search

fluxcd / flux

Successor: https://github.com/fluxcd/flux2
https://fluxcd.io
Apache License 2.0
6.9k stars 1.08k forks source link

fluxctl install command doesn't expose --sync-garbage-collection #3032

Closed errordeveloper closed 3 years ago

errordeveloper commented 4 years ago

I used fluxctl instal to generate flux manifest, the generated manifest didn't show --sync-garbage-collection, and I actually assumed it's the default now. It would be handy for fluxctl install to either expose --sync-garbage-collection, or at lease show it in the manifest as commented out option that user may wish to enable.

jam01 commented 4 years ago

I recently had the exact same experience. From @squaremo in https://github.com/fluxcd/flux/pull/2843#issuecomment-591387557 I believe fluxctl install is not meant to be comprehensive. However I'm not finding any mention of --sync-garbage-collection other than in the FAQs here https://docs.fluxcd.io/en/1.19.0/faq/#will-flux-delete-resources-when-i-remove-them-from-git

Is there any docs available on all the supported flags? I'd be happy to write some docs on that if it's not the case. Though I'd need someone to point me in the right direction as to find where to find them in code.

pazarr commented 4 years ago

Here it is: `bash-5.0# fluxd --help DESCRIPTION fluxd is the agent of flux.

FLAGS --automation-interval duration period at which to check for image updates for automated workloads (default 5m0s) --connect string connect to an upstream service e.g., Weave Cloud, at this base address --docker-config string path to a docker config to use for image registry credentials --git-branch string branch of git repo to use for Kubernetes manifests (default "master") --git-ci-skip append "[ci skip]" to commit messages so that CI will skip builds --git-ci-skip-message string additional text for commit messages, useful for skipping builds in CI. Use this to supply specific text, or set --git-ci-skip --git-email string email to use as git committer (default "support@weave.works") --git-gpg-key-import strings keys at the paths given will be imported for use of signing and verifying commits --git-label string label to keep track of sync progress; overrides both --git-sync-tag and --git-notes-ref --git-notes-ref string ref to use for keeping commit annotations in git notes (default "flux") --git-path strings relative paths within the git repo to locate Kubernetes manifests --git-poll-interval duration period at which to poll git repo for new commits (default 5m0s) --git-readonly use to prevent Flux from pushing changes to git; implies --sync-state=secret --git-secret if set, git-secret will be run on every git checkout. A gpg key must be imported using --git-gpg-key-import or by mounting a keyring containing it directly --git-set-author if set, the author of git commits will reflect the user who initiated the commit and will differ from the git committer. --git-signing-key string if set, commits Flux makes will be signed with this GPG key --git-sync-tag string tag to use to mark sync progress for this cluster (only relevant when --sync-state=git) (default "flux-sync") --git-timeout duration duration after which git operations time out (default 20s) --git-url string URL of git repo with Kubernetes manifests; e.g., git@github.com:fluxcd/flux-get-started --git-user string username to use as git committer (default "Weave Flux") --git-verify-signatures-mode string if git-verify-signatures is set, which strategy to use for signature verification (one of none,all,first-parent) --k8s-allow-namespace strings restrict all operations to the provided namespaces --k8s-default-namespace string the namespace to use for resources where a namespace is not specified --k8s-secret-data-key string data key holding the private SSH key within the k8s secret (default "identity") --k8s-secret-name string name of the k8s secret used to store the private SSH key (default "flux-git-deploy") --k8s-secret-volume-mount-path string mount location of the k8s secret storing the private SSH key (default "/etc/fluxd/ssh") --k8s-unsafe-exclude-resource strings do not attempt to obtain cluster resources whose group/version/kind matches these glob expressions. Potentially unsafe, please read its documentation first (default [metrics.k8s.io/,webhook.certmanager.k8s.io/,v1/Event]) --k8s-verbosity int klog verbosity level --kubernetes-kubectl string optional, explicit path to kubectl tool -l, --listen string listen address where /metrics and API will be served (default ":3030") --listen-metrics string listen address for /metrics endpoint --log-format string change the log format. (default "fmt") --manifest-generation search for .flux.yaml files to generate manifests --memcached-hostname string hostname for memcached service. (default "memcached") --memcached-port int memcached service port. (default 11211) --memcached-service string SRV service used to discover memcache servers. (default "memcached") --memcached-timeout duration maximum time to wait before giving up on memcached requests. (default 1s) --registry-burst int maximum number of warmer connections to remote and memcache (default 10) --registry-disable-scanning do not scan container image registries to fill in the registry cache --registry-ecr-exclude-id strings do not scan ECR for images in these AWS account IDs; the default is to exclude the EKS system account (default [602401143452]) --registry-ecr-include-id strings restrict ECR scanning to these AWS account IDs; if not supplied, all account IDs that aren't excluded may be scanned --registry-ecr-region strings include just these AWS regions when scanning images in ECR; when not supplied, the cluster's region will included if it can be detected through the AWS API --registry-exclude-image strings do not scan images that match these glob expressions; the default is to exclude the 'k8s.gcr.io/' images (default [k8s.gcr.io/]) --registry-include-image strings if a value or values is given, scan only images matching the glob pattern(s) (less any explicitly excluded) --registry-insecure-host strings let these registry hosts skip TLS host verification and fall back to using HTTP instead of HTTPS; this allows man-in-the-middle attacks, so use with extreme caution --registry-require strings exit with an error if auto-authentication with any of the given registries is not possible (possible values: {ecr}) --registry-rps float maximum registry requests per second per host (default 50) --registry-trace output trace of image registry requests to log --registry-use-labels strings use the timestamp (RFC3339) from labels for (canonical) image refs that match these glob expression (default [index.docker.io/weaveworks/,index.docker.io/fluxcd/*]) --rpc-timeout duration maximum time an operation requested by the upstream may take (default 10s) --sops if set, decrypt SOPS-encrypted manifest files with before syncing them. Provide decryption keys in the same way you would provide them for the sops binary. Be aware that manifests generated with .flux.yaml are not automatically decrypted --ssh-keygen-bits uint -b argument to ssh-keygen (default unspecified) --ssh-keygen-dir string directory, ideally on a tmpfs volume, in which to generate new SSH keys when necessary --ssh-keygen-format string -m argument to ssh-keygen (default RFC4716) --ssh-keygen-type string -t argument to ssh-keygen (default unspecified) --sync-garbage-collection delete resources that were created by fluxd, but are no longer in the git repo --sync-garbage-collection-dry only log what would be garbage collected, rather than deleting. Implies --sync-garbage-collection --sync-interval duration apply config in git to cluster at least this often, even if there are no new commits (default 5m0s) --sync-state string method used by flux for storing state (one of {git,secret}) (default "git") --sync-timeout duration duration after which sync operations time out (default 1m0s) --token string authentication token for upstream service --version ` I hope it helps

