Skip to content

Latest commit

 

History

History
50 lines (35 loc) · 1.65 KB

README.md

File metadata and controls

50 lines (35 loc) · 1.65 KB

cnp-flux-config

Flux v2 config for CFT AKS clusters

Repo Structure

Please see Repo setup for details on how this repo is organized and meant to work.

Adding an app to flux

  • All App deployments are managed through HelmRelease manifests.
  • Any new/existing application that is getting added to an environment for the first time should use Flux v2.
  • See App Deployment section for more details to manage existing apps already on flux v1.

Creating Sealed Secrets

Install version 0.5.1 from https://github.com/bitnami-labs/sealed-secrets/releases

From a Literal

kubectl create secret generic my-secret \
  --from-literal key=secret-value \
  --namespace namespace \
  --dry-run=client -o json > my-secret.json

kubeseal --format=yaml --cert=pub-cert.pem < my-secret.json > my-secret.yaml

From a File

kubectl create secret generic my-secret \
  --from-file=./some-file.txt \
  --namespace namespace \
  --dry-run=client -o json > my-secret.json

kubeseal --format=yaml --cert=pub-cert.pem < my-secret.json > my-secret.yaml

Bootstrapping sealed secrets for a new cluster

See new cluster creation steps.

Upgrading flux v2

Update flux cli in your local and run

flux install --export > apps/flux-system/base/gotk-components.yaml
flux install --export --components image-reflector-controller,image-automation-controller > apps/flux-system/base/image-automation-components.yaml 

Currently, image-automation-components.yaml will contain some duplication like namespace and clusterrole and they need to be removed manually