ups
and
the
website
is
on
the
slide.
Please
go
take
a
look.
There
are
four
and
four
principles
as
a
part
of
git
ups
that
are
kind
of
represented
in
here,
because
three
through
killed
they're,
actually,
four,
that
talk
about
the
same
points
and
they
definitely
encourage
everyone
to
get
involved
in
that
working
group
for
anyone
that
is
interested
in
get
ops.
It's
it's
a
great
forum
for
bringing
use
cases
and
talking
about
the
best
practices
in
that
aspect.
So
how
does
this
work
in
practice?
B
It's
a
quite
simple
and
familiar!
You
have
a
git
repo
that
you
define
what
what
you
expect
the
desired
state
that
you
have
and
those
are
the
30
conflicts
and
what
you,
what
you
declare
inside
of
the
repo.
So
if
you
have
an
application
on
kubernetes,
that's
most
likely
a
deployment,
yeah
or
serious
yeah
or
ingress,
and
things
like
that
and
the
right
hand
side.
You
have
your
infrastructure.
B
If
there's
a
changing
it
that
is
not
available
on
that
infrastructure,
then
it
realizes
that
actualize
it
and
make
sure
that
that
desired
state
is
reflected
on
the
currency
that
becomes
the
current
state
of
your
infrastructure
or,
if
there's
a
change
in
the
right-hand
side
on
the
actual,
the
current
state
doesn't
match
the
desired
state
and
it
can't
roll
it
back
to
the
desires
that
you
haven't
yet,
and
that
is
extremely
powerful
from
a
security
perspective.
So
imagine
that
the
right
hand
side
in
the
cluster
or
infrastructure
there
is
a
breach.
B
Somebody
goes
and
changes
the
image
of
the
deployment
that
you
have
on
your
kubernetes
platform.
Often
in
that
ci
based
implementations
are
of
cd.
That
change
would
go
completely
unnoticed.
You
wouldn't
know
immediately
that
something
has
changed
in
that
aspect
till
there
until
this
is
manifested
in
some
other
way
in
your
in
your
infrastructure
and
that
you
might
realize
that
there
are
some
suspicious
things
happening
as
a
part.
B
Basically,
you
roll
back
to
that
well-known
image
that
you
have
that
you
have
actually
produced
it's,
not
a
raj
image
or
at
least
notify
someone
going
to
find
an
admin
or
someone
to
to
come
and
take
a
look
at
that
and
the
reason
I
said
that
developer
centric,
that
this
is
really
something
that,
like
out
of
it
git
repo
and
the
git
workflow,
is
something
that
all
developers
are
familiar
with.
B
This
is
quite
a
standard
workflow
for
for
most
application
developers,
and
this
is
something
that
is
quite
established
in
many
many
most
organizations.
So
most
organization
is
quite
familiar
with
this
and
and
another
point
another
value
that
again
beyond
security
and
out
of
the
guidel's
workflow
is
a
multi-class
consistency,
and
this
is
really
a
huge
point
that
we
hear
from
a
lot
of
reddit
customers.
That
is
a
huge
pain
point,
most
organizations
that
are
operationalizing
kubernetes.
B
They
are
becoming
quite
comfortable
running
a
lot
of
the
instances,
because
operation
of
grenade
is
becoming
easier
and
easier,
and
if
you
look
at
the
platform
like
openshift
at
red
hat,
installing
and
updating
a
a
cluster
has
become
extremely
easy.
The
consequence
of
that
is
that
a
lot
of
organizations
prefer
to
have
a
lot
of
small,
a
lot
of
instances
of
kubernetes
but
small
clusters
and
the
challenge
that
comes
with.
That
is
how
do
I
keep
all
of
this
in
sync?
B
A
B
A
it
addresses
that
address
solve
that
problem
quite
nicely
for
a
lot
of
customers,
and-
and
this
is
actually
a
lot
of
customers
that
are
looking
for
expanding
their
cd
they're.
Coming
from
this
challenge
of
how
do
I,
how
do
we
ensure
multi-cluster
consistency
at
red
hat?
We
had
we
tried
to
enable
customers
on
top
of
openshift
through.
B
B
If
you
look
at
the
technology
landscape
that
matches
the
devops
landscape
and
you
can
see
a
lot
of
them
in
the
cncf
technology
landscape
and
it's
there
are
fortunately
or
unfortunately,
there's
a
huge
number
of
technology
and
framework
that
are
active
in
this
space,
which
gives
a
lot
of
choice
but
also
makes
it
extremely
difficult
to
find
the
right
path
on
openshift.
