Not to muddy the waters with one more prefix in front of ops, GitOps is a newer DevOps paradigm that slants towards the developer. As the names states, GitOps is focused around Git, the source code management [SCM] tool. As a developer, leveraging an SCM is one of the quintessential tools of the trade; allowing for collaboration and more importantly saving your hard work off of your machine.
Modern teams view checking in or committing code as the genesis to start certain processes. For example, checking in code can kick off a build automatically to start confidence building. Software is all about iteration and allowing for rapid iteration focusing on only the changes introduced. GitOps extends practices of SCM into infrastructure and deployment of applications. This definitive piece by Weaveworks is viewed as a manifesto around GitOps pillars. Like any paradigm, there is a combination of culture, processes, and technology. Doing a cursory Google Search on GitOps, Flux, a popular GitOps Engine would be one of the top results. If you have never touched Flux before, this guide will get you started on Flux.
The Road to GitOps
To start, you will need to be leveraging Git. If you are still a little green around Git, GitHub is a great place to house your first GitOps example. The Flux Project itself has a great getting started guide which we will leverage here. To get started, you will need access to your GitHub Account and a Kubernetes Instance. We will take advantage of Homebrew in this example also.
GitHub Prep
Will need to create a personal access token with repository permissions. GitHub has a guide to create this as a reference.
GitHub -> Your Account -> Account Settings -> Developer Settings -> Personal access tokens + Generate new token.
Click Generate token. Make sure to copy down the token that is generated.
The next step is to install the Flux CLI which can leverage Homebrew if using your Mac.
brew install fluxcd/tap/flux
Once installed, can run “flux” in the command line to validate the installation.
Next, you will need to store your GitHub username and token you just created as environmental variables with export.
export GITHUB_TOKEN=<your-token> export GITHUB_USER=<your-username>
With your credentials as environmental variables, if you have an existing Kubernetes cluster you can ship the cluster creation steps.
Kubernetes Cluster Creation
If you don’t have access to a Kubernetes cluster, there are several ways to get a Kubernetes cluster from a public cloud provider to a lightweight local instance such as K3ds. In this example, I will just leverage Amazon EKS. Leveraging EKSCTL, spinning up a cluster is simple.
#Create EKS Cluster eksctl create cluster --name ravi-eks-flux --version 1.20 --region ap-southeast-1 --nodegroup-name standard-workers --node-type t3.large --nodes 1 --nodes-min 1 --nodes-max 2 --node-ami-family AmazonLinux2
With the cluster out of the way, you are ready to start wiring Flux to the cluster and your project.
Flux Installation
Flux has a few concepts and assumptions that your project is leveraging. Flux needs to be installed into your Kubernetes cluster and needs to be configured to manage itself from a Git repository.
The Flux CLI provides a pre-check to validate if the installation will be successful.
flux check --pre
Once the pre-requisite checks pass, you can run the bootstrap command for installation int he cluster and to use GitHub as the SCM.
flux bootstrap github --owner=$GITHUB_USER --repository=fleet-infra --branch=main --path=./clusters/my-cluster --personal
The installation will take a few moments. A new private repository will appear in your GitHub Account. This repository will be used for reconciliation with Flux e.g the declared vs cluster state.
With the fleet-infra repository created, the next step is to clone that repository to your machine to act as the working repository and getting Flux ready for a deployment.
Flux Deployment
The first step towards your Flux Deployment is interacting with the reconciliation repository. The easiest way is to clone that repository on your machine. Note since the recent GitHub password changes in the Summer of 2021, your password can be the personal access token you created for this example.
git clone https://github.com/$GITHUB_USER/fleet-infra cd fleet-infra
Once you CD into the fleet-infra folder, you are ready to create a Flux Manifest on your or a sample app.
Add Repository To Flux
In a more advanced use case blog, a good sample application is Bruno’s Kustomize based application. The first step is to have Flux wire to the source of the application. Make sure to check the branch. In the sample app’s case, will be working off of the main branch.
Bruno’s app: https://github.com/brunoa19/kustomize-sample
flux create source git kustomizesample --url=https://github.com/brunoa19/kustomize-sample --branch=main --interval=30s --export > ./clusters/my-cluster/kustomizesample-source.yaml
Can take a look at the output that was created.
Now you can commit and push the kustomizesample-source.yaml to the fleet-infra repository.
git add -A && git commit -m "Add kustomizesample GitRepository" git push
Can double check in GitHub that the push was successful.
With Flux wired to the source project’s repository, the next step is to give Flux instructions on how to apply the manifests. Since the example project leverages Kustomize, will need to configure Flux to build and apply the Kustomize directory [e.g where the kustomize.yaml is located in your project, in the sample’s case in /base]. Still in the fleet-infra directory:
flux create kustomization kustomizesample --source=kustomizesample --path="./base" --prune=true --validation=client --interval=5m --export > ./clusters/my-cluster/kustomizesample-kustomization.yaml
Similarly, will need to commit and push the Kustomization manifest to the fleet-info repository.
git add -A && git commit -m "Add kustomizesample Kustomization" git push
With the last manifest committed, you can watch the Flux Engine in action.
flux get kustomizations --watch
Looks like kustomizesample has been deployed!
kubectl -n default get deployments,services
GitOps with Shipa – Better Together
GitOps certainly brings a lot of power and capabilities to application development and delivery teams. If you are leveraging Flux, Shipa is a great way to compliment your Flux capabilities. GitOps is certainly an emerging practice and not without its challenges. At Shipa we are dedicated to helping improve developer experience and engineering efficiency. Stay tuned as we have more updates on how Shipa integrates with GitOps practices and tooling.
Cheers,
-Ravi
