Kubernetes GitOps Service

Use GitOps for Kubernetes to Automate Infrastructure and App Deployments

Rafay’s GitOps Service provides infrastructure orchestration and application deployment through multi-stage, git-triggered pipelines.

Download Service Brief

Fully Automated, Zero-Effort Deployments

GitOps is an efficient and effective approach to continuous deployment (CD) that leverages Git as a single source of truth for both infrastructure and applications. By being declarative, it provides for better standardization, enhanced security, and ultimately, improved productivity. With Rafay’s GitOps Service, you can:

Build a multi-stage pipeline for both applications and clusters in minutes

Fully automate deployments and remove error prone, manual steps

Guarantee that the desired state specified in your Git repos are instantly enforced on Kubernetes clusters

Tightly integrate your Kubernetes management solution with GitOps deployment

CD Comparison

Key Capabilities	Description	RafayCD	ArgoCD	FluxCD
SaaS	100% cloud-based service is up and running immediately.	Supported	Unsupported	Unsupported
Application Deployments	Deploy your applications to one or more clusters based on fine grained placement policies and continuous reconciliation.	Supported	Supported	Supported
Application Templates	Templatize applications and dynamically customize them during deployment based on the deployment / environment context.	Supported	Unsupported	Unsupported
Pull from Repos Behind Firewalls	Integrate with private (behind firewall) Git and Helm repositories.	Supported	Unsupported	Unsupported
Deploy to Clusters Behind Firewalls	Deploy to remote clusters operating behind firewalls without requiring any form of inbound access.	Supported	Unsupported	Unsupported
Pipelines	Support for directed acyclic graph (DAG) style pipelines to build complex enterprise CD workflows (instead of dumb, brute-force reconciliation).	Custom, multi-staged	Non-customizable, single stage	Non-customizable, single stage
Conditional Stage Execution	Support for preconditions configured as expressions which are evaluated before a stage is executed.	Supported	Unsupported	Unsupported
Multi-cluster App Deployments	Support for static and dynamic placement policies to select multiple clusters matching cluster labels or k8s style resource selectors.	Supported	Partial	Supported
Non-K8s Deployments	Ability to support non k8s resources in pipeline stages enabling automation of infrastructure provisioning and changes.	Supported	Unsupported	Supported
Drift Detection	Block unauthorized changes to applications deployed on remote clusters	Prevent issues before they occur	Detect with manual healing of drift	Supported
Non-Git Approvals	Ability to incorporate approval stages for one or more users in a pipeline. Execution is blocked until the stage is approved by authorized users.	Supported, Bi-directional	Unsupported	Unsupported
Fleet-wide Blueprint Upgrades	Ability to perform controlled upgrades of blueprints across an entire fleet of clusters	Supported	Unsupported	Unsupported

Create Multiple Pipelines Each with Multiple Stages

Integrated GitOps pipelines in the Rafay KOP can comprise multiple stages. The stages in the pipeline are then executed sequentially one after another. Pipelines in Rafay can either be triggered manually or by updates to a Git repository. For production environments, users can optionally incorporate a manual approval stage in the pipeline to ensure an authorized user has to review and approve the changes before the workloads are automatically updated on remote clusters.

https://rafay.co/wp-content/uploads/2021/04/example_pipeline_job_CROPPED01.png

Instantly Update Clusters & Apps Using GitOps

For environments requiring agile development cycles, users can go from a Git push to an updated application on managed clusters in seconds — 100+ times a day. This is particularly suited for developer environments where updates are very frequent.

https://rafay.co/wp-content/uploads/2021/04/GitOps-Single-Stage.gif

Support for Git or Helm Repositories and Clusters Behind Firewalls

It is a security best practice to not operate an organization’s infrastructure in a flat network where everything can see and access everything else. As a result, it is common for organizations to isolate their Git repositories and their Kubernetes clusters behind separate firewalls. Rafay enables organizations to implement a Zero-Trust security model for GitOps ensuring that changes made to Git repos can be seamlessly propagated to remote clusters operating behind dedicated firewalls in a separate network. Organizations do not have to punch holes in their firewalls or lower their security posture to implement GitOps.

Download the Service Brief

GitOps Service

Use GitOps to declaratively define and manage your K8s and workloads

View Now

Configure GitOps Pipelines with Flexible Triggers

Triggers are external events that start a pipeline job and/or stage. Rafay supports two types of triggers: Webhooks and Cron Job-based Repository Sync. If the Webhook payload satisfies the specified criteria, the pipeline job is started (example below). For Cron Jobs, the sync operation notices that monitored files have been updated and starts the pipeline.

https://rafay.co/wp-content/uploads/2021/04/webhook_trigger_CROPPED01.png

Easily View & Manage Multiple Pipelines

Add, modify, pause, delete, and check the status of any number of pipelines, each with any number of stages. Pipelines are integrated into Rafay’s Kubernetes Operations Platform and therefore seamlessly inherit and follow the configured RBAC and project-based isolation configuration. This ensures a seamless user experience for authorized users and makes security/governance seamless and low burden for organizations by completely eliminating the operational burden of managing yet another product just for GitOps. Every pipeline job’s details are visualized for users, including their start time, status, total run time, and history.

Streamline AI/ML Adoption: Expert Strategies to Conquer IT Hurdles and Accelerate Growth.