flux + kubernetes + gitops + Kustomization

1. 安装依赖

yum install -y git

2. 设置代理（根据你的环境）

export http_proxy=http://192.168.3.77:20171

export https_proxy=http://192.168.3.77:20171

export NO_PROXY=*.baidu.com,10.0.0.0/8,.cluster.local,192.168.3.0/24

3. 安装 flux CLI

curl -s https://fluxcd.io/install.sh | bash

source ~/.bashrc

4. 初始化 Git 仓库

mkdir -p /root/gitops-repo

cd /root/gitops-repo/

git init

git config --global user.name "user"

git config --global user.email "user@example.com"

5. 安装 Flux 到 Kubernetes

flux install

6. 创建目录结构

mkdir -p base overlays/dev

7. 编写 base 资源

cat > base/deployment.yaml << EOF

apiVersion: apps/v1

kind: Deployment

metadata:

name: myapp

spec:

replicas: 1

selector:

matchLabels:

app: myapp

template:

metadata:

labels:

app: myapp

spec:

containers:

• name: myapp

image: nginx:alpine

ports:

• containerPort: 80

EOF

cat > base/service.yaml << EOF

apiVersion: v1

kind: Service

metadata:

name: myapp

spec:

type: ClusterIP

ports:

• port: 80

selector:

app: myapp

EOF

cat > base/kustomization.yaml << EOF

apiVersion: kustomize.config.k8s.io/v1beta1

kind: Kustomization

resources: //这里必须写resources "./overlays/dev" 不用写是应为他是监听主目录是唯一的例外

• deployment.yaml

• service.yaml

EOF

8. 编写 overlays/dev

cat > overlays/dev/kustomization.yaml << EOF

apiVersion: kustomize.config.k8s.io/v1beta1

kind: Kustomization

resources:

• ../../base

replicas: //只会修改被resources引入的yaml

• name: myapp

count: 2

images:

• name: nginx

newTag: 1.25-alpine

EOF

9. 提交到 Git

git add .

git commit -m "init gitops"

10. 配置 SSH 密钥（本地Git认证）

ssh-keygen -t rsa -N "" -f /root/.ssh/id_rsa

cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys

chmod 600 /root/.ssh/authorized_keys

ssh -o StrictHostKeyChecking=no root@192.168.3.243 "echo OK"

11. 创建 Git 源（Flux 拉取 Git）

flux create source git gitops-repo \

--url=ssh://root@192.168.3.243/root/gitops-repo \

--branch=master \

--interval=30s \

--private-key-file=/root/.ssh/id_rsa

12. 授予 Flux 集群权限

kubectl create clusterrolebinding flux-cluster-admin \

--clusterrole=cluster-admin \

--serviceaccount=flux-system:flux-system

13. 加入测试资源（带 namespace）

cat > overlays/dev/nginx-test.yaml << EOF

apiVersion: v1

kind: Pod

metadata:

namespace: default

name: nginx-test

spec:

containers:

• name: nginx

image: nginx:alpine

EOF

git add .

git commit -m "fix: add namespace"

14. 创建 Kustomization（自动部署）

flux create kustomization gitops-dev \

--source=gitops-repo \

--path="./overlays/dev" \

--prune=true \

--interval=30s \

--target-namespace=default

15. 查看最终状态

flux get all

kubectl get po