GitOps solutions for Kubernetes

Page content

In this post I will compare the GitOps tools for Kubernetes.

Parts of the K8S Gitops series

What is gitops?

GitOps is a way to manage the state of systems, through definitions of the desired state stored in files in a version control system usually Git. With git versioning you can manage your workflow more sourly. If something gos wrong you can rollback easily. There is multiple tools for GitOps in Kubernetes:

  • Argo CD
  • Flux CD
  • Racher Fleet


Flux is described as a GitOps operator for Kubernetes that synchronises the state of manifests in a Git repository to what is running in a cluster. It can watch one single remote repository per installation and it will be able to apply changes only in the namespaces in which its underlying service account has permissions to change.

FluxCD Installation

flux bootstrap git \
  --url=ssh://git@<host>/<org>/<repository> \
  --branch=<my-branch> \

FluxCD Conclusion


  • More security with the namespace based separation
  • There is a built-in solution for secret management.
  • flagger for canary deployment


  • Need to run multiple instance for different namespace control
  • There is no User interface


The basic principles of ArgoCD similar then FluxCD however, what makes it different is the capability to manage multi-tenant and multi-cluster deployments. It can use multiple git repository as source and can control multiple namespace or Kubernetes Cluster.

ArgoCD Installation

kubectl create namespace argocd
kubectl apply -n argocd -f \

ArgoCD Conclusion


  • It has a nice modern web UI
  • It can manage multiple source repository and destination namespace or Kubernetes Cluster.
  • Multiple types of identity providers are supported (OIDC, SAML, LDAP. etc…)
  • Configuration drift detection
  • Argo Rollouts for canary deployment


  • There is no built-in solution for secret management


Fleet is GitOps at scale. Fleet is designed to manage up to a million clusters. It’s also lightweight enough that is works great for a single cluster too, but it really shines when you get to a large scale

Fleet Installation

helm -n fleet-system install --create-namespace --wait \
helm -n fleet-system install --create-namespace --wait \

Fleet Conclusion


  • Fleet is designed to manage many many clusters


  • There is no built-in solution for secret management
  • There is no User interface
  • There is no built-in solution for canary deployment