๐ Flux GitOps on AlmaLinux 9: Complete Guide
Ready to make Git your single source of truth? ๐ฏ Today weโll deploy Flux CD on AlmaLinux 9, creating a powerful GitOps system that automatically syncs your Kubernetes cluster with Git! Letโs automate everything! ๐โจ
๐ค Why is Flux Important?
Imagine deployments that happen automatically when you push to Git! ๐ Thatโs Fluxโs magic! Hereโs why itโs game-changing:
- ๐ Automatic Sync - Push to Git, watch it deploy automatically!
- ๐ฆ Git as Truth - Everything lives in Git, versioned and auditable
- ๐ก๏ธ Self-Healing - Drift detection and automatic correction
- ๐ Multi-Environment - Manage dev, staging, prod from one repo
- ๐ฏ Pull-Based - Secure deployments without CI/CD access
- ๐ Declarative Everything - Infrastructure and apps as code
- ๐ Security First - No cluster credentials outside cluster
- ๐ก CNCF Graduated - Production-ready and battle-tested
๐ฏ What You Need
Before we GitOps all the things, gather these:
- โ AlmaLinux 9 server (4GB RAM minimum, 8GB recommended)
- โ Kubernetes cluster 1.20+ (K3s, K8s, or any flavor)
- โ kubectl configured and working
- โ GitHub/GitLab account with personal access token
- โ Git repository for your manifests
- โ Basic Git knowledge
- โ Root or sudo access
- โ Ready for GitOps magic! ๐
๐ Step 1: Prepare AlmaLinux Environment
Letโs prepare your system for Flux! ๐ ๏ธ
Install Prerequisites
# Update system packages
sudo dnf update -y # Keep everything current
# Install required tools
sudo dnf install -y git curl wget
# Verify Kubernetes cluster
kubectl get nodes # All should be Ready
kubectl version --short # Check version 1.20+
# Create flux-system namespace
kubectl create namespace flux-system
# Check cluster access
kubectl auth can-i create deployments --all-namespaces # Should return "yes"Install Flux CLI
# Install Flux CLI - Method 1: Direct download
curl -s https://fluxcd.io/install.sh | sudo bash
# Or Method 2: Manual installation
FLUX_VERSION="2.2.0" # Check latest at github.com/fluxcd/flux2
curl -LO https://github.com/fluxcd/flux2/releases/download/v${FLUX_VERSION}/flux_${FLUX_VERSION}_linux_amd64.tar.gz
tar -xzf flux_${FLUX_VERSION}_linux_amd64.tar.gz
sudo mv flux /usr/local/bin/
sudo chmod +x /usr/local/bin/flux
# Verify installation
flux --version # Shows Flux version
# Enable bash completion
flux completion bash | sudo tee /etc/bash_completion.d/flux > /dev/null
source /etc/bash_completion.d/flux
# Check prerequisites
flux check --pre # All checks should pass๐ง Step 2: Bootstrap Flux
Time to connect Flux with your Git repository! ๐
Create GitHub Token
# Create a personal access token at:
# https://github.com/settings/tokens/new
# Required scopes: repo (full control)
# Export token as environment variable
export GITHUB_TOKEN=<your-token>
export GITHUB_USER=<your-username>
# Verify token works
curl -H "Authorization: token $GITHUB_TOKEN" https://api.github.com/userBootstrap Flux with GitHub
# Bootstrap Flux to your cluster
flux bootstrap github \
--owner=$GITHUB_USER \
--repository=fleet-infra \
--branch=main \
--path=./clusters/production \
--personal \
--private=false
# This command will:
# 1. Create the repository if it doesn't exist
# 2. Generate Flux manifests
# 3. Deploy Flux controllers to your cluster
# 4. Configure Flux to manage itself from Git
# Watch Flux installation
flux get all # Shows all Flux resources
kubectl get pods -n flux-system # All should be RunningAlternative: Bootstrap with GitLab
# For GitLab users
export GITLAB_TOKEN=<your-token>
flux bootstrap gitlab \
--owner=$GITLAB_USER \
--repository=fleet-infra \
--branch=main \
--path=./clusters/production \
--hostname=gitlab.com \
--personal \
--private=false๐ Step 3: Deploy Applications with Flux
Letโs deploy applications the GitOps way! ๐
Create Application Source
# Clone your fleet-infra repository
git clone https://github.com/$GITHUB_USER/fleet-infra
cd fleet-infra
# Create app source
cat <<EOF > ./clusters/production/podinfo-source.yaml
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: podinfo
namespace: flux-system
spec:
interval: 1m
ref:
branch: master
url: https://github.com/stefanprodan/podinfo
EOF
# Create Kustomization for deployment
cat <<EOF > ./clusters/production/podinfo-kustomization.yaml
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: podinfo
namespace: flux-system
spec:
interval: 10m
path: "./kustomize"
prune: true
sourceRef:
kind: GitRepository
name: podinfo
targetNamespace: default
patches:
- patch: |
- op: replace
path: /spec/replicas
value: 3
target:
kind: Deployment
name: podinfo
EOF
# Commit and push
git add .
