[Video Course][Siddharth Barahalikar] FluxCD 101 with Hands-On Labs [ENG, 2023][~5h 45m]


05. Image Automation Controller


02. DEMO - Install Image Automation Controller


$ export GITHUB_USER=wildmakaka
$ export REPOSITORY_NAME=block-buster


$ flux bootstrap github \
  --owner=${GITHUB_USER} \
  --repository=${REPOSITORY_NAME} \
  --branch=main \
  --path=flux-clusters/dev-cluster \
  --personal \
  --private=false \
  --components-extra="image-reflector-controller,image-automation-controller"


$ kubectl -n flux-system get po,deploy
NAME                                               READY   STATUS    RESTARTS   AGE
pod/helm-controller-7cbfc44f88-9zsrk               1/1     Running   0          116m
pod/image-automation-controller-679b595d96-h77sm   1/1     Running   0          111s
pod/image-reflector-controller-9b7d45fc5-shqjx     1/1     Running   0          111s
pod/kustomize-controller-76dd89c9d4-4bvbh          1/1     Running   0          116m
pod/notification-controller-86d886486b-2wz5t       1/1     Running   0          116m
pod/source-controller-7cfdc467d6-g8nsl             1/1     Running   0          116m

NAME                                          READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/helm-controller               1/1     1            1           116m
deployment.apps/image-automation-controller   1/1     1            1           111s
deployment.apps/image-reflector-controller    1/1     1            1           111s
deployment.apps/kustomize-controller          1/1     1            1           116m
deployment.apps/notification-controller       1/1     1            1           116m
deployment.apps/source-controller             1/1     1            1           116m


$ kubectl get crds | grep image
imagepolicies.image.toolkit.fluxcd.io            2023-04-30T22:29:44Z
imagerepositories.image.toolkit.fluxcd.io        2023-04-30T22:29:44Z
imageupdateautomations.image.toolkit.fluxcd.io   2023-04-30T22:29:44Z


$ cd block-buster/
$ git pull


03. DEMO - Initialize DockerHub


$ git switch 8-demo


$ docker logout


$ docker login


$ docker pull siddharth67/block-buster-dev:7.8.0
$ docker tag siddharth67/block-buster-dev:7.8.0 webmakaka/bb-app-flux-demo:7.8.0
$ docker push webmakaka/bb-app-flux-demo:7.8.0


$ cd bb-app-source
$ vi manifests/deployment.yml


Прописываю:

image: webmakaka/bb-app-flux-demo:7.8.0


commit / push


$ flux create source git 8-demo-source-git-bb-app \
  --url https://github.com/wildmakaka/bb-app-source \
  --branch=8-demo \
  --timeout 10s \
  --export > 8-demo-source-git-bb-app.yaml


$ flux create kustomization 8-demo-kustomize-git-bb-app \
  --source GitRepository/8-demo-source-git-bb-app \
  --target-namespace 8-demo \
  --prune true \
  --interval 10s \
  --path manifests \
  --export > 8-demo-kustomize-git-bb-app.yaml


commit / push


$ flux reconcile source git flux-system


// OK!
http://192.168.49.2:30008/


04. DEMO - Image Automation Controller - Repository


$ flux create image repository 8-demo-image-repo-bb-app \
  --image docker.io/webmakaka/bb-app-flux-demo \
  --interval 10s \
  --export > 8-demo-image-repo-bb-app.yaml


commit / push


$ flux reconcile source git flux-system


$ flux get image all
NAME                                    	LAST SCAN                	SUSPENDED	READY	MESSAGE
imagerepository/8-demo-image-repo-bb-app	2023-05-01T02:26:39+03:00	False    	True 	successful scan: found 1 tags


$ cd bb-app-source
$ vi src/index.php

Меняю:

<body style="background-color: #80F1BE">

на

<body style="background-color: #A01B40">


$ cd src/
$ docker build -t webmakaka/bb-app-flux-demo:7.8.1 .
$ docker push webmakaka/bb-app-flux-demo:7.8.1


$ flux reconcile image repository 8-demo-image-repo-bb-app
$ kubectl -n flux-system get imagerepositories.image.toolkit.fluxcd.io 8-demo-image-repo-bb-app
$ kubectl -n flux-system get imagerepositories.image.toolkit.fluxcd.io 8-demo-image-repo-bb-app -o yaml


