☸️ K8s 生态全景

主题

Flux CD — GitOps 工具包

什么是 Flux CD

Flux CD v2 是 CNCF 毕业项目,提供 GitOps 工具包,支持 Git、Helm、Kustomize 等多种来源。

安装

bash
# 安装 flux CLI
curl -s https://fluxcd.io/install.sh | sudo bash

# 预检查
flux check --pre

# 引导(连接 GitHub)
flux bootstrap github \
  --owner=mycompany \
  --repository=fleet-infra \
  --branch=main \
  --path=./clusters/production \
  --personal

GitRepository

yaml
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
  name: my-app
  namespace: flux-system
spec:
  interval: 1m
  url: https://github.com/mycompany/my-app-configs
  ref:
    branch: main
  secretRef:
    name: github-credentials

Kustomization

yaml
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: my-app
  namespace: flux-system
spec:
  interval: 10m
  path: ./overlays/production
  prune: true
  sourceRef:
    kind: GitRepository
    name: my-app
  healthChecks:
  - apiVersion: apps/v1
    kind: Deployment
    name: my-app
    namespace: production
  timeout: 5m
  retryInterval: 2m

HelmRelease

yaml
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
  name: my-app
  namespace: production
spec:
  interval: 5m
  chart:
    spec:
      chart: my-app
      version: ">=1.0.0 <2.0.0"
      sourceRef:
        kind: HelmRepository
        name: my-charts
        namespace: flux-system
  values:
    replicaCount: 3
    image:
      tag: v1.5.0
  upgrade:
    remediation:
      retries: 3
  rollback:
    timeout: 5m
    cleanupOnFail: true

镜像自动更新

yaml
# 自动检测新镜像并更新 Git
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImageRepository
metadata:
  name: my-app
  namespace: flux-system
spec:
  image: my-registry/my-app
  interval: 1m

---
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImagePolicy
metadata:
  name: my-app
  namespace: flux-system
spec:
  imageRepositoryRef:
    name: my-app
  policy:
    semver:
      range: ">=1.0.0 <2.0.0"

---
apiVersion: image.toolkit.fluxcd.io/v1beta1
kind: ImageUpdateAutomation
metadata:
  name: flux-system
  namespace: flux-system
spec:
  interval: 1m
  sourceRef:
    kind: GitRepository
    name: flux-system
  git:
    checkout:
      ref:
        branch: main
    commit:
      author:
        email: fluxcdbot@example.com
        name: fluxcdbot
      messageTemplate: "chore: update image to {{range .Updated.Images}}{{println .}}{{end}}"
    push:
      branch: main
  update:
    path: ./clusters/production
    strategy: Setters

常用命令

bash
# 查看所有 Flux 资源
flux get all -n flux-system

# 手动触发同步
flux reconcile source git my-app
flux reconcile kustomization my-app

# 查看同步状态
flux get kustomizations
flux get helmreleases -n production

# 暂停/恢复同步
flux suspend kustomization my-app
flux resume kustomization my-app

本站内容由 褚成志 整理编写,仅供学习参考

Copyright © 2024-present 褚成志 · All Rights Reserved