GitOps for Fleet Management

source
gitopsfleet-managementdesired-statedevops

A practical guide by Allen Houchins on applying GitOps principles to device fleet management (source).

Core pattern

GitOps for device fleets treats infrastructure configuration as code in git. Device configurations are declared in YAML files, git is the single source of truth, and the system continuously reconciles actual state with desired state — correcting drift automatically.

This is the same reconciliation loop that Kubernetes uses: observe actual state, compare to desired, actuate to close the gap. Applied here not to containers but to physical device fleets.

Key findings

Declarative configuration eliminates drift. All configuration lives in version-controlled repositories. The system enforces desired states and corrects deviations without manual intervention. Configurations scale to thousands of devices without proportional management overhead.

Self-healing through continuous reconciliation. GitOps continuously compares actual vs. desired state. Rollbacks are simple: revert the git commit. This is closed-loop feedback control applied to device management — the same pattern behind every thermostat and Watt’s governor.

Audit trail and separation of duties. Git history records every change, who made it, and when. Different people handle submission, review, approval, and deployment. This inherently satisfies compliance requirements.

Cultural shift required. Adoption demands moving from manual operations to code review workflows, pull request collaboration, and an “automate everything” philosophy. Documentation lives alongside configuration as code.

Fleet GitOps Mode

Fleet v4.65.0 introduced a GitOps mode that puts the UI in read-only. This prevents the classic conflict where UI changes override declared state — ensuring the git repo remains the sole source of truth. This directly addresses the problem of mutable state: wrapping a mutable interface (the UI) with a declarative one (git).

Connections

This article is a real-world instance of desired state systems applied to physical devices. The xettel card 2039290263060046285 captures the core insight: declaring desired state in git and letting the system reconcile automatically solves drift, auditability, and rollback.

The pattern sits between pure software GitOps (Kubernetes) and the more ambitious vision of Continuous Assembly — which extends desired-state reconciliation to full physical assembly, not just device configuration.

From a feedback loop perspective, Fleet’s reconciliation cycle is faster than manual management (hours vs. weeks) but slower than software deployment (seconds). This time difference is a constraint that reshapes pipeline architecture.