►
From YouTube: TGI Kubernetes 149: GitOps with Flux v2
Description
Come hang out with Evan Anderson (@e_k_anderson) and learn about the v2 API of the newest CNCF incubating project, Flux. We'll compare v1 and v2 of Flux, and see how it can help tame cluster chaos.
A
A
A
A
A
A
A
The
notes
are
at
tgik
dot,
io,
slash
notes,
feel
free
to
collaboratively,
add
stuff.
As
you
know
about
it,
I
took
a
quick
collection
of
things.
I
know,
but
one
of
the
awesome
things
about
the
cncf
community
is
that
it's
so
big
that
you
know
it's
hard
for
everyone
to
know
it
all,
and
that's
where
you
know
shows
like
this
can
help
help
share
all
of
that
information.
A
B
C
C
B
A
A
Oh,
let's
see
well
we're
at
five
after
so
I
think
I'm
probably
gonna
get
started
with
the
week
with
the
news
of
the
week
for
those
of
you
who
are
running
and
updating
your
kubernetes,
which
probably
should
be
all
of
you,
there's
new
kubernetes
out
with
built
with
different
golang
versions.
Just
take
a
look
at
what's
in
the
latest
here.
So
if
any
of
you
have
a
particular.
A
A
A
So
yeah
so
kubernetes
built
patch
releases
if
you're
interested
in
windows
and
conformance,
which
I
know
is
probably
two
topics
that
are
near
and
dear
to
all
of
your
hearts.
But
it's
important.
You
know
that
you
know
hey
when
you're
running
on
windows
that
it's
actually
you
know,
gonna
work.
So
if
you're
interested
in
that
topic,
it
looks
like
there's
a
kept
being
put
together.
A
A
A
A
So
yeah,
oh
lee,
points
out
that
cli
tools
can
also
give
you
a
nice
like
structure
and
ideas
to
how
things
are
supposed
to
work,
whereas
if
it's
just
a
whole
pile
of
yaml
you're
like
oh,
it's
all
the
same.
Let
me
go
in
anywhere
and
it's
just
as
easy
to
break
yourself.
So
cli
puts
a
nice
sort
of
guardrail
and
guided
path
in
for
you.
A
A
Don't
have
to
do
as
many
visa
things,
and
then
I
saw
this
earlier.
It
looked
intriguing
for
those
of
you
who
aren't
familiar
with
it.
Bsd
jails
are
an
alternate
mechanism
for
for
doing
encapsulation,
more
related
to
sort
of
solaris
zones,
as
I
understand
it
than
the
linux
stuff
that
largely
got
tacked
on
through
c
groups
and
other
mechanisms
there.
But
it
looks
like
it
provides
an
oci
implementation.
A
A
A
Here
get
ups.
Con
is
a
day
zero
for
kubecon,
okay,
that
explains
the
particular
date
in
there
there's
a
lot
of
those
cool
day,
zero
events
so
yeah.
If
you're
going
to
kubecon.
I
definitely
say
that
day:
zero
is
a
chance
to
kind
of
get
in
and
actually
get
some
experience
with
the
projects
up,
close
and
personal
in
a
way
that
the
main
conference
has
gotten
pretty
big.
So
you'll
still
see
some
cool
presentations,
but
there's
like
a
line
of
20
people
to
have
a
conversation.
A
Pristine
fantastic
clusters
to
be
able
to
focus
on
get
ops,
so
full
disclosure
here
my
personal
style
so
far-
has
been
get
ops
after
the
fact
where
I
discover
something's
broken
in
my
cluster,
I
cube
control
edit
it
and
then
I
say,
oh
and
I
need
to
commit
that
back
to
my
get
ops,
repo,
I'm
hoping
that
maybe
flux
can
help
me
break
that
habit,
the
habit
of
fixing
things
live
and
then
documenting
afterwards.
I
don't
know
if
I
can
fix
my
habit
of
not
having
a
broken
cluster.
A
C
A
A
C
B
C
C
A
A
So
yeah
so
flux
is,
it
says,
a
tool
here,
I'd
probably
say
given
how
you've
reconstructed
things,
maybe
it's
a
tool
kit,
but
but
yeah.
The
idea
is
that
you
declare
what
you
want
your
configuration
to
be
and
then
flux
helps
you.
Actually,
you
know,
keep
your
world
in
sync
with
what
your
configuration
is
so.
A
A
A
A
B
A
This
is
the
state
that
I
want
my
resources
to
be
in
and
then
you
know
continuously,
you
just
have
a
computer.
