Restoration¶
How to restore a cluster using flux after installing an operating system on all cluster nodes.
The first step is to get a base K3s installation installed on your cluster. This can be done be using the Ansible Install playbook.
TL;DR¶
task k3s:bootstrap
flux-system Namespace¶
The next thing to do is create a flux-system namespace to install the sops-gpg secret so that flux can properly unencrypt any secrets in the repository.
kubectl create namespace flux-system
Mozilla SOPS¶
Once the flux-system namespace is created, import the private gpg key back into the cluster using whichever method you prefer.
Restore Private GPG Key using pass¶
pass gpg/home-cluster-private |
kubectl create secret generic sops-gpg \
--namespace=flux-system \
--from-file=sops.asc=/dev/stdin
Note
Where gpg/home-cluster-private is the location of the home-cluster private key in pass.
Restore Private GPG Key from the gpg keyring¶
gpg --export-secret-keys --armor "${KEY_FP}" |
kubectl create secret generic sops-gpg \
--namespace=flux-system \
--from-file=sops.asc=/dev/stdin
Note
Where "${KEY_FP}" is the fingerprint of the home-cluster gpg key.
Restore Using the Flux CLI¶
Run the bootstrap command:
flux bootstrap github \
--owner=$GITHUB_USER \
--repository=home-cluster \
--branch=main \
--path=./cluster \
--personal
The above command will clone the repository, update the components manifest in
Tell Flux to pull the manifests from Git and upgrade itself with:
flux reconcile source git flux-system
Verify that the controllers have been upgrade with:
flux check
Note
If you are having trouble restoring you cluster, try deleting the deploy key from your cluster repo.
Pull the Repo¶
After flux syncs with the repo, you'll need to perform a git pull in order to update your local repo.
git pull origin main