git commit -m "Add podinfo application"
git push
# Watch Flux sync the application
flux get sources git
flux get kustomizations
kubectl get pods -n default # podinfo pods appear!Deploy Helm Charts
# Add Helm repository source
cat <<EOF > ./clusters/production/nginx-helm-repo.yaml
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: bitnami
namespace: flux-system
spec:
interval: 1h
url: https://charts.bitnami.com/bitnami
EOF
# Create HelmRelease
cat <<EOF > ./clusters/production/nginx-helm-release.yaml
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: nginx
namespace: default
spec:
interval: 5m
chart:
spec:
chart: nginx
version: '15.x'
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
values:
replicaCount: 2
service:
type: LoadBalancer
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 50m
memory: 64Mi
EOF
# Commit and push
git add .
git commit -m "Add NGINX Helm release"
git push
# Monitor deployment
flux get helmreleases
helm list -A # Shows deployed chartsโ Step 4: Multi-Environment Setup
Letโs manage multiple environments with Flux! ๐
Structure for Multiple Environments
# Create environment structure
mkdir -p ./clusters/{staging,production}/apps
mkdir -p ./infrastructure/{base,staging,production}
# Base infrastructure components
cat <<EOF > ./infrastructure/base/namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: apps
EOF
# Staging overrides
cat <<EOF > ./infrastructure/staging/kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../base
patches:
- patch: |
- op: add
path: /metadata/labels
value:
environment: staging
target:
kind: Namespace
name: apps
EOF
# Production overrides
cat <<EOF > ./infrastructure/production/kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../base
patches:
- patch: |
- op: add
path: /metadata/labels
value:
environment: production
target:
kind: Namespace
name: apps
EOF
# Flux Kustomization for each environment
cat <<EOF > ./clusters/staging/infrastructure.yaml
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: infrastructure
namespace: flux-system
spec:
interval: 10m
path: ./infrastructure/staging
prune: true
sourceRef:
kind: GitRepository
name: flux-system
EOF
git add .
git commit -m "Add multi-environment setup"
git push๐ฎ Quick Examples
Letโs explore Fluxโs powerful features! ๐ฌ
Example 1: Image Automation
# Enable image automation
flux install \
--components-extra=image-reflector-controller,image-automation-controller
# Configure image scanning
cat <<EOF | kubectl apply -f -
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImageRepository
metadata:
name: podinfo
namespace: flux-system
spec:
image: ghcr.io/stefanprodan/podinfo
interval: 1m
---
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImagePolicy
metadata:
name: podinfo
namespace: flux-system
spec:
imageRepositoryRef:
name: podinfo
policy:
semver:
range: '>=5.0.0'
---
apiVersion: image.toolkit.fluxcd.io/v1beta1
kind: ImageUpdateAutomation
metadata:
name: podinfo
namespace: flux-system
spec:
interval: 10m
sourceRef:
kind: GitRepository
name: flux-system
git:
checkout:
ref:
branch: main
commit:
author:
email: [email protected]
name: fluxcdbot
messageTemplate: 'Update image to {{range .Images}}{{println .}}{{end}}'
push:
branch: main
update:
path: "./clusters/production"
strategy: Setters
EOF
# Flux will now auto-update images! ๐Example 2: Notifications
# Set up Slack notifications
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
name: slack-url
namespace: flux-system
stringData:
address: https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK
---
apiVersion: notification.toolkit.fluxcd.io/v1beta2
kind: Provider
metadata:
name: slack
namespace: flux-system
spec:
type: slack
secretRef:
name: slack-url
---
apiVersion: notification.toolkit.fluxcd.io/v1beta2
kind: Alert
metadata:
name: on-call-webapp
namespace: flux-system
spec:
providerRef:
name: slack
eventSeverity: info
eventSources:
- kind: GitRepository
name: '*'
- kind: Kustomization
name: '*'
- kind: HelmRelease
name: '*'
summary: 'Flux notification for production cluster'
EOF
# Now you get Slack alerts! ๐ฑExample 3: Monitoring with Grafana
# Deploy Flux Grafana dashboards
flux create source git monitoring \
