Organiser les depots GitOps
Une bonne organisation separe clairement les responsabilites :
# Structure recommandee
infra-gitops/
clusters/
production/
flux-system/
infrastructure/ # Cert-manager, Ingress, monitoring
apps/ # References vers les apps
staging/
flux-system/
infrastructure/
apps/
infrastructure/
cert-manager/
ingress-nginx/
monitoring/
apps/
mon-app/
base/
overlays/
staging/
production/Kustomize pour les overlays
Kustomize permet de gerer les variantes par environnement sans dupliquer les manifestes.
# base/kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yaml
- service.yaml
# overlays/production/kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../base
patchesStrategicMerge:
- replicas-patch.yaml
namespace: productionWebhooks et notifications
Configurez des webhooks pour accelerer la reconciliation et des notifications pour le suivi :
# Flux Notification Provider (Slack)
apiVersion: notification.toolkit.fluxcd.io/v1beta3
kind: Provider
metadata:
name: slack
namespace: flux-system
spec:
type: slack
channel: deploys
secretRef:
name: slack-webhook-url
---
apiVersion: notification.toolkit.fluxcd.io/v1beta3
kind: Alert
metadata:
name: on-call
namespace: flux-system
spec:
providerRef:
name: slack
eventSeverity: error
eventSources:
- kind: Kustomization
name: '*'Important : Utilisez des branches protegees et des revues de code obligatoires sur les depots GitOps. Un merge dans main declenche le deploiement en production.