Operations¶
Scope
Multi-tenant GitOps operations, Flux controller management, image automation, and troubleshooting.
Deployment¶
Bootstrap¶
# Bootstrap Flux on a cluster (GitHub)
flux bootstrap github \
--owner=myorg \
--repository=fleet-infra \
--branch=main \
--path=clusters/production \
--personal
# Check Flux components
flux check
Multi-Cluster Pattern¶
| Pattern | Strategy | Notes |
|---|---|---|
| Repo-per-cluster | Separate repos | Simple, isolated |
| Mono-repo, path-per-cluster | Single repo, path routing | Centralized |
| Repo-per-team | Team autonomy | Multi-tenant |
Image Automation¶
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImagePolicy
metadata:
name: app-policy
spec:
imageRepositoryRef:
name: app
policy:
semver:
range: '>=1.0.0 <2.0.0'
Troubleshooting¶
# Check reconciliation status
flux get all -A
flux get kustomizations
flux get helmreleases
# Force reconciliation
flux reconcile source git flux-system
flux reconcile kustomization apps
# Suspend/resume
flux suspend kustomization apps
flux resume kustomization apps
| Issue | Diagnosis | Fix |
|---|---|---|
| Source not ready | flux get sources git |
Check credentials, URL |
| Kustomization failed | flux get kustomizations |
Check YAML, dependencies |
| HelmRelease stuck | flux get helmreleases |
Check chart version, values |
| Image not updating | flux get images all |
Check image policy, scan interval |
Commands & Recipes¶
Bootstrap¶
# Install Flux CLI
curl -s https://fluxcd.io/install.sh | sudo bash
# Bootstrap with GitHub
flux bootstrap github \
--owner=my-org \
--repository=fleet-infra \
--branch=main \
--path=clusters/production \
--personal
# Check status
flux check
flux get all
Source Management¶
# Add Git source
flux create source git myapp \
--url=https://github.com/org/myapp \
--branch=main \
--interval=1m
# Add Helm repo
flux create source helm bitnami \
--url=https://charts.bitnami.com/bitnami \
--interval=10m
# Add OCI repo
flux create source oci myapp-oci \
--url=oci://ghcr.io/org/myapp-manifests \
--tag=latest
Kustomization¶
# Apply Kustomization
flux create kustomization myapp \
--source=GitRepository/myapp \
--path="./k8s/overlays/production" \
--prune=true \
--interval=5m \
--health-check-timeout=3m
# Force reconcile
flux reconcile kustomization myapp --with-source
Helm Releases¶
# Create HelmRelease
flux create helmrelease nginx \
--source=HelmRepository/bitnami \
--chart=nginx \
--target-namespace=web \
--values=./values.yaml
# HelmRelease with values from ConfigMap
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: mydb
namespace: flux-system
spec:
interval: 10m
chart:
spec:
chart: postgresql
version: ">=15.0.0"
sourceRef:
kind: HelmRepository
name: bitnami
valuesFrom:
- kind: ConfigMap
name: mydb-values
values:
auth:
postgresPassword: ${DB_PASSWORD}
Image Automation¶
# Image policy (semver)
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImagePolicy
metadata:
name: myapp
spec:
imageRepositoryRef:
name: myapp
policy:
semver:
range: ">=1.0.0"
Debugging¶
# View all Flux resources
flux get all -A
# Check events
flux events --for Kustomization/myapp
# Suspend/resume reconciliation
flux suspend kustomization myapp
flux resume kustomization myapp
# Export existing Flux resources
flux export source git myapp > source.yaml