Slides from OpenSource101.com Talk (https://opensource101.com/sessions/wtf-is-gitops-why-should-you-care/)
If you’re interested in learning more about Cloud Native Computing or are already in the Kubernetes community you may have heard the term GitOps. It’s become a bit of a buzzword, but it’s so much more! The benefits of GitOps are real – they bring you security, reliability, velocity and more! And the project that started it all was Flux – a CNCF Incubating project developed and later donated by Weaveworks (the GitOps company who coined the term).
Pinky will share from personal experience why GitOps has been an essential part of achieving a best-in-class delivery and platform team. Pinky will give a brief overview of definitions, CNCF-based principles, and Flux’s capabilities: multi-tenancy, multi-cluster, (multi-everything!), for apps and infra, and more.
Pinky will cover a little of Flux’s microservices architecture and how the various components deliver this robust, secure, and trusted open source solution. Through the components of the Flux project, users today are enjoying compatibility with Helm, Jenkins, Terraform, Prometheus, and more as well as with cloud providers such as AWS, Azure, Google Cloud, and more.
Join us for this informative session and get all of your GitOps questions answered by an end user in the community!
Speaker: Priyanka (aka “Pinky”) is a Developer Experience Engineer at Weaveworks. She has worked on a multitude of topics including front end development, UI automation for testing and API development. Previously she was a software developer at State Farm where she was on the delivery engineering team working on GitOps enablement. She was instrumental in the multi-tenancy migration to utilize Flux for an internal Kubernetes offering. Outside of work, Priyanka enjoys hanging out with her husband and two rescue dogs as well as traveling around the globe.
6. 6
6
Cloud Native Computing Foundation (CNCF)
The Cloud Native Computing Foundation (CNCF) is an open source software foundation that promotes
the adoption of cloud-native computing.
Maturity Levels: Sandbox ➡ Incubating ➡ Graduation
CNCF projects have a maturity level of sandbox, incubating, or graduated, which corresponds to
the Innovators, Early Adopters, and Early Majority tiers of the Crossing the Chasm diagram. The
maturity level is a signal by CNCF as to what sorts of enterprises should be adopting different
projects.
July 2019: Flux joins CNCF as a Sandbox Project 🏜 ⌛ 🏝
July 2020: Flux was one of only two projects in the ‘adopt’ category of CNCF CD Tech Radar 📡 ⚙ 💻
March 2021: Flux goes from Sandbox to Incubation 🥚 ⏲
November 2021: Flux Security Audit concludes in preparation for Graduation application 📄 📝
March 2022: Flux applies for Graduation 🤞🤞 🎉 🎓 🎉 🎓 🎉 🎓 🤞🤞
Flux’s Journey as an Open Source Project fluxcd.io
7. 7
7
● Operating model for cloud native applications such as Kubernetes
● Utilizes a version controlled system (Commonly Git) as the “single
source of truth”
● Enables continuous delivery through automated deployment,
monitoring, and management by a version controlled system
● Managing your infrastructure and applications declaratively
What is GitOps
9. 9
9
Individuals, teams, and organizations who implement GitOps experience
many benefits, including:
● Stronger Security Guarantees
● Increased Developer & Operational Productivity
● Enhanced Developer Experience
● Improved Stability
● Higher Reliability
● Consistency and Standardization
Why GitOps
10. 10
10
● A git centric package manager for your applications
● A set of continuous and progressive delivery solutions for Kubernetes
What is Flux
fluxcd.io
11. 11
11
🤝 Flux provides GitOps for both apps and infrastructure
🤖 Just push to Git and Flux does the rest
🔩 Flux works with your existing tools
☸ Flux works with any Kubernetes and all common Kubernetes tooling
🤹Flux does Multi-Tenancy (and “Multi-everything”)
📞 Flux alerts and notifies
👍 Users trust Flux
💖 Flux has a lovely community that is very easy to work with!
Flux in Short
12. 12
12
● Reduces developer burden
● Extensible
● Comes with out of the box support for Kustomize and Helm
● Designed For Kubernetes
Benefits of Flux
fluxcd.io
14. 14
What Flux’s Controllers do
Source Controller
- Fetch resources and store as
artifacts
Kustomize Controller
- Apply manifests, Run
manifest generation using
kustomize
Helm Controller
- Deployment of Helm Charts
Notification Controller
- Notification Dispatch
Image Reflector Controller
- Reflects Image metadata for
Automation Controller
Image Automation Controller
- Updates YAML when new
container images are
available
fluxcd.io
15. 15
15
🤝
Flux provides GitOps for both apps and infrastructure
● Flux and Flagger deploy apps with canaries, feature flags, and A/B
rollouts.
