This addon is built based FluxCD
The following definitions will be enabled after the installation of fluxcd addon.
|DEFINITION NAME||DEFINITION TYPE||DEFINITION DESCRIPTION|
|helm||ComponentDefinition||helps to deploy a helm chart from git repo, helm repo or S3 compatible bucket|
|kustomize||ComponentDefinition||helps to deploy a kustomize style artifact and GitOps capability to watch changes from git repo or image registry|
|kustomize-json-patch||TraitDefinition||A list of JSON6902 patch to selected target|
|kustomize-patch||TraitDefinition||A list of StrategicMerge or JSON6902 patch to selected target|
|kustomize-strategy-merge||TraitDefinition||A list of strategic merge to kustomize config|
|repoType||required, indicates the type of repository, should be "helm","git", "oss", or "oci".||Helm|
|pullInterval||optional, the interval at which to check for repository/bucket and release updates, default to 5m||5m|
|url||required, the Git or Helm repository URL, OSS endpoint, accept HTTP/S or SSH address as git url||https://charts.bitnami.com/bitnami|
|secretRef||optional, the name of the Secret object that holds the credentials required to pull the repo. The username and password fields must be included in the HTTP/S basic authentication Secret. For TLS the secret must contain a certFile and keyFile, and/or caCert fields. For TLS authentication, the secret must contain a certFile / keyFile field and/or caCert field.||sec-name|
|timeout||optional, the timeout for operations like download index/clone repository||60s|
|chart||required, the relative path to helm chart for git/oss source. The chart name for helm resource||redis-cluster|
|version||optional, chart version, * by default||6.2.7|
|targetNamespace||optional, the namespace to install chart, decided by chart itself||your-ns|
|releaseName||optional, release name after installed||your-rn|
|values||optional, override the Values.yaml inchart, using for the rendering of Helm|
|installTimeout||optional, the timeout for operation ||20m|
|interval||optional, the Interval at which to reconcile the Helm release, default to 30s||1m|
|oss||optional, The oss source configuration|
|git||optional, The git source configuration||dev|
|bucketName||required, bucket name||your-bucket|
|provider||optional, Generic or aws, if you get the certificate from aws EC2, fill in aws. The default is generic.||generic|
|region||optional, bucket region|
|branch||optional, Git branch, master by default||your-branch|
You can create an application like below to deploy a helm chart which stored in helm repository.
If your helm chart is stored in OCI registry, you can create the application like this:
Note: Please guarantee your fluxcd addon version >= v1.3.1
If your helm chart is stored in OSS, you can create the application like this:
If your helm chart stored in git, you can create the application like this:
|repoType||required, indicates the type of repository, should be "helm","git" or "oss".||oss|
|pullInterval||optional, Synchronize with Git repository, and the time interval between tuning helm release. The default value is 5m (5 minutes）||10m|
|url||required, bucket's endpoint, no need to fill in with scheme||oss-cn-beijing.aliyuncs.com|
|secretRef||optional, Save the name of a Secret, which is the credential to read the bucket. Secret contains accesskey and secretkey fields||sec-name|
|timeout||optional, The timeout period of the download operation, the default is 20s||60s|
|path||required, The directory containing the kustomization.yaml file, or the directory containing a set of YAML files (used to generate kustomization.yaml)||./prod|
|oss||optional, The oss source configuration|
|git||optional, The git source configuration|
|imageRepository||optional, The image [repository](#Image Repository) for automatically update image to git|
|image||required||The image url||oamdev/vela-core|
|secretRef||optional||If it's a private image registry, use ||my-secret|
|policy||optional||[Policy](#Image policy) gives the particulars of the policy to be followed in selecting the most recent image.|
|filterTags||optional||FilterTags enables filtering for only a subset of tags based on a set of rules. If no rules are provided, all the tags from the repository will be ordered and compared.||$timestamp|
|commitMessage||optional||Use for more commit message|
|alphabetical.order||optional||Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A||asc|
|numerical.order||optional||Given the integer values from 0 to 9 as tags, ascending order would select 9, and descending order would select 0||asc|
|semver.range||optional||Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image||'>=1.0.0 <2.0.0'|
|extract||optional||Extract allows a capture group to be extracted from the specified regular expression pattern, useful before tag evaluation||$timestamp|
|pattern||optional||Pattern specifies a regular expression pattern used to filter for image tags||'^master-[a-f0-9]'|
- If your kustomize style artifact is stored in oss, you can create application by flowing these steps:
(Optional)If your OSS bucket needs identity verification, create a Secret first:
Deploy this applciation:
- If your artifact is stored in git, you can create application like this:
- If you want to create a application which updated automatically when image updated. You can create the application like this.
In this addon, there are five controllers to be installed by default
- The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, Helm repositories and S3 buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolkit.
Image (metadata) reflector controller
- This is a controller that reflects container image metadata into a Kubernetes cluster. It pairs with the image update automation controller to drive automated config updates.
Image automation controller
- This controller automates updates to YAML when new container images are available.
- Its sibling, image-reflector-controller, scans container image repositories and reflects the metadata in Kubernetes resources. This controller reacts to that image metadata by updating YAML files in a git repository, and committing the changes.
- The kustomize-controller is a Kubernetes operator, specialized in running continuous delivery pipelines for infrastructure and workloads defined with Kubernetes manifests and assembled with Kustomize.
- The helm-controller is a Kubernetes operator, allowing one to declaratively manage Helm chart releases. It is part of a composable GitOps toolkit and depends on source-controller to acquire the Helm charts from Helm repositories.
- The desired state of a Helm release is described through a Kubernetes Custom Resource named HelmRelease. Based on the creation, mutation or removal of a HelmRelease resource in the cluster, Helm actions are performed by the operator.