--url=https://github.com/fluxcd/flux2-monitoring-example \
--branch=main
flux create kustomization monitoring \
--source=GitRepository/monitoring \
--path="./monitoring/configs" \
--prune=true \
--interval=1h
# Access Grafana
kubectl port-forward -n monitoring svc/grafana 3000:3000 &
echo "๐ Grafana at http://localhost:3000 (admin/admin)"๐จ Fix Common Problems
Donโt panic! Here are solutions! ๐ช
Problem 1: Flux Not Syncing
# Check Flux status
flux get all --all-namespaces
# Check source status
flux get sources git -A
# Force reconciliation
flux reconcile source git flux-system
# Check logs
flux logs --all-namespaces --follow
# Suspend and resume
flux suspend kustomization podinfo
flux resume kustomization podinfoProblem 2: Authentication Issues
# Regenerate deploy keys
flux create secret git flux-system \
--url=ssh://[email protected]/$GITHUB_USER/fleet-infra
# Update image pull secrets
kubectl create secret docker-registry regcred \
--docker-server=ghcr.io \
--docker-username=$GITHUB_USER \
--docker-password=$GITHUB_TOKEN \
-n flux-systemProblem 3: Drift Detection
# Check for drift
flux diff kustomization podinfo
# Fix drift manually
kubectl delete deployment podinfo -n default
flux reconcile kustomization podinfo --with-source
# Enable strict mode
flux create kustomization my-app \
--source=flux-system \
--path="./apps" \
--prune=true \
--validation=strict๐ Simple Commands Summary
Your Flux command toolkit! ๐
| Command | What It Does | When to Use |
|---|---|---|
flux bootstrap github | Install Flux | Initial setup |
flux get all | Show all resources | Check status |
flux reconcile | Force sync | Manual sync |
flux logs | View controller logs | Debug issues |
flux diff | Show differences | Check drift |
flux suspend | Pause reconciliation | Maintenance |
flux resume | Resume reconciliation | After maintenance |
flux create source git | Add Git source | New repository |
flux create helmrelease | Deploy Helm chart | Add application |
flux uninstall | Remove Flux | Cleanup |
๐ก Tips for Success
Master GitOps with these pro tips! ๐
Repository Structure
- ๐ Organize by environment and application
- ๐ฏ Use Kustomize for configuration management
- ๐ Keep secrets encrypted with Sealed Secrets
- ๐ Implement proper branching strategy
- ๐ Version everything with semantic versioning
Best Practices
- ๐ก๏ธ Never commit secrets in plain text
- ๐ Monitor drift continuously
- ๐ Set up comprehensive alerting
- ๐ฏ Use image automation carefully
- ๐พ Backup Git repositories regularly
- ๐ Implement RBAC properly
- โก Keep reconciliation intervals reasonable
Performance Tips
- ๐ Use webhooks for instant updates
- ๐ก Optimize Git repository size
- ๐ Monitor controller resource usage
- ๐ฏ Tune garbage collection
- ๐ Use dependency management
๐ What You Learned
Outstanding! Youโre now a GitOps master! ๐ You can:
- โ Install and bootstrap Flux on AlmaLinux 9
- โ Connect Flux with Git repositories
- โ Deploy applications declaratively
- โ Manage Helm charts with Flux
- โ Set up multi-environment GitOps
- โ Configure image automation
- โ Implement notifications and monitoring
- โ Troubleshoot common issues
๐ฏ Why This Matters
Youโve achieved true GitOps excellence! ๐ With Flux:
- Git as Single Truth - Everything is versioned and auditable
- Automatic Everything - Push to Git, done!
- Self-Healing - No more configuration drift
- Secure by Design - No cluster credentials in CI/CD
- Multi-Environment - Manage all environments from one place
- Developer Friendly - Developers just push code
- Enterprise Ready - CNCF graduated project
Your deployments are now fully automated, secure, and auditable! No more manual kubectl commands, no more forgotten deployments. Everything flows from Git automatically.
Keep exploring advanced features like progressive delivery, A/B testing, and multi-cluster management. Youโre doing GitOps like the pros! ๐
Remember: The future is GitOps - Flux makes it reality! Happy automating! ๐๐
P.S. - Join the Flux community, contribute to the ecosystem, and share your GitOps journey! Together weโre revolutionizing deployments! โญ๐