jam01 commented 4 years ago

Oh I guess I'm blind

https://docs.fluxcd.io/en/latest/references/daemon/#setup-and-configuration

cloudengineers commented 4 years ago

Hi All, Can someone please help me on the below error? When I ran the below command with my GitHub repo details, I am getting the below error message Error: unknown flag: --sync-interval Run 'fluxctl install --help' for usage. error: no objects passed to apply Please Note: I need to enable the garbage collection as well

Cmd which i have used: fluxctl install --git-user=${GHUSER} --git-email=${GHUSER}@users.noreply.github.com --git-url=git@github.com:${GHUSER}/flux-get-started --git-path=namespaces,workloads --namespace=flux --sync-interval 1m --sync-garbage-collection true | kubectl apply -f -

Please help me with commands or procedure how to enable the garbage collection on my existing environment or new flux setup

tmiklu commented 4 years ago

You need to update current flux deployment

example: kubectl get deployment -n flux flux -o yaml > flux.yml

vim flux.yml

    spec:
      containers:
      - args:
        - --memcached-service=
        - --sync-interval=10s

kubectl apply -f flux.yml

kingdonb commented 3 years ago

I think it's been established that fluxctl install is not meant to be comprehensive, since you can kustomize your yaml output with patches, and since there is another mechanism (the helm chart) for installing Flux which is meant to have all the bells and whistles, or at least exposing the capability to access them as additionalArgs.

In Flux v2, if an option is missing from flux install then it is definitely a bug, since this is the recommended way to install Flux now. Apologies about the length of time that has elapsed since your inquiry. As efforts have been focused on Flux v2, I've recently joined the team to focus on Flux v1 issues.

In the interest of reducing the number of open issues not directly related to supporting Flux v1 in maintenance mode, and respecting you may have moved on already, I will go ahead and close out this issue for now. Thanks for using Flux!