GitOps Deployment¶
Deploy and manage the Obsyk operator using GitOps tools for automated, declarative cluster management.
Why GitOps?¶
- Declarative: Define your desired state in Git
- Auditable: Full history of all changes
- Automated: Continuous reconciliation
- Rollback: Easy recovery from failed deployments
Flux CD¶
Flux CD supports automatic version upgrades using semver ranges.
Prerequisites¶
- Flux CD v2 installed (installation guide)
- kubectl configured for your cluster
- Obsyk credentials (Client ID and Private Key)
Create a HelmRepository¶
Create obsyk-helmrepository.yaml:
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: obsyk
namespace: flux-system
spec:
interval: 1h
url: https://obsyk.github.io/obsyk-operator
Apply:
Create a Credentials Secret¶
kubectl create namespace obsyk-system
kubectl create secret generic obsyk-credentials \
--namespace obsyk-system \
--from-literal=clientId=YOUR_CLIENT_ID \
--from-file=privateKey=private-key.pem
Create a HelmRelease¶
Create obsyk-helmrelease.yaml:
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: obsyk-operator
namespace: obsyk-system
spec:
interval: 15m
chart:
spec:
chart: obsyk-operator
version: ">=0.3.0"
sourceRef:
kind: HelmRepository
name: obsyk
namespace: flux-system
interval: 5m
install:
createNamespace: true
values:
agent:
clusterName: "my-cluster"
platformURL: "https://api.obsyk.ai"
credentialsSecretRef:
name: obsyk-credentials
Apply:
Automatic Upgrades¶
The version: ">=0.3.0" field enables automatic upgrades. Flux checks for new versions every 5 minutes and upgrades automatically.
| Pattern | Behavior |
|---|---|
>=0.3.0 | Any version 0.3.0 or higher |
0.3.x | Any 0.3.x patch version |
>=0.3.0 <1.0.0 | 0.x versions only |
Production Recommendation
Use >=0.3.0 <1.0.0 to auto-upgrade patches and minors while avoiding breaking major version changes.
Verify Installation¶
# Check HelmRelease status
flux get helmrelease obsyk-operator -n obsyk-system
# View operator pods
kubectl get pods -n obsyk-system
Troubleshooting¶
Force reconciliation:
View logs:
ArgoCD¶
ArgoCD provides declarative GitOps with a web UI for visibility.
Prerequisites¶
- ArgoCD installed (installation guide)
- kubectl configured for your cluster
- Obsyk credentials (Client ID and Private Key)
Create a Credentials Secret¶
kubectl create namespace obsyk-system
kubectl create secret generic obsyk-credentials \
--namespace obsyk-system \
--from-literal=clientId=YOUR_CLIENT_ID \
--from-file=privateKey=private-key.pem
Create an Application¶
Create obsyk-application.yaml:
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: obsyk-operator
namespace: argocd
spec:
project: default
source:
repoURL: https://obsyk.github.io/obsyk-operator
chart: obsyk-operator
targetRevision: "0.3.5"
helm:
values: |
agent:
clusterName: "my-cluster"
platformURL: "https://api.obsyk.ai"
credentialsSecretRef:
name: obsyk-credentials
destination:
server: https://kubernetes.default.svc
namespace: obsyk-system
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
Apply:
Upgrading¶
To upgrade, update targetRevision to the new version and commit to Git:
Automate Version Updates
Use Renovate to automatically create PRs when new versions are available.
Verify Installation¶
Via ArgoCD UI:
- Open ArgoCD web interface
- Find
obsyk-operatorapplication - Check sync status shows "Synced" and "Healthy"
Via CLI:
Troubleshooting¶
Force sync:
View diff:
Comparison¶
| Feature | Flux CD | ArgoCD |
|---|---|---|
| Auto-upgrade | Native semver ranges | Manual (use Renovate) |
| Web UI | CLI only | Rich dashboard |
| Best for | Platform teams, automation | Application teams, visibility |
Next Steps¶
- Operator Configuration - Customize operator settings
- Security - Review security best practices