Why Argo CD Is the Lifeline of GitOps
Intuit is knee-deep in its busiest time of the year — tax season. But for this titan of tax filing, the ability to meet the demands of millions of customers across a one-month period didn’t just grow overnight inside its own walls.
Intuit relied heavily on open source software to do the job. The company runs hundreds of Kubernetes clusters to meet the demands of its customers, and in doing so, Intuit has also become the number one contributor to Argo CD, a project in the Cloud Native Computing Foundation Incubator.
How did this happen? And almost as importantly, why did this happen? The answer is fairly straightforward — complexity.
“Kubernetes adopters’ maturity has increased. Most organizations are more comfortable operating Kubernetes these days, so they provision a lot of it. With that comes the challenges of how to configure all those clusters. If you configure an app, you used to deploy it to one or two clusters. Now you deploy to 50 clusters. It’s become very complex,” said Siamak Sadeghianfar, product manager for continuous integration/continuous delivery (CI/CD) on Red Hat OpenShift.
Running a single cluster is a big job, but that cluster’s complexity is limited to just itself. One vendor, one management layer, one cluster, most likely one data center or cloud. When clusters start to proliferate, however, a unique challenge arises for administrators: keeping clusters in sync with the standard operating model.
Each individual cluster is its own universe, after all, with its own servers, infrastructure and perhaps even its own Kubernetes distribution and development team. Some companies even deploy a cluster to each individual team within the company. With so many different moving parts, it can be difficult to keep all those clusters in compliance, secure and assuredly safe.
For example, if a malicious actor gets inside a cluster, they can replace container images with their own hacked images, which could include anything from Bitcoin miners to man-in-the-middle attack software to just about anything you could imagine not wanting to have running inside your estate.
This unacceptable breach outcome can be prevented, however, with the careful application of GitOps and Argo CD.
What Is Argo CD?
Argo CD started at Intuit a few years ago when Intuit acquired a startup named Applatix and tasked its team with developing a new self-service developer platform to increase agility and innovation, and reduce complexity. Applatix already had Argo Workflows, a workflow orchestration engine, but during the course of building this new platform, we realized there was a need for a continuous deployment product. Based on cloud native and GitOps best practices and principles, Argo CD was then born to fill that need.
The workflow Argo CD enables has existed for a long time, according to Sadeghianfar, but the key change here is applying it actively to cluster configuration.
Developers have used git as a basis for pushing updates to their applications, Sadeghianfar said. Administrators have been using provisioning software to create scripts for deployments, using git as the location from whence to deploy these assets.
But for managing multiple clusters, the GitOps model is particularly effective, not only because the operations model for Argo CD is so simple and devoid of smart logic.
As Christian Hernandez, technical marketing manager at Red Hat, puts it, Argo CD is not “smart.” In fact, it is purposefully dumb.
Argo CD does two things, and it doesn’t think about them at all — it just does them. First, it pushes the latest YAML from git to your clusters. Second, it pulls the latest YAML from git to your clusters.
Parsing this poetic license a bit, Argo CD goes both ways — it lets you push a Kubernetes configuration change to git, and then automatically makes every cluster it’s connected to use that new YAML file. If a cluster suddenly uses some other YAML configuration file, Argo CD then goes and pulls up the correct YAML file from git directly.
In fact, Argo CD effectively locks the cluster so that it cannot be changed without a git push. Hernandez recounts tales of trying to show a customer how to do something on a cluster, but the second his change hit the cluster from the console, Argo CD immediately erased it and replaced the changed YAML with the original from git. It’s the configuration equivalent of a box with a switch that turns off the switch.
Similarly to git, Argo CD’s simplicity enforces a strict policy: No cluster configuration changes whatsoever can take place without going through git. This adds all the security benefits of git to cluster management with little additional overhead.
For one thing, git is secure by default. Linus Torvalds built an immense number of security benefits built into git at the architectural level. For example, the ID used internally for each file in a repository is actually just a hash of the file itself. Change the file in any way and the ID of the file changes too. Thus, it is impossible to push a stealth change or poison a repository without a record of that change.
Additionally, git is already tied into authentication systems, uses tokens for user identification and keeps an explicit history of every change ever made to any file and a record of who made that change.
By moving all cluster configurations into this central, secure repository, Intuit was able to drastically reduce deployment complexity. As Hernandez puts it, “I am a fan of stupidly simple software. This is why I like our identity management, because it’s so dumb and simple. Argo CD is a mindless CD system. Once you set up Argo, my CD becomes stupid simple. That last mile of CI/CD process is taken care of for me. This is replacing my 800 scripts down into one system that does it all for me.”
Sadeghianfar agreed, saying, “GitOps has started to gain a lot of traction and attention because it is a simple approach to addressing this problem. This evolution that Kubernetes went through with customers has been key. GitOps is not new, but now it’s suddenly become an accelerator for organizations.”
Argo CD is nearing its graduation from the CNCF Incubator, and has gathered a healthy backing of open source developers. Intuit remains the largest contributor to this important project, and Red Hat has increased its participation to take the second spot.
“Intuit strongly believes in open source, and giving back is one of our core values,” said Blixt. “But we are not a vendor. We needed partners to help drive and grow the community, and also someone who could stand behind the enterprise customers who want to deploy this in their environments. Red Hat has a long history of helping drive and grow communities, especially in the cloud native area, and that’s just what we were looking for. They have really stepped up in taking Argo to the next level. They are contributing on every level, working very closely on the engineering side, on product management, on marketing. I am really excited how Red Hat is helping take Argo and the community to the next level.”