Bird
Raised Fist0
Kubernetesdevops~10 mins

FluxCD for continuous delivery in Kubernetes - Step-by-Step Execution

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Process Flow - FluxCD for continuous delivery
Start: Developer pushes code to Git
FluxCD detects Git changes
FluxCD pulls updated manifests
FluxCD applies manifests to Kubernetes cluster
Cluster state updated to match Git
Monitor for drift and repeat
FluxCD watches your Git repository for changes, then updates your Kubernetes cluster to match those changes automatically.
Execution Sample
Kubernetes
flux reconcile source git my-app
flux reconcile kustomization my-app
kubectl get pods
These commands tell FluxCD to sync the Git source and apply the Kubernetes manifests, then check the running pods.
Process Table
StepActionInput/ConditionResult/Output
1Developer pushes codeNew manifests committed to GitGit repository updated
2FluxCD detects changeGit repo has new commitTriggers reconciliation
3FluxCD pulls manifestsFetch latest manifests from GitLocal cache updated
4FluxCD applies manifestsManifests describe deploymentKubernetes cluster updated
5Check cluster statekubectl get podsPods reflect new deployment
6Monitor for driftCluster state vs Git stateIf drift, repeat sync
💡 FluxCD stops after cluster matches Git state and no drift detected
Status Tracker
VariableStartAfter Step 1After Step 3After Step 4Final
Git RepositoryOld manifestsNew manifests committedNew manifests fetchedN/ANew manifests
FluxCD CacheEmpty or oldN/AUpdated with new manifestsN/AUpdated
Kubernetes ClusterOld deploymentOld deploymentOld deploymentUpdated deployment appliedUpdated deployment
PodsOld pods runningOld pods runningOld pods runningNew pods startingNew pods running
Key Moments - 3 Insights
Why does FluxCD pull manifests from Git instead of pushing changes directly?
FluxCD follows GitOps principles where Git is the single source of truth. It pulls changes to ensure the cluster matches Git exactly, as shown in execution_table step 3.
What happens if the cluster state drifts from Git manifests?
FluxCD detects drift and automatically re-applies manifests to fix it, as described in execution_table step 6.
Why do we check pods after applying manifests?
Checking pods confirms that the new deployment is running correctly, verifying the cluster update in execution_table step 5.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, at which step does FluxCD update its local cache with new manifests?
AStep 2
BStep 3
CStep 4
DStep 5
💡 Hint
Refer to the 'Result/Output' column in step 3 describing 'Local cache updated'
According to the variable tracker, what is the state of the Kubernetes cluster after step 4?
AOld deployment
BNew pods running
CUpdated deployment applied
DEmpty cluster
💡 Hint
Check the 'Kubernetes Cluster' row under 'After Step 4' in variable_tracker
If the developer does not push new code, what will FluxCD do according to the concept flow?
ADetect no changes and do nothing
BApply old manifests repeatedly
CDelete all resources in cluster
DCrash due to no input
💡 Hint
Look at the concept_flow where FluxCD acts only when it detects Git changes
Concept Snapshot
FluxCD automates continuous delivery by syncing Kubernetes cluster state with Git repository.
It watches Git for changes, pulls updated manifests, and applies them to the cluster.
Git is the single source of truth; cluster state matches Git exactly.
FluxCD monitors for drift and re-applies manifests if needed.
Commands: 'flux reconcile source git' and 'flux reconcile kustomization' trigger sync.
Check cluster state with 'kubectl get pods' after deployment.
Full Transcript
FluxCD is a tool that helps keep your Kubernetes cluster in sync with your Git repository. When a developer pushes new code or configuration files to Git, FluxCD notices the change. It then pulls the updated files and applies them to the Kubernetes cluster. This process ensures the cluster always matches what is defined in Git. After applying changes, you can check the cluster's pods to see the new deployment running. FluxCD also watches for any differences between the cluster and Git, fixing them automatically. This approach is called GitOps, where Git is the single source of truth for your deployments.

Practice

(1/5)
1. What is the primary role of FluxCD in a Kubernetes environment?
easy
A. Automatically sync and deploy application changes from Git to Kubernetes
B. Monitor Kubernetes cluster health and send alerts
C. Manage container image builds and push to registries
D. Provide a user interface for Kubernetes cluster management

Solution

  1. Step 1: Understand FluxCD's purpose

    FluxCD is designed to automate continuous delivery by syncing Kubernetes with Git repositories.

  2. Step 2: Identify the correct role

    Among the options, only automatic syncing and deploying from Git matches FluxCD's role.

