What is Flux CD

Flux is an open source tool used to keep Kubernetes clusters in sync with configuration artefacts, especially when that configuration needs to change regularly, like when you update your software or a dependent part of your system receives a patch.

Flux has been built from the ground up to use native Kubernetes APIs and to integrate with the wider Kubernetes ecosystem tools like Prometheus. It supports multi-tenancy clusters and scales massively with support for syncing multiple Git Repositories or other sources of configuration artefacts.

GitOps Toolkit

Flux uses several distinct controllers (Kubernetes Operators) that comprise the GitOps Toolkit.

The toolkit also includes composable APIs and reusable Go packages for GitOps. You can learn more about the GitOps Toolkit on the Flux website.

You may remember that the principles of GitOps discussed in our What is GitOps post stated that GitOps is (1) declarative, (2) versioned and immutable, (3) pulled automatically, and (4) continuously reconciled. This controller model should be familiar - Kubernetes also uses a controller model to ensure that the desired state on the cluster is continuously reconciled.

Sources

In Flux, a source is the repository where configuration artefacts are stored and the necessary credentials to access them. While Flux is based on GitOps principles, there is nothing in the principles that require Git to be the source. Configuration artefacts can be stored in a git repository, a helm chart repository, any OCI-compliant registry, or even a storage bucket. The Flux Source Controller’s role is to provide an interface for interacting with those sources.

Kustomization

Flux uses Kustomize to traverses a Kubernetes manifest to add, remove or update configuration options and extend existing Kubernetes resources. To reuse Kubernetes resources with a customised setup, you can define a Kustomization file that will adapt the Kubernetes resource to suit your use case. For example, if you want multiple instances of your application deployed for different environments with different configuration settings, perhaps connecting them to different auxiliary systems or with varying numbers of replicas. You can define the application deployment itself and then use a kustomization to refine it with the differences required in a specific environment without duplicating changes to the original deployment definition.

Reconciliation

In Flux, reconciliation ensures that the current state of a target (resources in your cluster/infrastructure) accurately reflects the desired state as defined in the source. It does this by comparing the current state to the desired state and then making any necessary changes. The necessary changes depend on the source type: a ‘HelmRelease’ would need to check the state of a Helm release and perform a release, including any Helm Chart revision changes, if a difference is found. The purpose of reconciliation is to make the current state match the desired state defined in a source.

Why use Flux

When should you consider implementing Flux instead of just managing your clusters with a CD kubectl command? Here are some great examples of when to use Flux CD.

If you want to add an additional layer of operational safety with isolation while being able to integrate with your existing process (helm/kustomize)- use Flux CD
If you work with developer teams that focus on building or patching applications and generate a container image for other teams to consume, or if you consume upstream images and want to keep them patched and updated, With Flux, you can use image-reflector-controller to scan container image repositories and reflect the metadata in Kubernetes resources. You then use the image-automation-controller to react to that image metadata by updating YAML files in a git repository and committing the changes. This flow allows Flux to monitor for changes in images and automates the developer flow, which would normally raise a PR to use the newer version.
When you operate at a larger scale, for example, you oversee tens of thousands of applications within large-scale Kubernetes clusters. You can use Flux Sharding to distribute the workload across multiple instances of Flux controllers allowing you to horizontally scale the reconciliation of resources. Flux Sharding can also help enforce separation to isolate the resources reconciliation for different teams and environments. If you are interested in benchmarking that is run on different size application deployments over different versions of Flux, check out the Flux Benchmark git repository and the results of its benchmarking.

Getting Started

Bootstrap

Flux can be installed using the Flux CLI to bootstrap Flux on your clusters. This involves deploying (or updating ) the Flux controllers on your Kubernetes cluster(s) and configuring the controllers to sync their state with a Git repository. The bootstrap command also pushes the controllers’ configuration as manifests to the Git repository and configures flux to update itself from this repository. The bootstrap command bypasses the chicken-and-egg problem when a system manages itself.

Suppose you are already using Terraform to define your infrastructure. In that case, you can use a Terraform provider to bootstrap Flux, allowing you to integrate it into your standard working methods.

Operator

There is an Open Source Flux Operator, a Customer Resource Definition (CRD) controller that manages the lifecycle of Flux CD. The operator offers an alternative approach to installing Flux via the Bootstrap procedure. It also simplifies more advanced Flux configuration while automating the installation, configuration, and upgrade of Flux controllers across multiple clusters. The Flux Operator also provides deep insights into the current status of Flux components and streamlines the rollout of new Flux versions, a feature especially important for ControlPlane Enterprise for Flux CD customers to get the latest CVE patched images as quickly as they are available.

Need help?

There is a wealth of documentation about configuring and setting up Flux for your use case, but sometimes it’s better to just talk to the experts. If you want to learn how we can help you succeed, contact us!