You
know
this
is
one
of
those
things.
Computers
are
good
at
just
repeatedly
say:
are
there
differences?
Oh,
let
me
go
fix
it.
Let
me
go
fix
it.
Let
me
go
fix
it,
and
so,
if
you
go
in
and
edit
things
by
hand
get
ops
will
just
reset
things
back.
So
it's
a
it's
fairly
resilient
to
accidental
changes.
A
A
And
let's
see,
let's
go
back
so
it
looks
like
so
in
the
sample
diagram
here.
They've
got
some
information
like
sources
and
customizations
and
then
much
of
customizations.
I
view
as
feeding
into
the
kubernetes
api
directly,
but
but
they've
got
a
bunch
of
sources.
You
know
different
git,
repos
and
stuff
and
then
a
controller
that
customize
and
helm
can
read
from
and
create
various
resources.
A
Oh,
this
is
nice.
You
can
also
use
an
s3
bucket,
so
if,
for
some
reason
getting
get
is
get
set
up
is
tricky
for
you,
you
can
push
stuff
into
an
s3
bucket
and
then
pull
it
pull
things
down
from
there
and
that
just
lets
you,
you
know,
use
an
object
store
which
might
be
easier
to
set
up
than
get
synchronization.
In
some
cases.
A
A
A
A
A
A
C
C
C
D
C
C
A
A
A
Oh,
this
is
good
it's.
It
looks
like
that
you're
keeping
it
cash
locally
of
the
get
status
so
when
when
something
like
github
is
down
you're
not
permanently
down.
So
that
is
a
nice
pattern,
something
that
I
learned
when
I
was
doing.
Sre
was
don't
assume
your
source
control
system
is
up,
you
might
have
broken
it
or.
A
A
A
A
A
A
C
C
C
A
A
C
C
A
A
A
A
A
A
A
A
C
A
D
A
C
C
C
C
C
C
B
A
C
A
A
C
C
B
A
D
A
A
A
C
C
A
A
C
C
B
D
A
A
A
D
C
C
C
C
A
A
D
C
C
C
C
A
D
C
A
A
C
A
A
C
C
A
A
A
Things
in
production,
usually
you
can't
get
a
new
cluster
so
quickly,
and
so
it's
really
easy
for
us
as
developers
to
be
like.
Oh,
I
just
you
know
clear
out
the
cluster
and
I
do
it
again
and
everything's
fine,
and
so
I
think
it's
great
for
development
to
be
able
to
get
a
new
kind
cluster
to
learn
this
stuff
and
I
think
it's
great
for
developers
to
be
able
to
get
that
stuff
started.
A
But
I
was
also
going
to
say
that
it
can
be.
It
can
be
a
little
bit
too
alluring
to
be
like
oh
look,
I
can
get
new
free
infrastructure,
there's
an
uninstall
command
that
would
have
been
good
to
know,
but
I
think
that
this
will
work
just
fine,
because
we
already
got
done
with
the
bootstrap
from
github.
A
A
A
A
I
just
also
want
to
look
we've
got.
This
is
oh.
This
is
interesting.
I
did
one
cli
command,
but
I
actually
ended
up
with
five
different
commits,
so
we
started
with
those
components
that
we
were
looking
through
before
and
then
here's
the
get
repository
with
an
ssh
and
the
customization
that
has
these
two
files
in
it.
A
B
C
D
C
A
C
A
A
C
C
C
B
C
A
C
C
A
C
C
D
C
A
A
C
C
A
C
C
A
C
C
A
C
C
C
C
C
D
A
A
A
C
A
So
now
I
have
pod
info
running
and
I
could
port
forward
to
it
and
get
all
that
stuff
going.
So
if
you
don't
manage
to
check
things
in
utf-16-
and
you
know
what
you're
doing
it
looks
like
this
will
go
pretty
well
and
it
looks
like
they're
actually
already
using
flux
to
manage
the
flux
deployment,
which
is
pretty
cool.
It's
it's
not
quite
circular,
because
if
something
goes
wrong,
you
can
always
just
take
down
the
controllers
and
they'll
stop
reconciling
things.
A
And
because
I'm
lazy,
I'm
going
to
call
the
reconciliation
again
and
here's
helm
controller
coming
up.
So
if
I
didn't
know
about
how
to
pause
this
stuff,
what
I
would
actually
do
would
be
a
cube
control,
edit
influx
system,
the
customize
controller,
and
what
you
can
do
is
you
can
set
replicas
to
zero
and
then
the
pods
stop
running.
