Shoulder.dev Logo Shoulder.dev

Implementing Rollbacks with FluxCD

Scenario: A developer is working on a Kubernetes cluster managed by FluxCD and wants to implement rollbacks to a previous version of a deployment. In this example, we will demonstrate how to use FluxCD’s GitOps workflow to rollback to a specific commit in a Git repository.

First, let’s assume we have a Git repository named my-app that contains the Kustomization files for our application. The repository is configured as a source in FluxCD.

# File: action/action.yml
apiVersion: batch/v1beta1
kind: Job
metadata:
name: flux-sync
spec:
template:
spec:
containers:
- name: flux
image: fluxcd/flux:v2.1.0
args:
- "sync"
- "--source=git"
- "--source-ref=refs/heads/main"
- "--source-path=./path/to/my-app"
volumeMounts:
- name: flux-workdir
mountPath: /workdir
restartPolicy: OnFailure
volumes:
- name: flux-workdir
emptyDir: {}

This Job definition is responsible for syncing the latest changes from the my-app repository to the cluster using FluxCD.

Now, let’s say we want to rollback to a specific commit, commit-id, in the repository. We can create a new Kustomization file with the desired commit hash and apply it using FluxCD.

# File: action/create_kustomization.sh
#!/bin/bash

REPO_NAME=my-app
COMMIT_ID=commit-id
KUSTOMIZATION_NAME=rollback

kubectl create -f - <<EOF
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
metadata:
name: ${KUSTOMIZATION_NAME}
spec:
resources:
- path: ./path/to/my-app
git:
url: [email protected]:username/my-app.git
ref: ${COMMIT_ID}
EOF

This script creates a new Kustomization file named rollback that points to the specified commit in the my-app repository.

Next, we can create a Job to apply the new Kustomization file to the cluster.

# File: action/apply_rollback.sh
#!/bin/bash

KUSTOMIZATION_NAME=rollback

kubectl apply -f - <<EOF
apiVersion: batch/v1beta1
kind: Job
metadata:
name: flux-apply-rollback
spec:
template:
spec:
containers:
- name: flux
image: fluxcd/flux:v2.1.0
args:
- "apply"
- "--kustomization=./path/to/kustomization/${KUSTOMIZATION_NAME}"
restartPolicy: OnFailure
EOF

This Job definition applies the new Kustomization file to the cluster using FluxCD.

Now, if we want to revert back to the latest version of the application, we can simply delete the rollback Kustomization file and sync the latest changes from the repository using the flux-sync Job.

Tests:

  1. Verify that the flux-sync Job is running and syncing the latest changes from the repository.
kubectl get jobs flux-sync -o json | jq '.status.active'

Expected output: true

  1. Verify that the new Kustomization file rollback has been created and applied to the cluster.
kubectl get kustomization rollback -o json | jq '.status.active'

Expected output: true

  1. Verify that the application has been rolled back to the specified commit.
kubectl get deployment <deployment-name> -o json | jq '.spec.template.spec.containers[].image'

Expected output: The image tag corresponding to the specified commit.

  1. Verify that the application can be rolled back to the latest version.
# Delete the rollback Kustomization file
kubectl delete kustomization rollback

# Sync the latest changes from the repository
kubectl apply -f action/action.yml

# Verify that the application has been updated to the latest version
kubectl get deployment <deployment-name> -o json | jq '.spec.template.spec.containers[].image'

Expected output: The image tag corresponding to the latest version in the repository.