flux 설치 및 사용

문학적인유사성·2023년 8월 12일
FluxGitLabGitOpsawseksk8s
0

뎁옵깃옵쿠베

목록 보기
36/53
post-thumbnail
post-custom-banner

설치

curl -s https://fluxcd.io/install.sh | sudo FLUX_VERSION=2.0.0 bash
PATH=$PATH:/usr/local/bin
# https://fluxcd.io/flux/cmd/flux_bootstrap_gitlab/
flux bootstrap gitlab [flags]

# https://docs.gitlab.com/ee/user/clusters/agent/gitops/flux_tutorial.html
# flux access token 생성, 범위 api로 설정
export GITLAB_TOKEN=${깃랩 토큰 생성한것}

flux bootstrap gitlab --owner=${owner설정} --repository=${레포이름넣기} --hostname=${자신의깃랩도메인} --branch ${브랜치명} --deploy-token-auth

이렇게 컨트롤러 포드가 배포된 것을 볼수있음

Everything % kubectl get all -n flux-system 
NAME                                          READY   STATUS    RESTARTS   AGE
pod/helm-controller-74b5f87d94-f9zvt          1/1     Running   0          5m39s
pod/kustomize-controller-c89454b89-5tzrn      1/1     Running   0          5m39s
pod/notification-controller-b7d8566b7-sjkgb   1/1     Running   0          5m38s
pod/source-controller-5f7b998fc9-wnfw7        1/1     Running   0          5m38s

NAME                              TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
service/notification-controller   ClusterIP   172.20.106.14   <none>        80/TCP    5m41s
service/source-controller         ClusterIP   172.20.84.170   <none>        80/TCP    5m41s
service/webhook-receiver          ClusterIP   172.20.24.38    <none>        80/TCP    5m40s

NAME                                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/helm-controller           1/1     1            1           5m41s
deployment.apps/kustomize-controller      1/1     1            1           5m41s
deployment.apps/notification-controller   1/1     1            1           5m40s
deployment.apps/source-controller         1/1     1            1           5m40s

NAME                                                DESIRED   CURRENT   READY   AGE
replicaset.apps/helm-controller-74b5f87d94          1         1         1       5m41s
replicaset.apps/kustomize-controller-c89454b89      1         1         1       5m41s
replicaset.apps/notification-controller-b7d8566b7   1         1         1       5m40s
replicaset.apps/source-controller-5f7b998fc9        1         1         1       5m40s

대쉬보드 배포

curl --silent --location "https://github.com/weaveworks/weave-gitops/releases/download/v0.24.0/gitops-$(uname)-$(uname -m).tar.gz" | tar xz -C /tmp
sudo mv /tmp/gitops /usr/local/bin
gitops version
PASSWORD="${자신이하고싶은 비밀번호}"
gitops create dashboard ww-gitops --password=$PASSWORD

Ingress 생성

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  namespace: flux-system
  name: flux-ingress
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
    alb.ingress.kubernetes.io/load-balancer-name: yusa-flux
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/ssl-redirect: '443'
    alb.ingress.kubernetes.io/certificate-arn: ${자신 acm arn넣기}
spec:
  ingressClassName: alb
  rules:
    - host: ${자신도메인넣기}
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: ww-gitops-weave-gitops
                port:
                  number: 9001
kubectl apply -f ingress.yaml

사용

# flux source 생성
12.flux % GITURL="https://${자신의 gitlab repo}"
12.flux % flux create source git nginx-test --url=$GITURL --branch=main --interval=30s --username=${ID} --password=${PW}
✚ generating GitRepository source
► applying secret with repository credentials
✔ authentication configured
► applying GitRepository source
✔ GitRepository source updated
◎ waiting for GitRepository source reconciliation
✔ GitRepository source reconciliation completed
✔ fetched revision: main@sha1:c8b872849241ea88c725afee9e902133b3e5e4ee

# flux source 생성 확인
12.flux % kubectl -n flux-system get gitrepositories
flux get sources git
NAME            REVISION                SUSPENDED       READY   MESSAGE                                           
flux-system     main@sha1:dfd3e9cc      False           True    stored artifact for revision 'main@sha1:dfd3e9cc'
nginx-test      main@sha1:c8b87284      False           True    stored artifact for revision 'main@sha1:c8b87284'

# 애플리케이션 생성
12.flux % flux create kustomization nginx-test \
--target-namespace=default \
--interval=1m \
--source=nginx-test \
--health-check-timeout=2m
(--prune=false prune필드 설정을 하지않는경우 애플리케이션 삭제시 리소스 삭제가 안됨, 애플리케이션 삭제시 리소스를 삭제하려면 true를 해야함)
✚ generating Kustomization
► applying Kustomization
✔ Kustomization created
◎ waiting for Kustomization reconciliation
✔ Kustomization nginx-test is ready
✔ applied revision main@sha1:c8b872849241ea88c725afee9e902133b3e5e4ee
# GUI로 접속시 화면 확인도 가능!

# 생성 확인
12.flux % kubectl -n default get po,svc
NAME                                   READY   STATUS    RESTARTS   AGE
pod/nginx-deployment-cbdccf466-2lp9r   1/1     Running   0          44s
pod/nginx-deployment-cbdccf466-lq76c   1/1     Running   0          44s
pod/nginx-deployment-cbdccf466-zz84n   1/1     Running   0          44s

NAME                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
service/kubernetes   ClusterIP   172.20.0.1      <none>        443/TCP    50d
service/nginx        ClusterIP   172.20.99.138   <none>        8080/TCP   22h

12.flux % kubectl -n default get po   
NAME                               READY   STATUS    RESTARTS   AGE
nginx-deployment-cbdccf466-zz84n   1/1     Running   0          3m16s

flux repo만들기
flux 헬름 공식문서

TMI... argocd를 쓰자..!

해당 이미지 참고링크

SSH Key로접근시

ssh-keyscan -t ecdsa -p 2222 ${깃랩 IP} >> ~/.ssh/known_hosts
export EKSA_GIT_PRIVATE_KEY=/root/.ssh/id_ecdsa
eval "$(ssh-agent -s)" && ssh-add $EKSA_GIT_PRIVATE_KEY
EKSA_GIT_KNOWN_HOSTS=/root/.ssh/known_hosts
cat ~/.ssh/id_ecdsa.pub 의 내용을 gitlab에 기입
profile
문학적인유사성
Are you nervous? Don't be
이전 포스트

kustomize 설치 및 사용

다음 포스트

keycloak 설치

post-custom-banner

0개의 댓글