B
We
try
to
bring
the
best
upgrade
of
these
technologies
on
the
platform
enable
customers
to
use
that
argo
cd
is
the
core
of
open,
shifted,
apps
and
takedown
as
a
core
of
commission
pythons
that
together
provide
a
device
platform
for
customers
to
be
able
to
implement
github's
workflow
for
for
for
any
communities
platform
really.
B
But
how
does
that
work
in
practice
like
what
what
challenges
within
the
devops
set
option
this?
This
approach
solves
for
customers.
So
if
you
look
at
operation
python,
that
openshift
github
is
the
core
of
the
github's
workflows
on
on
top
of
openshift
to
kubernetes
cluster,
for
for
customers,
with
argo,
cd
being
really
the
engine
of
reconciliation,
fulfilling
the
cd
capabilities
based
on
the
gitoff's
principles
and
tecton
being
the
the
ci
accord,
fulfilling
the
ci
capabilities
of
the
offset
option.
B
When
I
have
built
my
application
only
delivered
to
a
large
number
of
clusters
or
navy
spaces
in
a
consistent
way
and
make
sure
that
I
can
I
I
I
can
recreate
those
environments
at
any
time
I
want,
or
I
can
identify
any
drift-
that's
been
happening
in
those
environments
or
if
you
want
to
look
if
we
want
to
keep
the
clusters
themselves
in
in
a
consistent
shape
with
configuration,
management
and
openshift
has
kubernetes
in
essence,
is
an
extremely
declarative
platform,
but
there
are
still
a
lot
of
configuration
in
it
that
needs
to
happen
at
the
infrastructure
level
within
all
red
hat
and
openshift.
B
They
have
focused
a
lot
to
bring
a
lot
of
those
configuration
also
as
declarative
conflicts
into
the
platform
that
are
applied
to
the
platform.
What
does
that
mean?
If
I
want
to
configure
authentication
on
top
of
openshift?
That's
essentially
a
yaml
that
is
applied
to
the
cluster.
B
If
I
want
to
configure,
if
I
want
to
add
multiple
nodes
to
the
cluster
to
scale
it
up,
that's
another
ammo
that
is
applied
to
the
cluster,
so
that
makes
it
quite
easy
to
manage
the
configuration
of
cluster
itself,
not
just
the
application
using
argo,
cd
and
githus
workflow,
that
that
provides
a
an
extremely
powerful
kind
of
config
combination
for
customers
that
have
multiple
instances
of
kubernetes
and
want
to
bring
consistency
in
managing
configuration
across
those
and
because
all
of
these
cicd
technologies
are
really
focused
on
any
kubernetes
and
certified
distro
like
quite
easily
support
hybrid
cloud
infrastructure
that
many
of
the
customers
have.
B
There
are
actually
a
lot
of
use
cases
that
customers
come
to
us
and
talk
about
the
edge
use
cases.
They
have
software
that
runs
on
age
devices
or
closed
agent.
There
are
thousands
of
them
and
they
want
to
be
able
to
deliver
a
piece
of
application
that
runs
on
that
age
device
in
a
controlled
manner
in
a
consistent
manner
and
by
the
way.
B
Doesn't
have
connectivity
all
the
time,
you're,
looking
at
still
the
same
core
of
openshift
pipes
and
openshift
get
us
to
be
able
to
enable
them
for
application,
delivery
on
on
edge
devices
or
or
comp
or
configuring
the
age
devices
through
a
argo
cd?
There
are
fleet
management
and
multi-cluster
management
use
cases.
So
we
always
imagine
that
the
gdos
workflow
applies
to
when
you
have
an
infrastructure
and
you
perhaps
you
have
a
kubernetes
cluster.
You
want
to
deploy
an
application
on
it.
B
B
Day,
zero,
we
don't
have
any
cluster.
How
do
I
point
at
a
git,
repo
and
out
of
nothing?
I
have
suddenly
a
kubernetes
that
is
up
and
running
and
is
brought
to
that
base
configuration
goal
and
configuration
that
we
have
at
our
organization
supply
chain,
security
and
governance
and
compliance
and
another
aspect.
B
Compliance
is
really
as
good
as
the
policies
that
you
have
applied
to
that
cluster,
but
who
is
responsible
for
bringing
the
to
making
sure
that
the
correct
number
of
policies
are
applied
across
the
fleet
to
the
clusters
that
you
have
in
your
organization
and
they
are
looking
at
argo
cd
for
as
a
vehicle
for
delivering
the
policy
combining
that
with
other
products,
email
envelopes
being
another
aspect,
and
there
are
many,
many
more
use
cases
actually
that
incrementally
we
keep
discovering
with
customer
and
because
of
that
like
there
are
more
and
more
integrations
and
and
technologies,
come
to
the
picture
that,
together
with
argo
city
and
take
down,
solve
these
aspects
for
customers.
