SkillsApr 11, 2026·3 min read

Flux — GitOps Toolkit for Kubernetes Continuous Delivery

Flux is a CNCF-graduated GitOps toolkit for Kubernetes. Keep clusters in sync with Git repositories automatically. Composable controllers, Helm/Kustomize support, and image automation.

AI Open Source · Community

Agent ready

Safe staging for this asset

This asset is staged first. The copied prompt tells the agent to inspect the staged files and ask before activating scripts, MCP config, or global config.

Stage only · 29/100Policy: stage

Agent surface

Any MCP/CLI agent

Kind

Skill

Install

Stage only

Trust

Trust: Established

Entrypoint

step-1.md

Safe staging command

npx -y tokrepo@latest install ca59b463-353d-11f1-9bc6-00163e2b0d79 --target codex

Stages files first; activation requires review of the staged README and plan.

TL;DR

Flux syncs Kubernetes clusters with Git repositories using composable GitOps controllers.

§01

What it is

Flux is a CNCF-graduated GitOps toolkit for Kubernetes continuous delivery. It watches Git repositories, Helm repositories, and OCI registries, then reconciles your cluster state to match. When you push a change to Git, Flux applies it to your cluster automatically.

Flux is built as a set of composable controllers: source-controller fetches artifacts, kustomize-controller applies manifests, helm-controller manages Helm releases, and image-automation-controller updates image tags in Git.

§02

How it saves time or tokens

Flux eliminates manual kubectl apply workflows. Every deployment is a Git commit, which means you get audit trails, rollback via git revert, and PR-based approvals for infrastructure changes. No more SSH-ing into bastion hosts to deploy.

The multi-tenancy model lets platform teams define boundaries while application teams self-serve their own namespaces and Helm releases.

§03

How to use

Install the Flux CLI: curl -s https://fluxcd.io/install.sh | sudo bash
Bootstrap Flux on your cluster: flux bootstrap github --owner=my-org --repository=fleet --path=clusters/production
Add a GitRepository source pointing to your app manifests
Create a Kustomization resource that reconciles the source to your cluster

§04

Example

apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
  name: my-app
  namespace: flux-system
spec:
  interval: 1m
  url: https://github.com/my-org/my-app
  ref:
    branch: main
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: my-app
  namespace: flux-system
spec:
  interval: 5m
  path: ./deploy
  prune: true
  sourceRef:
    kind: GitRepository
    name: my-app

§05

Related on TokRepo

DevOps tools -- More CI/CD and infrastructure tools
Automation tools -- Workflow automation for deployments

§06

Common pitfalls

Setting prune: true without understanding it will delete resources removed from Git; test in staging first
Flux reconciliation intervals default to 10 minutes; set shorter intervals for faster feedback loops
Secrets in Git require SOPS or Sealed Secrets integration; Flux does not handle plain-text secrets safely

Frequently Asked Questions

How does Flux compare to ArgoCD?+

Both are CNCF GitOps tools. Flux is controller-based and composable, designed to be extended. ArgoCD provides a rich UI and application-centric model. Flux is often preferred for platform teams managing many clusters; ArgoCD for teams wanting a visual dashboard.

Does Flux support Helm charts?+

Yes. The helm-controller manages HelmRelease resources that reference Helm charts from HelmRepository or GitRepository sources. You define values in the HelmRelease spec, and Flux handles install, upgrade, and rollback automatically.

Can Flux manage multiple clusters?+

Yes. A common pattern is a management cluster running Flux that reconciles manifests for multiple target clusters. Each cluster has its own path in the Git repository, and Flux applies the correct manifests to each cluster.

How does Flux handle secrets?+

Flux integrates with Mozilla SOPS and Bitnami Sealed Secrets. You encrypt secrets in Git, and Flux decrypts them during reconciliation using keys stored in the cluster. Plain-text secrets should never be committed to Git.

What happens if a reconciliation fails?+

Flux reports the failure in the Kustomization or HelmRelease status. It retries on the next interval. You can view errors with 'flux get kustomizations' or check Kubernetes events. Failed reconciliations do not roll back previous successful states.

Citations (3)

Flux GitHub— Flux is a CNCF-graduated GitOps toolkit for Kubernetes
Flux Docs— Flux composable controllers architecture
CNCF— CNCF graduated project status

Related on TokRepo

DevOps tools Automation tools Featured workflows

Discussion

No comments yet. Be the first to share your thoughts.

Related Assets

Argo CD — Declarative GitOps Continuous Delivery for Kubernetes

Argo CD is a declarative GitOps CD tool for Kubernetes. Sync applications from Git repositories automatically, with visual diff, rollback, and multi-cluster support.

Skills

AI Open Source

werf — Consistent Delivery Tool for Kubernetes

Build container images and deploy Helm-compatible releases to Kubernetes with content-based tagging, GitOps-ready pipelines, and built-in cleanup policies.

Skills

Script Depot

Devtron — Kubernetes Application Lifecycle Management

An end-to-end platform for deploying, monitoring, and managing applications on Kubernetes. Devtron wraps CI/CD, GitOps, security scanning, and debugging in one dashboard.

Skills

AI Open Source

k3d — Run K3s Kubernetes Clusters Inside Docker

k3d wraps Rancher's K3s Kubernetes distribution into Docker containers, letting developers spin up ephemeral multi-node clusters in seconds for development, CI, and GitOps experimentation.

Skills

AI Open Source