How to install Flux System with Git
Introduction
FluxCD is a popular open-source tool for continuous delivery (CD) in Kubernetes environments. In this tutorial, I will show you how to bootstrap a Flux System for your K8s cluster using Git.
Prerequisites
- A Git repository.
- A running K8s cluster.
- Basic knowledge of Kubernetes.
- Flux CLI installed on your local machine.
Step-by-step Guide
I use a K8s cluster in my Raspberry Pi and my GitHub repository https://github.com/harrytang/k8 for this demo. I also use the SSH key to authenticate with Github. You can also use any other Git service (GitLab, Bitbucket) if they support SSH Key authentication.
-
Clone the repository:
git clone [email protected]:harrytang/k8s.git cd k8s -
Generate SSH key for authentication with Github repository:
ssh-keygen -t ed25519 -C "raspberrypi" -
Add the generated public key to the Github repository as
Deploy Keyswith write access:
-
Run the Flux bootstrap command:
flux bootstrap git \ --components source-controller,kustomize-controller,helm-controller,notification-controller \ --components-extra image-reflector-controller,image-automation-controller \ --url=ssh://[email protected]/harrytang/k8s \ --branch=main \ --private-key-file=./id_ed25519 \ --path=clusters/raspberrypiOr, for signing Flux's commits:
flux bootstrap git \ --components source-controller,kustomize-controller,helm-controller,notification-controller \ --components-extra image-reflector-controller,image-automation-controller \ --url=ssh://[email protected]/harrytang/k8s \ --branch=main \ --private-key-file=./id_ed25519 \ --path=clusters/fusion \ --gpg-key-id=72B2397E541A5D35 \ --gpg-key-ring=./keyring.gpg \ [email protected] \ --author-name=mrgitopsRun
gpg --list-secret-keys --keyid-format=longand look for the key ID, e.g.rsa2048/ABCDEF1234567890whereABCDEF1234567890is the key ID.Run
gpg --export-secret-keys > keyring.gpgto export the GPG keyring. -
Delete the SSH/GPG key:
rm id_ed25519 rm id_ed25519.pub rm keyring.gpg
Testing
We will try to deploy the cert-manager to test the FluxCD system.
-
Create the
cert-managernamespace atclusters/raspberrypi/cert-manager/namespace.yaml:apiVersion: v1 kind: Namespace metadata: name: cert-manager -
Create the
HelmRepositoryatclusters/raspberrypi/cert-manager/repository.yaml:apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: HelmRepository metadata: name: jetstack namespace: cert-manager spec: interval: 24h url: https://charts.jetstack.io -
Create the
HelmReleaseatclusters/raspberrypi/cert-manager/release.yaml:apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: cert-manager namespace: cert-manager spec: interval: 24h chart: spec: chart: cert-manager version: '^1.14.4' sourceRef: kind: HelmRepository name: jetstack namespace: cert-manager interval: 24h values: crds: enabled: true -
Create the
Kustomizationatclusters/raspberrypi/cert-manager/kustomization.yaml:apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - namespace.yaml - repository.yaml - release.yaml -
Commit all changes and check the pods deployed by FluxCD:
git add . git commit -m "feat: adds cert-manager" git push kubectl get pods -n cert-manager NAME READY STATUS RESTARTS AGE cert-manager-7b9875fbcc-mhd7k 1/1 Running 0 1m cert-manager-cainjector-948d47c6-f9b5r 1/1 Running 0 1m9s cert-manager-webhook-78bd84d46b-hxn8v 1/1 Running 0 1m9s
Conclusion
Congratulation! You have successfully bootstrapped the Flux System for your K8s cluster, marking the beginning of your GitOps journey.