Смотрим:

  lastScanResult:
    latestTags:
    - 7.8.1
    - 7.8.0


06. DEMO - Image Automation Controller - Policy


$ flux create image policy 8-demo-image-policy-bb-app \
  --image-ref=8-demo-image-repo-bb-app \
  --select-semver 7.8.x \
  --export > 8-demo-image-policy-bb-app.yaml


$ flux get image all
NAME                                    	LAST SCAN                	SUSPENDED	READY	MESSAGE
imagerepository/8-demo-image-repo-bb-app	2023-05-01T02:45:18+03:00	False    	True 	successful scan: found 2 tags

NAME                                  	LATEST IMAGE                              	READY	MESSAGE
imagepolicy/8-demo-image-policy-bb-app	docker.io/webmakaka/bb-app-flux-demo:7.8.1	True 	Latest image tag for 'docker.io/webmakaka/bb-app-flux-demo' resolved to 7.8.1


$ kubectl -n flux-system get imagepolicies.image.toolkit.fluxcd.io 8-demo-image-policy-bb-app -o yaml


$ kubectl -n 8-demo get deploy block-buster -o wide
NAME           READY   UP-TO-DATE   AVAILABLE   AGE   CONTAINERS   IMAGES                             SELECTOR
block-buster   1/1     1            1           55m   app          webmakaka/bb-app-flux-demo:7.8.0   app=block-buster


08. DEMO - Image Automation Controller - Update


$ flux create image update 8-demo-image-update-bb-app \
  --git-repo-ref 8-demo-source-git-bb-app \
  --checkout-branch 8-demo \
  --author-name fluxcdbot \
  --author-email [email protected] \
  --git-repo-path ./manifests \
  --push-branch 8-demo \
  --interval 100s \
  --export > 8-demo-image-update-bb-app.yaml


$ flux reconcile source git flux-system
$ flux get images all


$ cd bb-app-source
$ vi manifests/deployment.yml
// Добавляем инструкции после тега
image:·webmakaka/bb-app-flux-demo:7.8.0 # {"$imagepolicy": "flux-system:8-demo-image-policy-bb-app"}


commit / push


$ flux reconcile source git 8-demo-source-git-bb-app


$ flux get images all

***
authentication required


$ kubectl -n flux-system get imageupdateautomations.image.toolkit.fluxcd.io 8-demo-image-update-bb-app -o yaml


 message: authentication required
    reason: ReconciliationFailed
    status: "False"
    type: Ready


github -> bb-app-source -> 8-demo -> Settings -> Deploy keys

Будем во flux генерить!


$ flux create secret git 8-demo-git-bb-app-auth \
  --url=ssh://[email protected]/wildmakaka/bb-app/source.git \
  --ssh-key-algorithm=ecdsa \
  --ssh-ecdsa-curve=p521


Output вставляем в github.

GITHUB_USERNAME -> bb-app-source -> Settings -> Deploy keys -> Add deploy key

Title: FLUX UPDATE DEPLOY KEY

+ allow write


$ kubectl -n flux-system get secrets 8-demo-git-bb-app-auth
NAME                     TYPE     DATA   AGE
8-demo-git-bb-app-auth   Opaque   3      65s


// По http перестает работать, нужно сделать по ssh
$ flux create source git 8-demo-source-git-bb-app \
  --url ssh://[email protected]/wildmakaka/bb-app-source.git \
  --branch 8-demo \
  --timeout 10s \
  --secret-ref 8-demo-git-bb-app-auth \
  --export > 8-demo-source-git-bb-app.yaml


commit / push


$ kubectl -n 8-demo get deploy -o wide
NAME           READY   UP-TO-DATE   AVAILABLE   AGE    CONTAINERS   IMAGES                             SELECTOR
block-buster   1/1     1            1           133m   app          webmakaka/bb-app-flux-demo:7.8.0   app=block-buster


$ flux get image update
NAME                      	LAST RUN                 	SUSPENDED	READY	MESSAGE
8-demo-image-update-bb-app	2023-05-01T04:06:24+03:00	False    	True 	no updates made; last commit 28a83c6 at 2023-05-01T01:05:46Z


Бот обновил версию image в бранче 8-demo.


$ kubectl -n 8-demo get deploy -o wide
NAME           READY   UP-TO-DATE   AVAILABLE   AGE    CONTAINERS   IMAGES                                       SELECTOR
block-buster   1/1     1            1           137m   app          docker.io/webmakaka/bb-app-flux-demo:7.8.1   app=block-buster


// OK!
http://192.168.49.2:30008/