● Flux can also manage any Kubernetes resource.
● Infrastructure and workload dependency management is built in.
Flux Highlights fluxcd.io
16. 16
16
🤖
Just push to Git and Flux does the rest
● Flux enables application deployment (CD) and (with the help of
Flagger) progressive delivery (PD) through automatic reconciliation.
● Flux can even push back to Git for you with automated container
image updates to Git (image scanning and patching).
Flux Highlights fluxcd.io
17. 17
17
🔩
Flux works with your existing tools
● Flux works with your Git providers (GitHub, GitLab, Bitbucket, can
even use s3-compatible buckets as a source), all major container
registries, and all CI workflow providers.
Flux Highlights fluxcd.io
18. 18
18
☸
Flux works with any Kubernetes and all common Kubernetes tooling
● Kustomize, Helm, RBAC, and policy-driven validation
(OPA, Kyverno, admission controllers) so it simply falls into place.
Flux Highlights fluxcd.io
19. 19
19
🤹
Flux does Multi-Tenancy (and “Multi-everything”)
● Flux uses true Kubernetes RBAC via impersonation and supports multiple
Git repositories.
● Multi-cluster infrastructure and apps work out of the box with Cluster API
○ Flux can use one Kubernetes cluster to manage apps in either the
same or other clusters, spin up additional clusters themselves, and
manage clusters including lifecycle and fleets.
Flux Highlights fluxcd.io
20. 20
20
📞
Flux alerts and notifies
● Flux provides health assessments, alerting to external systems, and
external events handling.
● Just “git push”, and get notified on Slack and other chat systems.
Flux Highlights fluxcd.io
21. 21
21
👍
Users trust Flux
● Flux is a CNCF Incubating project and was one of only two projects
(alongside Helm) categorized as "Adopt" on the CNCF CI/CD Tech
Radar.
Flux Highlights fluxcd.io
22. 22
22
💖
Flux has a lovely community that is very easy to work with!
● We welcome contributors of any kind.
● The components of Flux are on Kubernetes core controller-runtime,
so anyone can contribute and its functionality can be extended very
easily.
● Get started contributing to Flux
Flux Highlights fluxcd.io
23. 23
23
● Helm
● Kustomize
● Prometheus
● Grafana
● Jenkins
● EKS
● AKS
● GCP
Flux Works with Other Tools
● Traefik
● Falco
● GitHub, GitLab, Bitbucket,
s3-compatible buckets
● Terraform
● …and more!!!
fluxcd.io
24. 24
24
● GitOps?
● Need for change and benefits of GitOps
● Internal pushback
● Dedicated team
● POCs
● Filling in the gap
● Multi-tenancy
● Education/Evangelizing
● Metrics/Observability
● Hardening
● Governance
My Own Journey with GitOps
25. 25
25
● Slow to adopt/implement
○ Highly regulated industry
○ Large organizations
● Don’t try to just lift and shift to GitOps
○ Take the time to assess what needs to be done to achieve
success
● Leverage outside expertise
○ Weaveworks
○ Flux community
● Dedicated team with clearly defined roles/responsibilities
Lessons Learned
26. 26
26
● Makes life easier
● Multi-tenancy
● DependsOn
● Helm integration
● Notifications and Alerts
● Bootstrap
● Flux CLI
Reasons I and Others Love Flux fluxcd.io
27. 27
27
● Star us on GitHub: https://github.com/fluxcd/flux2
● Try Flux! Follow our Getting Started guide
● Browse the docs at fluxcd.io/docs/
● Join #flux on the CNCF Slack
● Sign up for the Flux Mailing list for monthly updates,
announcements, etc. (https://lists.cncf.io/g/cncf-flux-dev)
Get Started with GitOps
Questions?
fluxcd.io
29. 29
29
● Open-Source Platform for Operations
● Control Plane, API, Data Plane, Workloads
● Common framework w/ Conformance Testing
● Mostly same experience across all cloud providers
What is Kubernetes?
29
30. 30
30
● Declare your desired state
● Apply to your Kubernetes environment
Tl;dr: What does that mean?
30
31. 31
31
● Declare your desired state
● Apply to your Kubernetes environment
● Control Loops for primitives and custom resources drive toward
and maintain declared state
Tl;dr: What does that mean?
31