Introduction
Managing changes in an Azure Kubernetes Service (AKS) cluster can only be challenging with a robust process in place. Traditionally, change management in AKS has been manual, relying on tools like kubectl and Helm charts. This approach can be error-prone and needs more consistency. Introducing Flux, a GitOps operator, will significantly improve the change management process. Flux utilizes Git repositories as the primary source of truth. It ensures a consistent reflection of the system’s desired state in its actual state.
Change Management in AKS
This blog outlines the change management process with and without Flux, the benefits of adopting Flux, and the steps for its implementation in an AKS cluster.
In an Azure Kubernetes Service (AKS) cluster, the change management process was manual and ad hoc. Developers and administrators often directly apply changes using kubectl apply, Helm charts, or Kubernetes manifest. Although this method is simple, it lacked sufficient automation and consistency. However, the process has evolved significantly with the introduction of Flux, a GitOps operator. Flux allows developers to apply DevOps practices like collaboration, CI/CD, and version control to infrastructure automation and application deployment. It serves as a tool to keep Kubernetes clusters in sync with configuration sources, such as Git repositories. By continuously monitoring the Git repository, applying changes whenever new code or configuration becomes available, and ensuring adherence to the recommended deployment strategy, it automates configuration updates.
How Flux works?
At its core, Flux operates on the principle that the Git repository reflects the system’s desired state. It tirelessly works to align the system’s actual state with this desired state by continuously monitoring and resolving any discrepancies that may arise. This ensures a more streamlined and automated approach to managing changes in AKS clusters, which enhances efficiency and reliability.
Flux Controllers
These are essential components in the GitOps workflow, as they automate various aspects of change management in AKS:
Source Controller watches Git repositories and other external sources (like Helm repositories) for changes. It fetches the manifests and feeds them into the reconciliation process.
The Kustomize Controller automates the application of Kubernetes manifests with Kustomize, enabling advanced configuration management and patching for different environments.
Helm Controller automates the deployment of Helm charts, simplifying the management of packages and versioning of applications running on AKS.
The Notification Controller is responsible for sending alerts and notifications regarding the status of reconciliation processes and actions, such as successful deployments or unsuccessful updates.
Image Automation Controller monitors container registries and updates image versions in Git when new images are pushed, helping to maintain up-to-date container images across the infrastructure.
These controllers ensure the AKS cluster is always consistent with the configuration stored in Git and enable continuous, automated deployment of new features and fixes.
Benefits
By implementing Flux and adopting the GitOps methodology, the change management process in the AKS cluster improves significantly.
-
Automated Deployments:
This feature enables automated application deployments to AKS. Instead of manually applying changes to the cluster, you can rely on Flux to automatically sync the desired state specified in your Git repository with the AKS cluster, making the process more streamlined and less error-prone.
-
GitOps Principles:
It adheres to the GitOps principles, mandating the use of version-controlled Git repositories for all Kubernetes cluster changes. This promotes a consistent, auditable, reproducible deployment process, as every change is visible in the Git history.
-
Rollback and RollForward:
This allows you to easily roll back or roll forward to different versions of your application by reverting or applying commits in your Git repository. It provides a simple and effective way to manage application versions and handle potential issues or bugs that may arise during updates.
-
Declarative Approach:
With Flux, you define your cluster’s desired state using Kubernetes manifests stored in your Git repository. This declarative approach guarantees the consistency of the cluster configuration with your specified configuration, even when you make changes directly to the cluster.
-
Continuous Delivery:
This method enables continuous delivery by automating and updating the cluster with new versions of applications. This allows you to deliver features, bug fixes, and updates more rapidly and reliably.
-
Integration with CI/CD Pipelines:
You can integrate Flux into your CI/CD pipelines to automatically trigger deployments upon the push of new changes to the Git repository. This tight integration simplifies the development and deployment workflow.