  3. Final Answer:

    Automatically sync and deploy application changes from Git to Kubernetes -> Option A

  4. Quick Check:

    FluxCD = Git sync and deploy [OK]
Hint: FluxCD syncs Git changes to Kubernetes automatically [OK]
Common Mistakes:
  • Confusing FluxCD with monitoring tools
  • Thinking FluxCD builds container images
  • Assuming FluxCD provides UI for cluster management
2. Which of the following is the correct minimal YAML snippet to define a GitRepository resource for FluxCD?
easy
A. apiVersion: apps/v1 kind: Deployment metadata: name: my-repo spec: replicas: 1
B. apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: HelmRelease metadata: name: my-repo spec: chart: repository: https://charts.example.com
C. apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: GitRepository metadata: name: my-repo spec: url: https://github.com/example/repo.git
D. apiVersion: v1 kind: Pod metadata: name: my-repo spec: containers: - name: app

Solution

  1. Step 1: Identify the correct apiVersion and kind for GitRepository

    The GitRepository resource uses apiVersion source.toolkit.fluxcd.io/v1beta2 and kind GitRepository.

  2. Step 2: Check the YAML structure

    apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: GitRepository metadata: name: my-repo spec: url: https://github.com/example/repo.git correctly defines metadata and spec with the repository URL, matching FluxCD's GitRepository spec.

  3. Final Answer:

    YAML with apiVersion source.toolkit.fluxcd.io/v1beta2 and kind GitRepository -> Option C

  4. Quick Check:

    GitRepository YAML = apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: GitRepository metadata: name: my-repo spec: url: https://github.com/example/repo.git [OK]
Hint: GitRepository uses source.toolkit.fluxcd.io/v1beta2 and kind GitRepository [OK]
Common Mistakes:
  • Using wrong apiVersion or kind
  • Confusing GitRepository with Deployment or Pod
  • Missing required spec.url field
3. Given this Kustomization YAML snippet, what will FluxCD do when it applies this resource? 
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
  name: example-app
spec:
  interval: 5m
  path: ./deploy
  prune: true
  sourceRef:
    kind: GitRepository
    name: example-repo
  validation: client
medium
A. FluxCD will build a container image every 5 minutes from './deploy' path
B. FluxCD will sync manifests from the Git repo path './deploy' every 5 minutes and prune removed resources
C. FluxCD will only validate manifests but not apply them
D. FluxCD will deploy manifests once and then stop

Solution

  1. Step 1: Analyze the Kustomization spec fields

    The interval field sets sync every 5 minutes; path points to manifests; prune true means remove deleted resources; sourceRef points to GitRepository.

  2. Step 2: Understand FluxCD behavior

    FluxCD will fetch manifests from Git, apply them, and prune removed resources every 5 minutes.

  3. Final Answer:

    FluxCD will sync manifests from the Git repo path './deploy' every 5 minutes and prune removed resources -> Option B

  4. Quick Check:

    Kustomization sync + prune = FluxCD will sync manifests from the Git repo path './deploy' every 5 minutes and prune removed resources [OK]
Hint: Kustomization interval controls sync frequency; prune removes deleted resources [OK]
Common Mistakes:
  • Thinking FluxCD builds container images
  • Assuming validation means no apply
  • Believing sync happens only once
4. You applied a Kustomization resource but FluxCD never deploys your changes. Which of these is the most likely cause?
medium
A. The FluxCD controller pod is running with high CPU usage
B. The Kubernetes cluster is out of disk space
C. The container image tag is not updated in the deployment manifest
D. The GitRepository resource referenced by sourceRef is missing or has wrong name

Solution

  1. Step 1: Check Kustomization sourceRef

    If the GitRepository resource named in sourceRef does not exist or is misnamed, FluxCD cannot fetch manifests to deploy.

  2. Step 2: Evaluate other options

    Disk space or CPU issues may cause problems but won't prevent FluxCD from attempting deploy; image tag issues affect app behavior but not deployment trigger.

  3. Final Answer:

    The GitRepository resource referenced by sourceRef is missing or has wrong name -> Option D

  4. Quick Check:

    Missing GitRepository = no deploy [OK]
Hint: Check sourceRef GitRepository exists and matches name exactly [OK]
Common Mistakes:
  • Ignoring sourceRef misconfiguration
  • Blaming cluster resources without checking FluxCD logs
  • Assuming image tag changes trigger deploy automatically
5. You want FluxCD to deploy only when a specific branch 'release' is updated in your Git repository. Which field should you add or modify in the GitRepository resource to achieve this?
hard
A. Add 'ref: branch: release' under spec in GitRepository
B. Set 'interval: 1h' in Kustomization spec
C. Add 'prune: false' in Kustomization spec
D. Set 'validation: none' in Kustomization spec

Solution

  1. Step 1: Understand GitRepository branch filtering

    To track a specific branch, the GitRepository spec must include a ref field specifying the branch name.

  2. Step 2: Identify correct syntax

    The correct syntax is spec.ref.branch: release, which tells FluxCD to sync only that branch.

  3. Step 3: Evaluate other options

    Interval controls sync frequency, prune controls resource removal, validation controls manifest checking; none filter branches.

  4. Final Answer:

    Add 'ref: branch: release' under spec in GitRepository -> Option A

  5. Quick Check:

    Branch filter = spec.ref.branch [OK]
Hint: Use spec.ref.branch to specify Git branch in GitRepository [OK]
Common Mistakes:
  • Changing Kustomization interval instead of GitRepository branch
  • Disabling prune or validation to filter branches
  • Assuming branch filtering is done in Kustomization