Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • stackspin/stackspin-flux-example
  • xeruf/stackspout
2 results
Show changes
Commits on Source (4)
Hide whitespace changes
Inline Side-by-side
.gitignore 0 → 100644
View file @ 14dec78f
advanced/
README.md
View file @ 14dec78f
......@@ -11,6 +11,12 @@ repository.
This repo's directory structure is similar to the `flux2-kustomize-helm-example`
one.
> **NOTE**: Make sure to not re-use the names of kustomizations,
> helm releases, or any other Kubernetes manifests
> that are already present in the Stackspin `flux2` directory.
> If you do, Flux will alternate between reconciling your
> and our kustomization, which *will* result in an unstable situation.
## Basic configuration
We'll start with a very basic configuration:
......@@ -42,10 +48,24 @@ curl --resolve podinfo.local:80:CLUSTER_IPV4_ADDRESS http://podinfo.local
## What's next ?
There are two ways of using a custom flux
There are two ways of using a custom flux repo to host your custom config/apps
on a Stackspin cluster.
### A) Manage secrets manually
This approach is easier to start with,
because you don't need to configure your cluster to handle encrypted secrets
and access to a private git repository.
* Fork this repository into a public git repo, cloneable via `https://`
### Everything in version control, including secrets
* Fork this repo to a private git remote (Github, Gitab, etc.)
* Configure flux to use ssh instead of https for cloning
* Add private ssh key for git pulling to flux
* Add public ssh key for git pulling to your git remote
* [Encrypt your secrets using sops](https://github.com/fluxcd/flux2-kustomize-helm-example#encrypt-kubernetes-secrets)
* Fork this repository into a private git repo, cloneable via `ssh://`
* [Configure flux to use ssh instead of https for cloning](https://fluxcd.io/docs/components/source/gitrepositories/#ssh-authentication)
* You shouln't rely solely on transport encryption for your git repository
but rather end-to-end encrypt your secrets.
Different methods are available for flux:
* [Sops](https://fluxcd.io/docs/guides/mozilla-sops/)
[Sops section in flux2-kustomize-helm-example](https://github.com/fluxcd/flux2-kustomize-helm-example#encrypt-kubernetes-secrets)
* [Sealed Secrets](https://fluxcd.io/docs/guides/sealed-secrets/)
basic/install.sh
View file @ 14dec78f
......@@ -7,8 +7,8 @@ flux create source git stackspin-flux-example \
--branch=main \
--interval=1h
echo "Creating / updating kustomization stackspin-flux-example-basic in namespace example-basic"
flux create kustomization stackspin-flux-example-basic \
echo "Creating / updating kustomization stackspin-flux-example in namespace example-basic"
flux create kustomization stackspin-flux-example \
--namespace=example-basic \
--source=GitRepository/stackspin-flux-example \
--path="./basic/clusters/production/" \
......