B
An
example
of
that
is
where
it
had
advanced
cluster
management
that
integrates
with
argo
cd
to
handle
multi-cluster
management
and
age
devices
all
from
day
zero.
To
day
two
there's:
there's
red
hat
advanced
cluster
security
that
focuses
on
supply
chain,
security
and
governance.
So
we
have
the
policies
delivered
by
argos
city
to
the
cluster,
but
somebody
gotta
verify
those
policies
against
against
defined
policies
to
be
able
to
generate
report,
be
able
to
reject
certain
certain
activities.
A
B
Those
clusters
based
on
those
policies
and
all
of
that
are
taken
care
of
through
advanced
cluster
security
or
advanced
cluster
management,
and
to
take
that
even
beyond
just
kubernetes
clusters,
red
and
ansible
provides
ways
that
we
can
apply
github's
workflows
even
to
layers
underneath
the
kubernetes.
That's
another
question
that
we
get
quite
often,
that
is,
is
github's
really
only
existing
on
the
kubernetes
platform,
and
the
answer
is
really
no
doubt
absolute
workload.
B
I
would
apply
to
any
layer
of
infrastructure
that
you
can't
describe
declaratively,
but
layers
below
kubernetes
are
often
not
that
declarative
and
you
need
to
employ
other
technologies.
Other
tools
that
can
bring
some
level
of
declarative
nature.
Declarativeness
to
to
that
aspect
of
the
infrastructure
and
ansible
is
tool
that
does
a
really
good
job.
Is
that
at
that,
and
combined
with
it
with
the
core
of
the
github
solution
that
we
have?
B
You
can't
even
expand
the
scope
of
the
githubs
from
beyond
just
kubernetes
and
push
it
further
down
in
the
technology
stack
to
to
the
infrastructure
around
that
runs
underneath
and
so
to
give
you
a
little
bit
more
of
a
concrete
example
of
how
this
will
look.
Like
in
an
application
delivery
and
how
these
workflows
look
like
so
in
the
the
ci
part
of
this
background,
is
it
might
be
quite
familiar
with
you,
for,
for
you
is,
is
how.
A
B
Ci
technology
or
ci
workflows
looks
like
you,
have
an
application,
git
repository
that
contains
the
source
of
the
application.
Git
event
triggers
a
pipeline,
some
sort
of
pipeline
openshift
that
would
be
the
takedown
pipeline
and
a
series
of
activities
happens
that
might
actually
be
multiple
pipelines.
B
This
is
quite
a
complex,
complex
step
in
the
middle
that
I'm,
representing
with
a
tiny
icon,
and
the
application
is
often
released
as
a
number
of
container
images
that
go
into
a
major
industry
like
red
hat
way
and
advanced
cluster
security
in
in
in
this
sense
brings
difficult
integration
into
the
ci
process
that
we
can
scan.
B
And
even
like
sign
the
the
images
that
are
produced
to
be
able
to
check
vulnerabilities
cves
and
bring
those
kind
of
security
checks
a
lot
earlier
in
the
process
into
your
ci.
And
when
you
look
at
the
cd
flow,
the
cd
workflow
based
on
the
github
workflow.
That
would
be
a
different.
Quite
often,
it
could
be
the
same,
but
quite
often
a
different
view.
Repository
that
contains
configuration-
and
there
is
argo
cd
in
between
that
is
in
contact
with
the
clusters
that
these
changes
need
to
go
to,
and
it
pushes.
A
A
B
Based
on
that
that
set
up
configuration
damage
you
three
pawn:
they
they
deploy
the
application
on
it
and
decommission
the
cluster
after
that
and
advanced
cluster
management
from
red
hat
is,
is
a
product
that
enables
those
kind
of
variations
of
ci
expanded
to
not
just
the
application,
but
take
it
all
the
way
to
the
cluster
and
also
helps
with
some
aspects
of
compliance,
and
with
that
I'm
going
to.
Thank
you
in
my
session
here
move
to
see.
If
there
are
any
questions
that
I
can
answer
in
the
remaining
time.
C
Yeah,
that
was
amazing.
Thank
you
so
much
for
that,
and
there
are
a
ton
of
questions
in
the
chat
and
so
just
to
keep
us
on
schedule.
Today,
I'd
like
to
invite
you
to
ask
your
questions
in
the
chat
of
cymac
and
he
can
answer
those
directly
for
you
and
then
we're
gonna
jump
to
the
next
one.
It's
been
amazing
having
you
with
us
today.