Installing FluxCD

Installing FluxCD in Thalassa Cloud Kubernetes

FluxCD is a Kubernetes-native GitOps tool that automatically keeps your cluster state in sync with what’s defined in your Git repositories. By installing FluxCD in your Thalassa Cloud Kubernetes cluster, you can declaratively manage infrastructure, automate deployments, detect drift, and ensure your cluster always matches your repository as the single source of truth.

This guide shows you how to install FluxCD in a Thalassa Cloud Kubernetes cluster, connect it to your Git repositories, and set up your first GitOps.

FluxCD operates by continuously monitoring your chosen Git repositories for changes. When a new commit is detected, FluxCD automatically applies those changes to your cluster. If manual changes are made directly in the cluster, FluxCD can detect this drift and reconcile the state so the cluster matches Git.

Prerequisites

Before installing FluxCD, ensure you have a few things in place. First, you need a running Kubernetes cluster in Thalassa Cloud. If you don’t have one yet, see the Getting Started guide for instructions on creating your first cluster.
You’ll also need access to the cluster using kubectl. Configure cluster access using tcloud kubernetes connect or by setting up kubeconfig manually. See the Getting Started guide for details on configuring cluster access.
Finally, you’ll need a Git repository to store your Kubernetes manifests. This can be a GitHub, GitLab, or any other Git repository that FluxCD can access. The repository should contain your Kubernetes YAML files, organised in a way that makes sense for your applications.

Installing FluxCD

Installing the Flux CLI

The easiest way to install FluxCD is using the Flux CLI, which provides commands for bootstrapping FluxCD in your cluster. The CLI handles the installation process and can automatically configure Git repository integration.

Install the Flux CLI on your local machine. On macOS, you can use Homebrew:

brew install fluxcd/tap/flux

On Linux, download the binary directly:

curl -s https://fluxcd.io/install.sh | sudo bash

For Windows or other platforms, see the official FluxCD installation documentation for platform-specific instructions.

Verify the installation by checking the Flux version:

flux --version

You should see the Flux version number, confirming that the CLI is installed correctly.

Bootstrapping FluxCD

Bootstrapping is the process of installing FluxCD components in your cluster and configuring them to connect to your Git repository. The bootstrap command installs all necessary components and sets up the initial Git repository connection.

Before bootstrapping, ensure you’re connected to your cluster. Use tcloud kubernetes connect or verify your kubeconfig is set up correctly:

kubectl get nodes

If this command works and shows your cluster nodes, you’re ready to proceed.

To bootstrap FluxCD, you’ll need a Git repository URL and appropriate credentials. FluxCD supports several authentication methods, including SSH keys, HTTPS with tokens, and cloud provider integrations.

For SSH authentication, ensure you have an SSH key that has access to your Git repository. The bootstrap process will use this key to authenticate with Git. If you’re using GitHub, you can use a deploy key or a personal access token.

Bootstrap FluxCD with your Git repository:

flux bootstrap git \
  --url=ssh://git@github.com/your-org/your-repo.git \
  --branch=main \
  --path=clusters/production

Replace the URL with your actual Git repository URL, adjust the branch name if you’re not using main, and set the path to where you want FluxCD to look for manifests in your repository. The path is relative to the repository root.

If you’re using HTTPS instead of SSH, you can specify the URL and FluxCD will prompt for credentials, or you can use a token:

flux bootstrap git \
  --url=https://github.com/your-org/your-repo.git \
  --branch=main \
  --path=clusters/production \
  --token-auth

The bootstrap process does several things. It creates the flux-system namespace in your cluster, installs FluxCD components as Kubernetes resources, creates a GitRepository resource that connects to your Git repo, and sets up a Kustomization that watches the specified path for changes.

During bootstrapping, FluxCD creates a deploy key or uses your provided credentials to access the Git repository. For GitHub, it can automatically create a deploy key and add it to your repository if you have the necessary permissions.

Verifying the Installation

After bootstrapping completes, verify that FluxCD is running correctly. Check that all FluxCD pods are running:

kubectl get pods -n flux-system

You should see several pods, including the source controller, kustomize controller, and helm controller. All pods should show a status of “Running”. If any pods are not running, check their logs:

kubectl logs -n flux-system deployment/source-controller
kubectl logs -n flux-system deployment/kustomize-controller

Check that FluxCD can connect to your Git repository:

flux get sources git

This shows the GitRepository resources that FluxCD is monitoring. You should see your repository listed with a status indicating whether it’s successfully connecting.

Verify that the GitRepository is ready:

kubectl get gitrepository -n flux-system

The status should show “True” for the Ready condition, indicating that FluxCD can successfully access your Git repository.

Setting Up Your First Application

With FluxCD installed and connected to your Git repository, you can set up your first application deployment. FluxCD uses Kustomization resources to define what should be deployed from your Git repository.

Create a Kustomization resource that tells FluxCD to deploy an application. In your Git repository, create a directory structure for your application. For example, if your repository path is clusters/production, you might create:

clusters/
  production/
    apps/
      my-app/
        deployment.yaml
        service.yaml
        kustomization.yaml

The kustomization.yaml file tells Kustomize (which FluxCD uses) how to build the application:

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
  - deployment.yaml
  - service.yaml

Create a FluxCD Kustomization resource in your cluster that points to this path:

apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
  name: my-app
  namespace: flux-system
spec:
  interval: 5m
  path: ./clusters/production/apps/my-app
  prune: true
  sourceRef:
    kind: GitRepository
    name: flux-system
  healthChecks:
    - apiVersion: apps/v1
      kind: Deployment
      name: my-app
      namespace: default

Apply this Kustomization:

kubectl apply -f kustomization.yaml

FluxCD will now monitor the specified path in your Git repository and automatically apply any changes. The interval field specifies how often FluxCD checks for updates—in this case, every 5 minutes. The prune field tells FluxCD to remove resources that are no longer in Git, keeping your cluster in sync.

Working with Helm Charts

FluxCD also supports deploying Helm charts directly from Helm repositories or from Git. This is useful if you’re using Helm charts for your applications or want to leverage existing Helm charts from the community.

To use Helm charts, you first need to add a HelmRepository source:

apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
  name: bitnami
  namespace: flux-system
spec:
  interval: 1h
  url: https://charts.bitnami.com/bitnami

Apply this to add the Helm repository:

kubectl apply -f helm-repository.yaml

Then create a HelmRelease that deploys a chart from this repository:

apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: nginx
  namespace: default
spec:
  interval: 5m
  chart:
    spec:
      chart: nginx
      sourceRef:
        kind: HelmRepository
        name: bitnami
        namespace: flux-system
      version: "15.0.0"
  values:
    service:
      type: LoadBalancer

This HelmRelease tells FluxCD to deploy the nginx chart from the Bitnami repository, and it will automatically create a LoadBalancer service. FluxCD monitors the HelmRepository for chart updates and can automatically upgrade to new versions if configured.

Additional Resources and Documentation

For a deeper dive into FluxCD and GitOps workflows on Thalassa Cloud, consult the following resources:

FluxCD Official Documentation: Find guides on installation, configuration, and advanced features directly from the FluxCD project.
GitOps Documentation in Thalassa Cloud: Learn about GitOps concepts, best practices, and how both FluxCD and other tools integrate with Thalassa Cloud Kubernetes clusters.
Kubernetes Documentation: Access guides for cluster management, deploying applications, and understanding Kubernetes native resources.
Deploying Applications Guide: Review step-by-step instructions for deploying workloads that can be managed through FluxCD.

For troubleshooting, and more advanced usage examples, refer to the FluxCD Troubleshooting Guide.

Working with Helm