Flux Operator on OpenShift
https://fluxcd.io/blog/2024/09/flux-v2.4.0/
The release notes for 2.4.0 mentions a certain “Flux Operator” that “removes the operational burden of managing Flux”. In simple words, I guess it avoids the trouble where an administrator needs to get flux CLI installed on his system and then go through the bootstrap process to get Flux installed on a K8S cluster. Also, there’s no need for the Flux manifests to be stored in the Git repository anymore (the ones that are created when flux bootstrap is run)!
Note that the Flux operator is provided as an open-source project by ControlPlane.
Installation#
Since I’m on OpenShift, I’ll be configuring the FluxInstance resource for OpenShift. Refer to the FluxInstance Resource for more configuration options!
-
Install the Flux Operator using helm
helm install flux-operator oci://ghcr.io/controlplaneio-fluxcd/charts/flux-operator -n flux-system -
Create the secret (for pulling from private repos)
apiVersion: v1
kind: Secret
metadata:
name: git-token-auth
namespace: flux-system
type: Opaque
stringData:
username: "fluxcd"
password: "<token-here>"
- Create a FluxInstance resource:
apiVersion: fluxcd.controlplane.io/v1
kind: FluxInstance
metadata:
name: flux
spec:
distribution:
version: "2.3"
registry: "ghcr.io/fluxcd"
artifact: "oci://ghcr.io/controlplaneio-fluxcd/flux-operator-manifests:latest"
components:
- source-controller
- kustomize-controller
- helm-controller
- notification-controller
- image-reflector-controller
- image-automation-controller
cluster:
type: openshift
networkPolicy: true
domain: "cluster.local"
sync:
kind: GitRepository
url: "https://<repo-url.git>"
ref: "refs/heads/main"
path: "<path-to-manifests>"
pullSecret: "git-token-auth"
That’s it! Your cluster will now be in sync with the configuration from your Git repo using Flux!