Observability for GitOps (and Git) is immature 8. Auditing is problematic despite having all information in Git 9. Running GitOps at scale is difficult 10. GitOps and Helm do not always work well monitoring the business metrics of each deployment. Auditing is problematic despite having all information in Git A corollary to the previous point is that just because you have access to the whole deployment GitOps tools can easily answer what Git hash is now deployed into a cluster, but more useful information like what features are present in that environment (and what features are waiting in another

stack instead of just one object. We’ve seen that the desired state is pulled from configuration information that is versioned and stored in an immutable storage system. If there is a difference between GitOps | 20 state representation of the YAML that is deployed to your Kubernetes cluster. The information is stored as a secret on the Kubernetes cluster. Figure 3-2 depicts each of these components. hold back continuous integration of your code. In general, application code and configura- tion information have independent lifecycles. Also, many organizations separate the deployment process into several

repository permissions, branch protection, secure practices for managing and storing sensitive information like API keys and strong passwords, infrastructure access control, multi-factor authentication

cluster. In this tutorial, we’ll run the minimum commands to get a cluster up and running. For information on all kubeadm command-line options, see the kubeadm docs. Part 1: Spin up a Kubernetes Cluster