Flagger Install on Kubernetes

Last updated 20 days ago

This guide walks you through setting up Flagger on a Kubernetes cluster.

Prerequisites

Flagger requires a Kubernetes cluster v1.11 or newer with the following admission controllers enabled:

  • MutatingAdmissionWebhook

  • ValidatingAdmissionWebhook

Flagger depends on Istio v1.0.3 or newer with traffic management, telemetry and Prometheus enabled.

A minimal Istio installation should contain the following services:

  • istio-pilot

  • istio-ingressgateway

  • istio-sidecar-injector

  • istio-telemetry

  • prometheus

Install Flagger

Add Flagger Helm repository:

helm repo add flagger https://flagger.app

Deploy Flagger in the istio-system namespace:

helm upgrade -i flagger flagger/flagger \
--namespace=istio-system \
--set metricsServer=http://prometheus.istio-system:9090

You can install Flagger in any namespace as long as it can talk to the Istio Prometheus service on port 9090.

Enable Slack notifications:

helm upgrade -i flagger flagger/flagger \
--namespace=istio-system \
--set slack.url=https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK \
--set slack.channel=general \
--set slack.user=flagger

If you don't have Tiller you can use the helm template command and apply the generated yaml with kubectl:

# generate
helm template flagger/flagger \
--name flagger \
--namespace=istio-system \
--set metricsServer=http://prometheus.istio-system:9090 \
> $HOME/flagger.yaml
# apply
kubectl apply -f $HOME/flagger.yaml

To uninstall the Flagger release with Helm run:

helm delete --purge flagger

The command removes all the Kubernetes components associated with the chart and deletes the release.

Note that on uninstall the Canary CRD will not be removed. Deleting the CRD will make Kubernetes remove all the objects owned by Flagger like Istio virtual services, Kubernetes deployments and ClusterIP services.

If you want to remove all the objects created by Flagger you have delete the Canary CRD with kubectl:

kubectl delete crd canaries.flagger.app

Install Grafana

Flagger comes with a Grafana dashboard made for monitoring the canary analysis.

Deploy Grafana in the istio-system namespace:

helm upgrade -i flagger-grafana flagger/grafana \
--namespace=istio-system \
--set url=http://prometheus.istio-system:9090 \
--set user=admin \
--set password=change-me

Or use helm template command and apply the generated yaml with kubectl:

# generate
helm template flagger/grafana \
--name flagger-grafana \
--namespace=istio-system \
--set url=http://prometheus.istio-system:9090 \
--set user=admin \
--set password=change-me \
> $HOME/flagger-grafana.yaml
# apply
kubectl apply -f $HOME/flagger-grafana.yaml

You can access Grafana using port forwarding:

kubectl -n istio-system port-forward svc/flagger-grafana 3000:3000

Install Load Tester

Flagger comes with an optional load testing service that generates traffic during canary analysis when configured as a webhook.

Deploy the load test runner with Helm:

helm upgrade -i flagger-loadtester flagger/loadtester \
--namepace=test \
--set cmd.logOutput=true \
--set cmd.timeout=1h

Deploy with kubectl:

export REPO=https://raw.githubusercontent.com/stefanprodan/flagger/master
kubectl -n test apply -f ${REPO}/artifacts/loadtester/deployment.yaml
kubectl -n test apply -f ${REPO}/artifacts/loadtester/service.yaml

Note that the load tester should be deployed in a namespace with Istio sidecar injection enabled.