Init flux plugin

[ashu8912]

No description provided.

[ashu8912]

[ashu8912]

fixes #74

[mgalesloot]

A comparison between HeadLamp flux plugin and Weave Gitops is provided below. The focus is on Kustomization and HelmRelease.

Page	Review
applications	Weave GitOps shows helmreleases and kustomizations in a single table.
applications	Weave shows kustomizations and helmreleases with errors on top which is nice for monitoring. The flip side is that the entries are continuously being sorted which is annoying.
applications	Headlamp: width of the colums do not resize to content. Other headlamp pages (e.g list of pods) have better column widths.
applications	Headlamp: Icon Ready/Failed is quite large making the table untidy. I would prefer the same styling as in other HeadLamp pages e.g. Workloads/Pods/Status
applications	Weave shows Tenant and Verified fields which are not shown in Headlamp.
applications	Headlamp shows Revision and Last Updated, which are not shown in Weave. Helmrelease does not have a lastAppliedRevision, maybe we should use lastAttemptedRevision for helmrelease
applications	Weave shows checkboxes supported with actions for Sync, Suspend, Resume.
applications	Weave does not provide pagination.
kustomization	Weave shows more information in a collapsable panel, however quite a few fields are not shown (creation, prune, force, annotations, ...)
kustomization	Weave shows icon and status info in the header, e.g. "GitRepository.source.toolkit.fluxcd.io "does-not-exist" not found"
kustomization	Weave shows Last Updated 1 minute ago in the top right of the page
kustomization	Weave shows icon and health checks in the header (but I doubt you can trust it to be correct)
kustomization	SourceRef is in HeadLamp shown as JSON, in Weave the ref to source is shown as a hyperlink
kustomization/Inventory	Weave Gitops calls the Inventory "Details"
kustomization/Inventory	Order of fields is name/kind/namespace (headlamp has name/namespace/kind)
kustomization/Inventory	Weave shows a message field (e.g. "ReplicaSet "source-controller-54c89dcbf6" has successfully progressed.")
kustomization/Inventory	Weave shows the actual container images
kustomization/Inventory	HeadLamp does not show Custom resources such as cert-manager.io/ClusterIssuer
kustomization/Inventory	Weave shows a Healthy column (not always useful, my test shows a healthy icon with the message "Deployment does not have minimum availability." )
kustomization/Events	Default sort order in Weave is Last event first.
kustomization/Conditions	Weave does not show conditions
kustomization/Graph	Weaves graph looks nice but impossible to use on smaller screens.
kustomization/Dependencies	Weave shows dependencies as a graph. Dependencies are red if not ready. Headlamp shows dependencies, but there is no navigation link and the status is not shown.
kustomization/Yaml	Weave provides read only YAML, HeadLamp direct;ly goes into edit mode.
kustomization/Violations	Weave shows violations from the Weave Enterprise Policy Agent.
helmrelease	Most findings for kustomization apply to helmrelease as well.
helmrelease	Weave shows values only in the YAML.
helmrelease	Weave shows Last attempted revision , Last applied revision
helmrelease	Weave does not show Reconcile strategy (dont understand why)
helmrelease/Inventory	Nothing is shown in Weave nor Headlamp. Please note Flux tree shows details for helmreleases.

[stefanprodan]

I've been reading the code and for HelmRelease it assumes that the chart is always embedded in the .spec.chart while in the Flux API this is just one of the possibilities. For charts hosted in OCI repositories this is how it looks:

apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: OCIRepository
metadata:
  name: podinfo
  namespace: default
spec:
  interval: 10m
  url: oci://ghcr.io/stefanprodan/charts/podinfo
  ref:
    semver: ">6.0.0"
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: podinfo
  namespace: default
spec:
  interval: 10m
  releaseName: podinfo
  chartRef:
    kind: OCIRepository
    name: podinfo

Note how there is no .spec.chart.spec but instead .spec.chartRef.

[ashu8912]

I've been reading the code and for HelmRelease it assumes that the chart is always embedded in the .spec.chart while in the Flux API this is just one of the possibilities. For charts hosted in OCI repositories this is how it looks:

apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: OCIRepository
metadata:
  name: podinfo
  namespace: default
spec:
  interval: 10m
  url: oci://ghcr.io/stefanprodan/charts/podinfo
  ref:
    semver: ">6.0.0"
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: podinfo
  namespace: default
spec:
  interval: 10m
  releaseName: podinfo
  chartRef:
    kind: OCIRepository
    name: podinfo

Note how there is no .spec.chart.spec but instead .spec.chartRef.

Thanks @stefanprodan for pointing that out, i will add a patch for this

[ashu8912]

Hii @stefanprodan I have added a fix for the above in this same PR

[ashu8912]

I have also taken some of @mgalesloot comments and added fix for them as well

[Aubermean]

How can I install this? Could you release it via Artifact Hub or somewhere else so it can be installed in the Desktop App by enabling unofficial repositories? I tried to download the fork and build the plugin but I am having issues installing @kinvolk/headlamp-plugin...

[Aubermean]

It seems without building the plugins and building the desktop application, there isn't a way to install the Flux plugin. Can we get this PR merged so others can start using it? In any case, the plugin isn't enabled by default so a first release shouldn't cause breaking changes right? Thanks! @stefanprodan @ashu8912

[Aubermean]

I have managed to get the plugin installed. I am not a node or javascript guy so it took some strong wifi and a lot of dependencies. It's awesome, thank you, great work guys.

I noticed some things, and had some ideas. But instead of writing them here, I created a new issue for each.

I have never once used a Flux UI like Weaveworks, Flamingo, Capacitor etc. so maybe someone who has (@mgalesloot ?) would like to chime in.

[ashu8912]

Thank you @Aubermean for reporting these issues, we will take a look at each one of them.

[Aubermean]

Thanks @ashu8912, I wish I could do more to contribute but I am just a self-employed guy learning GitOps thanks to @stefanprodan's awesome D1 Architecture PDF/repos :)

[Aubermean]

For my own reference and for others, this is how to quickly pull, build, and install the flux plugin (or any plugin really) on macOS:

mkdir -p ~/Downloads/headlamp-plugins
git clone https://github.com/headlamp-k8s/plugins.git ~/Downloads/headlamp-plugins
cd ~/Downloads/headlamp-plugins
git checkout add-flux-plugin
cd flux-plugin
asdf install nodejs 22.8.0
asdf local nodejs 22.8.0
npm install
npm install -g @kinvolk/headlamp-plugin
npx @kinvolk/headlamp-plugin build .
rm -rf ~/Library/Application\ Support/Headlamp/plugins/flux
mkdir -p ~/Library/Application\ Support/Headlamp/plugins/flux
cp package.json dist/* ~/Library/Application\ Support/Headlamp/plugins/flux
rm -rf ~/Downloads/headlamp-plugins

[Smana]

I'll give it a try, thank you @Aubermean

[Smana]

I'll give it a try, thank you @Aubermean

I got it working with tiny changes in Linux

mkdir -p ~/.config/Headlamp/plugins/flux
cp package.json dist/* ~/.config/Headlamp/plugins/flux

[stefanprodan]

From the last printscreen looks like the HelmRelease revision is broken. @ashu8912 here are the json paths to find the revision:

• HelmRelease
  https://github.com/fluxcd/flux2-monitoring-example/blob/5bf921a7b553df4dde59a186549f450b6c306be8/monitoring/controllers/kube-prometheus-stack/kube-state-metrics-config.yaml#L72

• Kustomization
  https://github.com/fluxcd/flux2-monitoring-example/blob/5bf921a7b553df4dde59a186549f450b6c306be8/monitoring/controllers/kube-prometheus-stack/kube-state-metrics-config.yaml#L53

Note that in both cases, the json path may be missing if the Flux resource failed to reconcile at creation time.

[mgalesloot]

Some more findings:

• The sort order in Kustomizations and HelmReleases should show Not Ready and Suspended on top, supporting quick monitoring
• If a kustomization/helmrelease is suspended, the status field should show this (currently it indicates "Ready")
• Custom resources do not show up in the inventory (example CertManager ClusterIssuer)
• Sort order of events should be last event on top
• Revision and Message in the Kustomization table show the same info. Suggestion: hide the revision at this spot just like Weave GitOps does.
• Tables for Kustomizations and HelmReleases would benefit from column width indicators. it would allow the message to take more space,.
• Title of pages should be Capitalized and in a phrase (Image Automations and not image-automations)

[Smana]

I just noticed that, when a kustomization is waiting for a dependency, I get the status "Failed"

[ashu8912]

I just noticed that, when a kustomization is waiting for a dependency, I get the status "Failed"

Hii @Smana it follows this #75 (comment)

[ashu8912]

Some more findings:

• The sort order in Kustomizations and HelmReleases should show Not Ready and Suspended on top, supporting quick monitoring
• If a kustomization/helmrelease is suspended, the status field should show this (currently it indicates "Ready")
• Custom resources do not show up in the inventory (example CertManager ClusterIssuer)
• Sort order of events should be last event on top
• Revision and Message in the Kustomization table show the same info. Suggestion: hide the revision at this spot just like Weave GitOps does.
• Tables for Kustomizations and HelmReleases would benefit from column width indicators. it would allow the message to take more space,.
• Title of pages should be Capitalized and in a phrase (Image Automations and not image-automations)

Hii @mgalesloot thanks for this list

1. Customization the sort order where it follows a certain order i will check if it can be done through the Table Component we have otherwise we will have to think of a new solution for this.
2. Yeah The status follows Init flux plugin #75 (comment) but if we want custom messages like reconciling or suspended we can add that too.
3. Umm i added a patch a couple of days back for this, we have to seperately handle CustomResources, I thought this was fixed, i will take a look into this again.
4. Got it
5. Got it
6. If a message is big enough we now show a expand icon to view the full message
7. Got it

[joaquimrocha]

Rough review but found a few things that could be improved.

[joaquimrocha]

Please remove this newline

[joaquimrocha]

Maybe you want to keep a memo of this, or use the query field in useList.

[joaquimrocha]

Delete comments.

[ashu8912]

done

[joaquimrocha]

Seems like this is not needed.

[ashu8912]

removed

[joaquimrocha]

Let's replace this with a description and a link to instructions on installing Flux.

[ashu8912]

done

[kingdonb]

I just made some mention of this plugin in headlamp-k8s/headlamp#2342

The plugin does not function when installed in a single-namespace environment, because there is no way to detect if Flux is installed. Could we add a plugin settings option to skip checking, and assume that Flux is installed?

It's better if there is no option needed, maybe if the plugin detects it does not have permission to list CRDs (I assume how it's checking for Flux installed or not) then it would fall back to assuming Flux is installed? My service account token has the admin role in the namespace, so it can definitely read all the Flux resources in the namespace:

% kubectl auth can-i list kustomizations.kustomize.toolkit.fluxcd.io --as system:serviceaccount:test-yebyen:flux
yes

Users who work in a single-namespace tenant environment will already have to find the Settings page to configure allowed namespace / default namespace, so I don't think expecting them to find the checkbox in plugin settings is too much to ask. But maybe it can be detected without listing CRDs, or whatever other permission we are missing here.

[kingdonb]

I built from the latest push today, I got this message:

This is the actual state of the cluster:

It's not a standard flux bootstrap install, this is a Flux 2.3.0 installed from the flux-operator

I'm having a look through the code right now to see if I can understand why it doesn't pick up my flux installation, in the cozy-fluxcd namespace:

[gecube]

Hello!

I tried to install the plugin, but unfortunately it does not work properly.

I used the image from @kingdonb so the final manifest for headlamp looked like:

---
apiVersion: v1
kind: Namespace
metadata:
  name: headlamp
---
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
  name: headlamp
  namespace: headlamp
spec:
  interval: 1m0s
  timeout: 1m0s
  url: https://headlamp-k8s.github.io/headlamp/
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: headlamp
  namespace: headlamp
spec:
  chart:
    spec:
      chart: headlamp
      sourceRef:
        kind: HelmRepository
        name: headlamp
      version: '*'
  interval: 1m0s
  values:
    ingress:
      enabled: true
      ingressClassName: nginx
      annotations: 
        cert-manager.io/cluster-issuer: letsencrypt-http01-nginx-issuer
      hosts:
      - host: headlamp.my-cool-domain.com
        paths:
        - path: /
          type: ImplementationSpecific
      tls:
      - secretName: headlamp-tls
        hosts:
          - headlamp.my-cool-domain.com
    config:
      pluginsDir: /build/plugins
    initContainers:
    - command:
      - /bin/sh
      - -c
      - mkdir -p /build/plugins && cp -r /plugins/* /build/plugins/
      image: kingdonb/plugins:canary
      imagePullPolicy: Always
      name: headlamp-plugins
      volumeMounts:
      - mountPath: /build/plugins
        name: headlamp-plugins
    persistentVolumeClaim:
      accessModes:
      - ReadWriteOnce
      enabled: true
      size: 1Gi
    volumeMounts:
    - mountPath: /build/plugins
      name: headlamp-plugins
    volumes:
    - name: headlamp-plugins
      persistentVolumeClaim:
        claimName: headlamp

I used a different namespace for headlamp because of the security considerations, but I think it should be fine.

The image from @kingdonb was also the latest version, so I am sure that the issue is not with the version of plugin.

FluxCD is 2.3.0

The token was obtained like:

$ kubectl create token headlamp -n headlamp
eyJhbGciOiJSUzI1NiIsImtpZCI6InFnRTAzWDFZWGZfLThzcDl2dzY3UU1YUmx2c011bnVNLUZDZU8xQVZGbGMifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzI3NzY1ODQwLCJpYXQiOjE3Mjc3NjIyNDAsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwianRpIjoiNGYwZWVlOTctNWJjNi00ZTQ4LThkNmEtMWU4NDlhOWZmZDZlIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJoZWFkbGFtcCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJoZWFkbGFtcCIsInVpZCI6Ijc1YTlmOWU0LWY2NDUtNGYzNi1iZDFhLTA5NGE0MDY1ZWIzNyJ9fSwibmJmIjoxNzI3NzYyMjQwLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6aGVhZGxhbXA6aGVhZGxhbXAifQ.Sl2XRmgGoqY1yng2iJTKjYVq3FQ1qVA7hZqwvwMkYqcpiCIqj63okQVkdjSTe0T90iP7z2BTOh6DDhB0SGzXIuzLUJmhPNbZUOEtrAKkzAq9QRf1493GafaNIoyP8C0ud-FhHeVRSahxVp2fNyYYe7P-nD9BxuZiEfEDZdeojQl8dsZ1yiXMMknDLw2TCvP1MZN15fv1M9PtgkQrKeERywe8Tj9gC5ihI18FQ4dW-YDHqoiK2D-iCw6Ao_05Th3KLOVRUp6t9y-9HxsjKqKPQMLFWQ-M0fxjoctgpMVKFkXXAsK89dMDdQyeRUc9P4sHPNtBUr9kSAFc3pJPlnBd1w

so there is a discrepancy with the documentation

I noticed that the pod metrics are not shown (but we are using VictoriaMetrics stack)

And when clicking on FluxCD on the left bar I am getting:

In the same time in browser development tools:

It is very interesting that the API is working and Flux objects were fetched:

I am looking for some advice.

[ashu8912]

Thanks for reporting this @gecube we are looking into this, will get back to you soon

[stefanprodan]

Does this loads all the pods in the cluster? If so this is extremely costly and unnecessary.

I propose we get change this list to show Kubernetes Deployments instead of pods. You can directly filter the Deployments by showing only those with the label app.kubernetes.io/part-of: flux.

[stefanprodan]

helm-controller is optional, if it doesn't exists this doesn't mean Flux is not installed. The only required controller is source-controller.

[stefanprodan]

This table should display the storage versions.

[stefanprodan]

The spacing in all tables looks off, starting with the 3rd column you can't see the info:

[stefanprodan]

I suggest we split the Application page into Kustomizations and HelmReleases (dedicated pages). Lots of Flux users don't use Helm at all, and there is no concept of an Application in Flux.