gitops.md

GitOps Lab

• In this lab, we will use GitOps (Flux) to deploy the Namespaces and Applications assigned to a Cluster
  • We refer to this Cluster as a "member cluster"
    • Member clusters can be listed with the ds clusters list command
    • We will use central-la-nola-2301 as our member cluster name
      • You can use any cluster in the list

Prerequisites

• Deploy the Res-Edge data service
• Assign a Group to the imdb Namespace

Setup a clean environment

# start in the repo base directory
cd "$KIC_BASE"


# Warning: this will delete any existing data changes and they are not recoverable
ds reload --force

# redeploy IMDb
# will return 204 No Content
ds update namespace --id 3 --expression /g/stores

# run ci-cd locally
ds cicd

# deploy the clusters directory changes
ds deploy

Flux Setup Files

• The Flux setup yaml is located in clusters/central-la-nola-2301/flux-system
  • A Flux source is a git repo / branch combination
  • A Flux kustomization is a directory within the source (flux-system in our case)
    • flux-kustomization watches the flux-system and flux-system/listeners directories
    • You want to have multiple kustomizations in your deployment
      • When a kustomization fails, the entire process is aborted
        • This lets "your app" break "my app" if we use the same kustomization
      • We create a kustomization per Namespace as part of Res-Edge-Automation (ds cicd)

Setup Member Cluster

• Normally, the "member cluster" would be a separate cluster from the cluster running the data service
  • For simplicty, we are going to run our current cluster in both modes
  • Optionally, you can create a new Codespace that will be a "member cluster"

Getting started

• Verify the data service is running

  ds check resedge
  

Update Flux Template

• Edit apps/flux-system/source.yaml

  • Update url: and branch:

    code "$KIC_BASE/apps/flux-system/source.yaml"
    

Run ci-cd

• Run ci-cd locally and check in any changes

  # run ci-cd locally
  ds cicd
  
  # update GitHub if necessary
  ds deploy
  

Set Env Vars

• We use the GITHUB_TOKEN for Flux connectivity for convenience
  • The GITHUB_TOKEN will expire about a week after the Codespace is created
  • GitOps will fail once the token expires

export KIC_FULL_REPO=$(git remote get-url --push origin)
export KIC_BRANCH=$(git branch --show-current)

if [ "$KIC_PAT" = "" ]; then
  export KIC_PAT=$GITHUB_TOKEN
fi

ds env

• For long running GitOps, you need to create a GitHub Personal Access Token (PAT)
  • export KIC_PAT=<YourGitHubPat>
• Update $HOME/kic.env to make your GitHub PAT persistent across shells

Deploy GitOps (Flux v2)

• This deploys GitOps (Flux) to your cluster

# change central-la-nola-2301 to deploy additional member clusters
cd "$KIC_BASE/clusters/central-la-nola-2301/flux-system"

# create the namespace
kubectl apply -f namespace.yaml

# create the Flux secret
flux create secret git flux-system -n flux-system --url "$KIC_FULL_REPO" -u gitops -p "$KIC_PAT"

# deploy the Flux components
kubectl apply -f components.yaml

# create the Flux Source
kubectl apply -f source.yaml

# this single kustomization will manage all of the kustomizations generated by Res-Edge-Automation
kubectl apply -f flux-kustomization.yaml

Force Flux to Sync

• After making changes, you can force Flux to sync (reconcile)

  ds sync
  
  # check flux
  ds check flux
  

Verify Flux Deployment

• Flux should create 3 new Namespaces
  • heartbeat
  • imdb
  • redis

# make sure the pods are running
kic pods --watch

# check heartbeat
ds check heartbeat

# check imdb
ds check imdb

# check redis
ds check redis

Additional Member Clusters

• You can create additional Codespaces as member clusters
• Use a different Cluster name / directory for each cluster

On the GitHub Codespaces page, you can change the name of the Codespace by clicking the ...