Loading Posts...

Automated GitOps With Weave Flux On A Kubernetes Cluster

I have been playing around with one of my Kubernetes cluster and this is about the automated GitOps with Weave Flux, which was developed by Weaveworks. Flux enables continuous delivery of container images using version control of the code. Flux ensure the reproducible, auditable and revertible deployment as well as easy revert if required.

Latest, release of the Flux can be found in the official GitHub repository release page. Let’s see how we can deploy Flux in a Kubernetes cluster. Basically, we can deploy Flux with direct binary installation and, using Helm. I focus binary installation in this post and, I will share a different post with a Helm deployment.

I downloaded the 1.18.0, which is the latest at the time of writing this article.

sudo wget -O /usr/local/bin/fluxctl https://github.com/fluxcd/flux/releases/download/1.18.0/fluxctl_linux_amd64

sudo chmod +x /usr/local/bin/fluxctl
fluxctl version
GitOps With Weave Flux installation

I have exported, my GitHub username and repository name as the environment variables.

GitOps With Weave Flux setting up the access

Created separate namespace for Flux and Memcache PODs, named “weave” and, Flux configuration deployment completed with the below command.

fluxctl install \
--git-user=${GHUSER} \
--git-email=${GHUSER}@gmail.com \
--git-url=git@github.com:${GHUSER}/${GREPO} \
--git-path=namespaces,workloads \
--namespace=weave | kubectl apply -f -
GitOps With Weave Flux install fluxctl

Flux” and “Memcached” pods created in the weave namespace

GitOps With Weave Flux weave pod

Read More:

New ssh key should be created in order to access the code repository and below command will generate a key for you.

fluxctl identity --k8s-fwd-ns weave
GitOps With Weave Flux  ssh key

This generated key needed to be added to my GitHub repository, to do that go to the “Settings” of the repository, “Deploy Keys” and add the key.

GitOps With Weave Flux key added

Write access to the repository is preferred and key should be added with a name.

GitOps With Weave Flux write access allowed

In my repository, my workload folder would look like this and my intention here is to deploy two nginx replicas in my “tc-ns” namespace. I have added these folders in the git paths when I install the fluxctl.

GitOps With Weave Flux workload

Flux configurations can be synced as below and my expected pods were running in my “tc-ns” namespace.

fluxctl sync --k8s-fwd-ns=weave
GitOps With Weave Flux  deployed

Workloads can also be listed as below, if you set an environment variable as FLUX_FORWARD_NAMESPACE=weave (weave is the namespace specified for the fluxctl operation you can see it in the above fluxctl installation command), in the below output same command executed in two different ways.

fluxctl list-workloads --k8s-fwd-ns=weave -n tc-ns
GitOps With Weave Flux list workload

To list the images and the current status of the image deployed, below command is used. My deployed image 1.7.9, behind in 265 images.

fluxctl list-images --workload tc-ns:deployment/nginx-deployment
#Basically it follows the below syntax
#fluxctl list-images --workload [namespace]:[deployment]/[deploymentname]
GitOps With Weave Flux image

To release the latest version of the container below release command was issued, it has the user and the commit message with –update-all-images flag

GitOps With Weave Flux release

Now image is in the latest version

GitOps With Weave Flux updated image

Confirmed with my running workload

GitOps With Weave Flux deployment in the namespace

Bizarre Commits To My Repository

In the previous step, I have released the container version and my Fluxctl has the write access to the repository, also it’s a public one. After releasing the new container image to my namespace, I have noticed that there is a commit to the repository from someone else similar to my name, but it was bot me see below output as below.

GitOps With Weave Flux other commit

After dig in to the problem I realize that, I have given to incorrect email id when I was installing Fluxctl and, the given email id is a valid one and has someone else an account with that email Id. I’m not quite sure this is a bug or the expected behavior. This is something I noticed and better to validate the email id when installing the Flux.

Click to rate this post!
[Total: 2 Average: 5]

Aruna Fernando

"Sharing knowledge doesn't put your job at risk - iron sharpen iron" I heard this and it's true.

Get Updates Directly To Your Inbox!

   

Leave a Comment

Loading Posts...