But
you
still
have
the
resource
around
and
you
can
go
back
and
scale
it
up
later.
B
A
Crd
and
looks
like
they
just
included
the
go
code,
which
is
a
perfectly
reasonable
thing
to
do.
If
you
aren't
doing
any
particular
tricks
to
rename
things
or
include
stuff
and
here's
the
bool,
so
you
can
just
say:
don't
do
any
more
customizations
here
and
leave
it
be
one
thing
that
would
be
really
neat
and
I
don't
know
if
there's
a
way
to
do
this
already
would
be
to
output
a
diff.
A
So
if
you're
trying
to
move
in
to
a
get
ops
world-
and
you
have
a
bunch
of
stuff-
that's
already
there-
you
may
be
a
little
nervous
about
moving
it
under
get
option
control
and
it
would
be
nice
to
have
a
diff
command
for
something
like
customize,
where
it
would
tell
you
hey.
These
are
the
changes
I
would
make,
and
you
can
look
and
say:
is
this
a
reasonable
diff?
Am
I
comfortable
with
it.
A
A
A
A
A
A
A
Timeout
for
validation,
recreate
resources,
so
it
looks
like
you
can
control
whether
we'll
do
a
delete
and
recreate
at
least
for
customize,
and
it
looks
like
you've
got
some
set
of
additional
stuff
that
you
can
put
in.
That's
not
like
your
customized
ap
customize
api
looks
like
you
can
pass
patches
in
directly,
as
well
as
creating
files
that
will
get
passed
into
customize.
A
A
A
A
I
noticed
these
are
targey
zips.
It
might
be
interesting
to
look
at
the
e-star,
the
estg
project
that
basically
has
a
mechanism
for
putting
a
table
of
contents
at
the
end
of
the
targy
zip,
so
that
things
are
seekable.
They
designed
this
for
docker
registry,
but
it
could
potentially
let
you
just
download
pieces
if
you
want
only
pieces
of
the
file
system.
A
A
A
A
So
it
looks
like
you
can
do
I
understand
why
you've
got
these
personally,
I
would
almost
rather
have
the
source
itself
as
a
yaml
file,
rather
than
these
commands
to
create
a
yaml
file,
particularly
since
the
last
time
that
happened.
It
screwed
things
up,
but
I
just
feel
like
there's
a
little
bit
of
magic
here
about
creating
custom
resources
that
doesn't
need
to
be
magic.
A
D
A
A
A
A
C
C
C
C
A
It's
not
quite
as
nice,
because
we
do
get
this
cube,
control
annotation
that
it
would
be
really
nice
to
not
have.
But
you
know
it's
only
so
much
you
can
reverse
once
you've
put
stuff
in
and
you're
like.
Oh,
let
me
pick
the
bits
out
of
the
sausage,
but
that's
really
nice
that
you
can
do
that.
It
would
be
nice
to
have
a
general
tool
to
take
stuff
that
was
in
kubernetes
and
put
it
back
into
github.
A
Sometimes
you
end
up
with
a
lot
of
extra
commits
if
you're
debugging
a
problem
you're
like
oh,
I
just
discovered
that
you
know
my
cluster
is
you
know
over
memory
reservations
and
that
critical
pod
can't
run
you
know.
How
do
I
get
it
running
again?
Get
ops
can
feel
like
a
little
bit
of
an
obstacle
there,
but
certainly
as
soon
as
the
incident
is
over,
you
want
to
get
get
ops
running
again,
even
if
you
had
to
pause
it
for
a
moment.
So.
A
D
A
Lee
is
completely
right
that
those
commits
are
modifying
the
infrastructure,
and
you
probably
do
want
to
store
that
history.
It
as
long
as
it's
not
too
much
extra
friction
to
get
things
into
the
get
repo.
It's
probably
a
better
way
to
do
things,
so
I
may
I
may
see
if
I
can
try
living
that
religion
real
hard
on
my
own
personal
cluster,
which
was
running
out
of
memory
this
past
week.
A
A
A
A
A
C
A
Yeah,
I
think
one
of
the
challenges
for
helm
in
particular.
Is
you
probably
want
to
be
able
to
set
patterns?
See
you
samir?
You
probably
want
to
actually
have
parameters
to
the
helm
chart.
Otherwise
you
might
as
well
just
have
some
yaml,
and
so
you
probably
have
to
go
in
and
do
those
substitutions
after
you've
done
the
flux.
Bootstrap
export
tools
like
customize
make
that
a
little
bit
easier
because
they
work
in
terms
of
logical
patches
rather
than
needing
to
insert
templates.