GitOps is a modern operational framework that uses Git as a single source of truth for declarative infrastructure and applications. Flux CD is a CNCF graduated project that enables GitOps for Kubernetes.
What is GitOps?
GitOps brings the following principles to infrastructure management:
- Declarative - Describe the entire system declaratively
- Versioned and immutable - Store canonical desired system state versioned in Git
- Pulled automatically - Software agents automatically pull and apply the desired state
- Continuously reconciled - Software agents continuously observe actual system state
Installing Flux on AKS
Prerequisites
# Install Flux CLI
curl -s https://fluxcd.io/install.sh | sudo bash
# Verify installation
flux check --preBootstrap Flux with GitHub
export GITHUB_TOKEN=<your-token>
export GITHUB_USER=<your-username>
flux bootstrap github \
--owner=$GITHUB_USER \
--repository=fleet-infra \
--branch=main \
--path=./clusters/my-cluster \
--personalThis command:
- Creates a GitHub repository (
fleet-infra) - Generates Flux manifests
- Deploys Flux components to your cluster
- Configures Flux to watch the repository
Structuring Your GitOps Repository
fleet-infra/
├── clusters/
│ ├── production/
│ │ ├── flux-system/ # Flux components
│ │ ├── infrastructure.yaml
│ │ └── apps.yaml
│ └── staging/
│ ├── flux-system/
│ ├── infrastructure.yaml
│ └── apps.yaml
├── infrastructure/
│ ├── sources/ # Git/Helm repositories
│ ├── cert-manager/
│ ├── ingress-nginx/
│ └── monitoring/
└── apps/
├── base/ # Base kustomization
└── production/ # Production overlaysDeploying Applications with Flux
Define a Git Source
# infrastructure/sources/podinfo.yaml
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: podinfo
namespace: flux-system
spec:
interval: 1m0s
ref:
branch: master
url: https://github.com/stefanprodan/podinfoCreate a Kustomization
# apps/base/podinfo/kustomization.yaml
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: podinfo
namespace: flux-system
spec:
interval: 5m0s
path: "./kustomize"
prune: true
sourceRef:
kind: GitRepository
name: podinfo
targetNamespace: default
healthChecks:
- apiVersion: apps/v1
kind: Deployment
name: podinfo
namespace: defaultHelm Releases with Flux
Flux also supports Helm for more complex deployments:
# infrastructure/monitoring/kube-prometheus-stack.yaml
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: prometheus-community
namespace: flux-system
spec:
interval: 1h
url: https://prometheus-community.github.io/helm-charts
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: kube-prometheus-stack
namespace: monitoring
spec:
interval: 1h
chart:
spec:
chart: kube-prometheus-stack
version: ">= 55.0.0 < 56.0.0"
sourceRef:
kind: HelmRepository
name: prometheus-community
namespace: flux-system
values:
grafana:
enabled: true
adminPassword: ${GRAFANA_PASSWORD}
prometheus:
prometheusSpec:
retention: 30dAutomated Image Updates
One of Flux’s powerful features is automated image updates:
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImageRepository
metadata:
name: myapp
namespace: flux-system
spec:
image: myregistry.azurecr.io/myapp
interval: 1m0s
---
apiVersion: image.toolkit.fluxcd.io/v1beta2
kind: ImagePolicy
metadata:
name: myapp
namespace: flux-system
spec:
imageRepositoryRef:
name: myapp
policy:
semver:
range: ">=1.0.0 <2.0.0"Monitoring Flux
Check the status of all Flux components:
# Check all Flux resources
flux get all --all-namespaces
# Watch for reconciliation events
flux get kustomizations --watch
# Get detailed logs
flux logs --all-namespaces --level=errorConclusion
GitOps with Flux CD transforms how you manage Kubernetes clusters. By using Git as the single source of truth, you gain audit trails, easy rollbacks, and consistent environments across your infrastructure. Combined with AKS, it provides a robust foundation for enterprise Kubernetes operations.