Bootstrapping Flux with Terraform #3716
Replies: 1 comment 1 reply
-
I'm also looking into deploying Flux with SOPS on AKS and authenticate Flux via Workload Identity to fetch SOPS key from Azure Key Vault. Currently, I'm using the deprecated AAD Pod Identtity, so I patch Flux manifests with dedicated # kustomization.yaml
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- gotk-aad-sops.yaml
- gotk-git-ssh-secret.yaml
- gotk-components.yaml
- gotk-github-repository.yaml
- gotk-sync.yaml
- gotk-automation.yaml
patches:
- patch: |
apiVersion: apps/v1
kind: Deployment
metadata:
name: kustomize-controller
namespace: flux-system
spec:
template:
metadata:
labels:
aadpodidbinding: sops-akv-decryptor # match the AzureIdentity name
spec:
containers:
- name: manager
env:
- name: AZURE_AUTH_METHOD
value: msi I'm looking into switching to the Workload Identity where patching will be necessary but of I'm also looking into switching to Terraform as the Flux installation driver, Long story short, the patching seems doable with the Terraform provider: It's worth to mention, the |
Beta Was this translation helpful? Give feedback.
-
It's possible I'm misunderstanding something, but how is one supposed to bootstrap Flux onto a cluster, ideally using Terraform?
I have been struggling for a few days trying to get Flux set up in a semi-stable manner on a Kubernetes cluster that is deployed via Terraform. I'd like to bootstrap the cluster via Terraform to be able to go from 0 to a fully-automated cluster. There are a few parts I've been having issues with though:
It's probably a lack of understanding, but there doesn't seem to be a way to make the Terraform bootstrap idempotent?
Beta Was this translation helpful? Give feedback.
All reactions