GitOps for k8s
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long. 6.2KB

title: Installing Weave Flux using Helm

menu_order: 20

Get started with Flux using Helm

If you are using Helm already, this guide is for you. By the end you will have Helm installing Flux in the cluster and deploying any code changes for you.

If you are looking for more generic notes for how to install Flux using Helm, we collected them in the chart’s README.


You will need to have Kubernetes set up. To get up and running fast, you might want to use minikube or kubeadm. Any other Kubernetes setup will work as well though.

Download Helm:

  • On MacOS:
  brew install kubernetes-helm
  • On Linux:
    • Download the latest release, unpack the tarball and put the binary in your $PATH.

Now create a service account and a cluster role binding for Tiller:

kubectl -n kube-system create sa tiller

kubectl create clusterrolebinding tiller-cluster-rule \
    --clusterrole=cluster-admin \

Deploy Tiller in kube-system namespace:

helm init --skip-refresh --upgrade --service-account tiller

Install Weave Flux

Add the Flux repository of Weaveworks:

helm repo add weaveworks

Apply the Helm Release CRD:

kubectl apply -f

In this next step you install Weave Flux using helm. Simply

  1. Fork flux-get-started on GitHub and replace the weaveworks with your GitHub username in here
  2. Install Weave Flux and its Helm Operator by specifying your fork URL:

    Just make sure you replace YOURUSER with your GitHub username in the command below:

    • Using a public git server from,,,, or
      helm upgrade -i flux \
      --set helmOperator.create=true \
      --set helmOperator.createCRD=false \
      --set \
      --namespace flux \
    • Using a private git server:

    When deploying from a private repo, the known_hosts of the git server needs to be configured into a kubernetes configmap so that StrictHostKeyChecking is respected. See chart/flux/ for further installation instructions in this case.

Allow some time for all containers to get up and running. If you’re impatient, run the following command and see the pod creation process.

watch kubectl -n flux get pods

You will notice that flux and flux-helm-operator will start turning up in the flux namespace.

Giving write access

For the real benefits of GitOps, Flux will need access to your git repository to update configuration if necessary. To facilitate that you will need to add a deploy key to your fork of the repository.

This is pretty straight-forward as Flux generates a SSH key and logs the public key at startup. Find the SSH public key by installing fluxctl and running:

fluxctl identity --k8s-fwd-ns flux

In order to sync your cluster state with git you need to copy the public key and create a deploy key with write access on your GitHub repository.

Open GitHub, navigate to your fork, go to Setting > Deploy keys, click on Add deploy key, give it a Title, check Allow write access, paste the Flux public key and click Add key.

(Or replace YOURUSER with your GitHub ID in this url: and paste the key there.)

Once Flux has confirmed access to the repository, it will start deploying the workloads of flux-get-started. After a while you will be able to see the Helm releases deployed by Flux (which are deployed into the demo namespace) listed like so:

helm list --namespace demo

Committing a small change

flux-get-started is a simple example in which three services (mongodb, redis and ghost) are deployed. Here we will simply update the version of mongodb to a newer version to see if Flux will pick this up and update our cluster.

The easiest way is to update your fork of flux-get-started and change the image argument.

Replace YOURUSER in with your GitHub ID, open the URL in your browser, edit the file, change the tag: line to the following:

      repository: bitnami/mongodb
      tag: 4.0.6

Commit the change to your master branch. It will now get automatically deployed to your cluster.

You can check out the Flux logs with:

kubectl -n flux logs deployment/flux -f

The default sync frequency for Flux using the Helm chart is five minutes. This can be tweaked easily. By observing the logs you can see when the change landed in the cluster.

Confirm the change landed by checking the demo namespace that Flux is deploying to:

kubectl describe -n demo deployment/mongodb | grep Image


As you can see, the actual steps to set up Flux, get our app deployed, give Flux access to it and see modifications land are very straight-forward and are a quite natural workflow.


As a next step, you might want to dive deeper into how to control Flux or go through our hands-on tutorial about driving Flux, e.g. automations, annotations and locks.

For a more advanced Helm setup, take a look at the gitops-helm repository.