/cdk8s-flux

Flux Constructs for cdk8s

Primary LanguageTypeScriptApache License 2.0Apache-2.0

cdk8s-flux

Manage your kubernetes cluster in a GitOps fashion with Flux, construct library for cdk8s project🚀

Overview

cdk8s-flux is a cdk8s library which allows you to deploy define a installation of a Flux daemon in your kubernetes cluster with just a few lines of code. This could be used as an alternative to the Flux Helm Chart or the fluxctl install command.

new Flux(this, 'flux', {
      ns: 'flux',
      name: 'flux',
      image: 'fluxcd/flux',
      tag: '1.19.0',
      replicas: 1,
      arguments: [
        '--memcached-service=',
        '--ssh-keygen-dir=/etc/fluxd/keygen',
        '--git-url=git@github.com:rafaribe/cdk8s-k3s-gitops.git',
        '--git-branch=master',
        '--git-path=cluster',
        '--git-label=flux',
        '--git-user=flux',
        '--git-email=flux@rafaribe.com',
        '--git-poll-interval=5m',
        '--sync-garbage-collection',
      ],
    });
  }
flux.k8s.yaml
apiVersion: v1
kind: Namespace
metadata:
  labels:
    name: flux
  name: flux
---
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    name: flux
  name: flux
  namespace: flux
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    name: flux
  name: flux
rules:
  - apiGroups:
      - "*"
    resources:
      - "*"
    verbs:
      - "*"
  - nonResourceURLs:
      - "*"
    verbs:
      - "*"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    name: flux
  name: flux
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: flux
subjects:
  - kind: ServiceAccount
    name: flux
    namespace: flux
---
apiVersion: v1
kind: Secret
metadata:
  name: flux-git-deploy
  namespace: flux
type: Opaque
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: flux
  namespace: flux
spec:
  replicas: 1
  selector:
    matchLabels:
      name: flux
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        name: flux
    spec:
      containers:
        - args:
            - --memcached-service=
            - --ssh-keygen-dir=/etc/fluxd/keygen
            - --git-url=git@github.com:rafaribe/cdk8s-k3s-gitops.git
            - --git-branch=master
            - --git-path=cluster
            - --git-label=flux
            - --git-user=flux
            - --git-email=flux@rafaribe.com
            - --git-poll-interval=5m
            - --sync-garbage-collection
          image: raspbernetes/flux:1.19.0
          imagePullPolicy: IfNotPresent
          livenessProbe:
            httpGet:
              path: api/flux/v6/identity.pub
              port: 3030
            initialDelaySeconds: 5
            timeoutSeconds: 5
          name: flux
          ports:
            - containerPort: 3030
          readinessProbe:
            httpGet:
              path: api/flux/v6/identity.pub
              port: 3030
            initialDelaySeconds: 5
            timeoutSeconds: 5
          resources:
            limits:
              cpu: 150m
              memory: 256Mi
          volumeMounts:
            - mountPath: /etc/fluxd/ssh
              name: git-key
              readOnly: true
            - mountPath: /etc/fluxd/keygen
              name: git-keygen
      serviceAccountName: flux
      volumes:
        - name: git-key
          secret:
            defaultMode: 256
            secretName: flux-git-deploy
        - emptyDir:
            medium: Memory
          name: git-keygen
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: memcached
  namespace: flux
spec:
  replicas: 1
  selector:
    matchLabels:
      name: memcached
  template:
    metadata:
      labels:
        name: memcached
    spec:
      containers:
        - args:
            - -m 512
            - -I 5m
            - -p 11211
          image: memcached:1.5.20
          name: memcached
          ports:
            - containerPort: 11211
              name: clients
          securityContext:
            allowPrivilegeEscalation: false
            runAsGroup: 11211
            runAsUser: 11211
---
apiVersion: v1
kind: Service
metadata:
  name: memcached
  namespace: flux
spec:
  ports:
    - name: memcached
      port: 11211
  selector:
    name: memcached

Installation

cdk8s supports TypeScript and Python at this point, so as cdk8s-flux.

We'd recommend to walk through the cdk8s Getting Started guide before using this library, if you're very new to cdk8s world.

TypeScript

Use npm or yarn to install.

$ npm install -s cdk8s-flux

or

$ yarn add cdk8s-flux

Python

$ pip install cdk8s-flux

Contribution

  1. Fork (https://github.com/rafaribe/cdk8s-flux/fork)

  2. Bootstrap the repo:

    yarn install # installs dependencies
  3. Development scripts:

Command Description
yarn compile Compiles jsii
yarn watch Watch & compile
yarn test Runs the jest unit tests
yarn test -u Updates jest snapshots
yarn run package Outputs the jsii generated packages in TS and Python
yarn build Compile + Test + Package
yarn bump Bumps version
yarn release Bump + push to master
yarn rmist Deletes node_modules and runs installs dependencies
yarn lint Lint with eslinter
yarn prettier Runs prettier and updates the files in place
yarn run import cdk8s imports k8s and crds into the imports directory
  1. Create a feature branch
  2. Commit your changes
  3. Rebase your local changes against the master branch
  4. Create a new Pull Request (use conventional commits for the title please)

License

Apache License, Version 2.0

Author

Rafael Ribeiro

Thank you:

Thank you to the devs of the following projects, from where I got some inspiration to create this library: