After installing Kommander and configuring your project and its clusters, navigate to the Continuous Deployment (CD) tab under your Project. Here you create a GitOps source which is a source code management (SCM) repository hosting the application definition. D2iQ recommends that you create a secret first then create a GitOps source accessed by the secret.
You must have Kommander installed to run this procedure.
Set up a secret for accessing GitOps
Create a secret that Kommander uses to deploy the contents of your GitOps repository:
This dialog box creates a
types.kubefed.io/v1beta1, Kind=FederatedSecret and this is not yet supported by DKP CLI. Use the GUI, as described above, to create a federated secret or create a
FederatedSecret manifest and apply it to the project namespace. Learn more about FederatedSecrets.
Kommander secrets (for CD) can be configured to support any of the following three authentication methods:
HTTPS Authentication (described above)
HTTPS self-signed certificates
The following table describes the fields required for each authentication method:
HTTPS Auth (Self-signed)
If you are using GitOps by using a GitHub repo as your source, you can create your secret with a personal access token. Then, in the DKP UI, in your project, create a Secret, with a key:value pair of
<your-token-created-on-github>. If you are using a GitHub personal access token, you do not need to have a key:value pair of
If you are using a secret with your GitHub username and your password, you will need one secret created in the DKP UI, with key:value pairs of
<your-github-password>. Note: if you have multi-factor authentication turned on in your GitHub account, this will not work.
Using a token without a username is valid for GitHub, but other providers (such as GitLab) require both username and tokens.
If you are using a public GitHub repository, you do not need to use a secret.
Create GitOps Source
After the secret is created, you can view it in the
Secrets tab. Configure the GitOps source accessed by the secret.
If using an SSH secret, the SCM repo URL needs to be an SSH address. It does not support SCP syntax. The URL format is
It takes a few moments for the GitOps Source to be reconciled and the manifests from the SCM repository at the given path to be federated to attached clusters. After the sync is complete, manifests from GitOps source are created in attached clusters.
After a GitOps Source is created, there are various commands that can be executed from the CLI to check the various stages of syncing the manifests.
On the management cluster, check your
GitopsRepository to ensure that the
CD manifests have been created successfully.
kubectl describe gitopsrepositories.dispatch.d2iq.io -n<PROJECT_NAMESPACE> gitopsdemo
Name: gitopsdemo Namespace: <PROJECT_NAMESPACE> ... Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal ManifestSyncSuccess 1m7s GitopsRepositoryController manifests synced to bootstrap repo ...
On the attached cluster, check for your
GitRepository resources. The
status field reflects the syncing of manifests:
kubectl get kustomizations.kustomize.toolkit.fluxcd.io -n<PROJECT_NAMESPACE> <GITOPS_SOURCE_NAME> -oyaml
... status: conditions: - reason: ReconciliationSucceeded status: "True" type: Ready ... ...
kubectl get gitrepository.source.toolkit.fluxcd.io -n<PROJECT_NAMESPACE> <GITOPS_SOURCE_NAME> -oyaml
... status: conditions: - reason: GitOperationSucceed status: "True" type: Ready ... ...
If there are errors creating the manifests, those events are populated in the status field of the
GitopsRepository resource on the management cluster, the
Kustomization resources on the attached cluster(s), or both.
Suspend GitOps Source
There may be times when you need to suspend the auto-sync between the GitOps repository and the associated clusters. This live debugging may be necessary to resolve an incident in the minimum amount of time without the overhead of pull request based workflows.
To Suspend the GitOps Source from the DKP UI:
From the top menu bar, select your target workspace.
Select Projects from the sidebar menu.
Select your project from the list.
Select the Continuous Deployment (CD) tab.
Select the three dot button to the right of the desired GitOps Source.
Select Suspend to manually suspend the GitOps reconciliation.
This lets you use
helm, or another tool to resolve the issue. After the issue is resolved select Resume to sync the updated contents of the GitOps source to the associated clusters.
Similar to Suspend/Resume, you can use the Delete action to remove the GitOps source. Removing the GitOps source results in removal of all the manifests applied from the GitOps source.
You can have more than one GitOps Source in your Project to deploy manifests from various sources.