The Landscape Podcast: Flux with Core Maintainer Stefan Prodan

An In-Depth Exploration of Flux’s Role in Modern DevOps

Mastering the automation of infrastructure and application management is essential for scaling businesses effectively. Among the standout projects in this space is Flux a graduated Cloud Native Computing Foundation (CNCF) project designed to enable GitOps for Kubernetes. One of the Core Maintainers of Flux, Stefan Prodan, recently went on The Landscape podcast to discuss the GitOps tool in more detail. This blog post is based on this talk and dives deeply into Flux’s capabilities, its crucial role in securing software supply chains, and its widespread adoption by significant organisations.

What is Flux?

Flux is a cutting-edge tool written in Go, engineered to simplify and automate continuous delivery (CD) and infrastructure management within Kubernetes environments. It operates by continuously monitoring a Git repository for any changes and automatically applying those updates to the Kubernetes cluster according to the desired state outlined in Git. This GitOps approach ensures that infrastructure and applications remain aligned with the repository, offering a reliable, scalable, and secure method for managing intricate environments.

Flux’s popularity is undeniable, illustrated by its 6,300 GitHub stars, 6,700 active Slack users, and over 8 billion Docker pulls. Its flexibility and power are evident in its support for Kubernetes deployment tools like Helm and Kustomize, making it suitable for diverse use cases.

Key Features of Flux

• GitOps Automation: Flux integrates seamlessly with Git, allowing for the automation of application and infrastructure deployments by reconciling the desired state stored in Git with the actual state of your Kubernetes cluster.

• Supply Chain Security: Designed with security at its core, Flux uses Git as the singular source of truth, reducing the need for direct human interaction with the Kubernetes API and thus minimising potential security risks.

• Multi-tool Support: By supporting Kubernetes deployment tools such as Helm and Kustomize, Flux ensures that users can maintain their preferred infrastructure and application states without sacrificing flexibility.

• Scalability: Ideal for large-scale Kubernetes deployments, Flux integrates with Continuous Integration/Continuous Deployment (CI/CD) pipelines and simplifies scaling operations across multiple clusters without requiring direct connections to each cluster.

• Self-managing: Flux’s standout feature is its bootstrap command, which allows users to connect their clusters to a Git repository with a single action. After setup, Flux autonomously monitors and updates itself.

Flux in Action: Real-world Use Cases

Leading companies like Cisco, JB Hunt, UI Path, and Microsoft Azure Arc leverage Flux to orchestrate and manage their Kubernetes clusters. For example, Cisco utilises Flux to oversee its IoT platform, managing over 200 million IoT devices. Similarly, GitLab has replaced its continuous delivery tooling with Flux, citing its scalability, flexibility, and user-friendliness.

Flux’s Powerful Integrations

Flux’s wide-ranging integrations with CNCF tools ensure compatibility with existing ecosystems. A notable sub-project is Flagger, a progressive delivery tool that facilitates controlled rollouts of new application versions without disrupting the entire user base. Flagger’s integration with service meshes like Istio, Linkerd, and NGINX allows for more controlled traffic management and testing of new releases before full deployment.

Additionally, Flux plays a crucial role in projects such as the Sylva Project, an initiative by telecommunications companies to adopt Kubernetes at the edge, and Tofu Controller, which extends Flux’s capabilities to reconcile non-Kubernetes infrastructures like Terraform scripts.

When Flux is Not the Best Fit

Although Flux is incredibly versatile, it may not suit every scenario. For users favouring an imperative deployment model or requiring frequent API interactions, Flux may not be the optimal choice. Its strength lies in GitOps, where all desired states are defined within Git, minimising manual API interactions.

While Flux’s CLI is robust, it is primarily advised for testing and staging environments. For production deployments, relying on Flux’s GitOps approach is recommended, as it allows Flux to manage the reconciliation process autonomously.

Flux vs. Argo CD

When discussing Kubernetes continuous delivery, a common query is how Flux compares to Argo CD. While both tools streamline Kubernetes deployments, they have key differences:

• Flux offers a more Kubernetes-native approach, providing low-level APIs for flexible deployment definitions, whereas Argo CD offers a more monolithic, app-centric API.
• Argo CD might present a more straightforward setup process, especially for GitOps newcomers, with its user-friendly UI and centralised app management. However, Flux offers greater flexibility and scalability for large-scale environments, particularly when decoupling components and handling complex dependencies.

Flux’s Future and Community Involvement

Flux boasts a robust and dynamic community that continuously evolves based on user feedback and contributions. An exciting roadmap feature is a Gitless Flux bootstrap, enabling users to set up Flux using only container registries, bypassing Git for environments that necessitate it.

Community involvement is pivotal to Flux’s success. Contributors with cloud platform expertise like Google Cloud, GitHub, and Azure are encouraged to help integrate new authentication features and enhance the project’s overall functionality.

Conclusion

Flux is more than a tool; it’s a gateway to efficient, secure, and scalable Kubernetes management through GitOps. Its flexibility, robust community support, and extensive tool integration make it a top choice for organisations seeking to automate and streamline their continuous delivery pipelines. Whether managing a small Kubernetes cluster or scaling to millions of devices, Flux provides the capabilities required to handle it all.