Overall, Flux provides a powerful mechanism to manage your AKS cluster in a GitOps-centric manner, promoting collaboration, consistency, and continuous delivery. Using Flux with AKS, you can establish a robust deployment process, maintain a clear history of changes, and ensure that your cluster’s state always aligns with your desired configuration.
Limitations
- The tool is only compatible with the Kubernetes platform. Other instruments are required to implement GitOps methods on different platforms.
- Business owners need expert assistance to set up the tooling properly, as the process is rather complicated.
- While Flux is flexible, it may only cater to some unique requirements or use cases with additional customizations.
- Flux relies heavily on Git as the source of truth for the desired state of Kubernetes clusters. Problems with the Git repository or connectivity issues can hinder the cluster’s effective management.
Prerequisites
- An Azure subscription that includes a deployed AKS cluster with at least one node is required.
- Azure CLI and logged in to the subscription with owner access.
- kubectland a working kube config (use az aks get-credentials)
- Azure CLI 2.15 or later
AKS Cluster
Before configuring Flux for AKS
Steps for implementation
Register AKS ExtensionManager and configure Azure CLI
az account set --subscription
az aks get-credentials --resource-group --name --overwrite-existing
Register the feature
az feature register --namespace Microsoft.ContainerService --name AKS-ExtensionManager
Register the following providers
az provider register --namespace Microsoft.Kubernetes
az provider show -n Microsoft.Kubernetes | grep "registrationState"
az provider register --namespace Microsoft.ContainerService
az provider register --namespace Microsoft.KubernetesConfiguration
az provider show -n Microsoft.KubernetesConfiguration | grep "registrationState"
Enable CLI extensions or upgrade if there is a newer version
az extension add -n k8s-configuration –upgrade
az extension add -n k8s-extension --upgrade
Install Flux v2
az k8s-extension create -g -c -n flux --extension-type
microsoft.flux -t managedClusters --auto-upgrade-minor-version true
It will add the required or respective resources of Flux, such as namespace, pod, etc.
The main components are,
- Kustomize controller: installs manifests (.yaml files) from configured sources, optionally using kustomize
- Helm controller: installs Helm charts
- The source controller is responsible for configuring sources like git or Helm repositories.
- The notification controller manages notifications, including those sent to Teams or Slack.
- The Flux config agent communicates with the data plane (Azure) and provides Azure with information about the status of Flux, including reconciliations.
- Flux configuration controller: manages Flux on the cluster; checks for Flux Configurations that you create with the Azure CLI
Create a Flux Configuration
az k8s-configuration flux create -g -c -n cluster-config --
namespace cluster-config -t managedClusters --scope cluster -u https://github.com/chandra217/aks-
flux-poc.git --branch main --kustomization name=infra path=./infra prune=true --kustomization
name=apps path=./apps prune=true
It will create the resources that are defined in the aks-flux-poc repo.
Make sure you’ve created the flux-related resources (namespace, cluster config, etc.).
kubectl get ns
kubectl get pod -n dev
kubectl get pod -n dev-space
kubectl get fluxconfigs cluster-config -o yaml -n cluster-config
kubectl get gitrepo cluster-config -o yaml -n cluster-config
kubectl get kustomizations cluster-config-infra -o yaml -n cluster-config
GitOps configuration is ready under the created AKS cluster in the Azure portal.
We can change configuration files and monitor the resources in the k8s cluster and how the flux works here.
Updating the deployment.yaml (replicas value)
The environment is updated by the git change commits after a few minutes.
Note: No manual intervention was required to update the deployment. The flux itself detects the configuration changes in the source and applies them.
Conclusion
The integration of Flux into Azure Kubernetes Service (AKS) represents a significant advancement in change management practices, leveraging a GitOps-centric methodology. This approach ensures a streamlined, automated, and error-free deployment process, thereby enhancing collaboration, maintaining a comprehensive change history, and aligning the cluster state with the desired configuration. Despite inherent limitations, Flux delivers noteworthy advantages in AKS cluster management, establishing itself as a valuable asset for contemporary DevOps methodologies.