Azure Kubernetes Service

CICD Workflow for AKS

Pull Based Workflow GitOps

Introduction to GitOps

GitOps is a pull-based methodology for Continuous Integration and Continuous Deployment (CI/CD), where both application and infrastructure configurations are stored as code in a Git repository. Any desired state changes are made via Git commits, ensuring version-controlled deployments, easy auditing, and reliable rollbacks.

The image is a diagram explaining GitOps, showing a cycle of continuous integration and deployment processes involving GIT, Kubernetes, and GitOps, with an "Immutability Firewall" separating the build and deployment stages.

Note

The “Immutability Firewall” enforces separation between build artifacts and deployment manifests, guaranteeing consistent, reproducible releases.

When you push commits to your Git repo, a GitOps operator—such as Flux or Argo CD—detects updates and reconciles your AKS cluster to match the declared state automatically.

Push-Based vs. Pull-Based Workflows

In CI/CD, you can choose between push-based or pull-based (GitOps) models.

WorkflowTriggerOperatorAdvantagesConsiderations
Push-BasedCI pipeline pushes to AKSN/AImmediate deployments, fast feedbackHarder to track drift, limited audit
Pull-BasedGitOps operator polls GitFlux, Argo CDFull audit trail, self-healing clustersSync interval adds slight delay

The image explains GitOps, highlighting automation and synchronization tools like FluxCD and ArgoCD, and their role in Kubernetes cluster management and application delivery.

Pull-Based CI/CD Workflow for AKS

A typical GitOps pipeline for Azure Kubernetes Service involves:

  1. Source Control
    Store application code and Kubernetes manifests in a Git repo.
  2. CI Pipeline
    Build, test, and push container images to Azure Container Registry (ACR).
  3. CD Pipeline
    Generate environment-specific YAMLs (e.g., via Kustomize) and commit them to Git.
  4. GitOps Operator
    Flux or Argo CD polls Git, detects changes, and applies the new state to AKS.
StepAzure ServiceArtifact
Build & CIAzure DevOps PipelinesDocker images (ACR)
Configuration CDAzure DevOps ReleasesKustomize overlays
Continuous SyncFlux / Argo CD on AKSDeployed Kubernetes resources

The image illustrates a pull-based CI/CD workflow, detailing the process from application repository and build pipeline to CI/CD pipelines, image publication, and deployment in Kubernetes clusters. It includes steps involving Azure DevOps, Azure Container Registry, and GitOps integration.

The image illustrates a pull-based CI/CD workflow, detailing the process from application repository and build pipeline to deployment in Kubernetes clusters using GitOps. It includes steps for CI pipeline, image publication, CD pipeline, and application updates.

Demonstration: Deploying a New AKS Cluster with GitOps

Follow these steps to provision an AKS cluster and configure GitOps using Azure Portal:

  1. Create AKS Cluster
    In the Azure Portal, select Kubernetes services+ Add.
    Choose a new resource group, use default settings, then Review + CreateCreate.

    The image shows a Microsoft Azure interface for creating a Kubernetes cluster, with options for project details, cluster configuration, and primary node pool settings.

    The image shows a Microsoft Azure interface for creating a Kubernetes cluster, displaying configuration details such as subscription, resource group, region, and networking settings.

  2. Fork and Prepare Your Git Repository
    Open your forked repo (e.g., aksflux) containing Flux YAMLs. In the infrastructure folder, inspect kustomization.yaml:

    apiVersion: kustomize.config.k8s.io/v1beta1
    kind: Kustomization
    resources:
      - sources
      - nginx
    

    You’ll later add redis to demonstrate dynamic updates. Under apps/staging, maintain environment-specific overlays.

    The image shows a GitHub repository page named "aksflux" with various folders and files, including "apps," "bicep," and "README.md." The repository is public and has no stars or forks.

  3. Verify Cluster Deployment
    Once provisioning finishes, confirm status in Deployments.

    The image shows a Microsoft Azure deployment overview page indicating that a deployment is complete, with options for next steps and additional resources on the right.

  4. Inspect Default Namespaces & Services
    In Namespace and services, view the default AKS resources.

  5. Configure GitOps in Azure Portal
    Go to GitOps+ Configuration.

    • Name: cluster-config
    • Scope: Cluster
    • Namespace: cluster-config
      Next

    The image shows a Microsoft Azure portal interface displaying the "Services and ingresses" section for a Kubernetes service named "kodekloud-flux," listing three services with their details such as namespace, status, type, and IP addresses.

    Enter your public Git repo URL, branch main, no auth required.

    The image shows a Microsoft Azure interface for creating a GitOps configuration, with options to specify the source, repository details, and authentication settings.

  6. Define Kustomizations

    • Sync interval: 5 minutes
    • Infrastructure: path infrastructure
    • Staging: path apps/staging, depends on infrastructure

    The image shows a Microsoft Azure interface for creating a GitOps configuration, specifically focusing on setting up a "Kustomization" with fields for instance name, path, and additional settings like sync interval and timeout.

  7. Apply and Monitor
    Click Create. Flux begins syncing—infrastructure will reconcile first, then staging. Monitor compliance status in the GitOps pane.

    The image shows a Microsoft Azure interface displaying a list of configuration objects for "kodekloud-flux/cluster-config," including their types, compliance states, namespaces, and messages.

  8. Validate Deployment
    Return to Namespaces and Services to confirm nginx (and its namespace) is running.

  9. Demonstrate Drift Correction
    In your repo, update infrastructure/kustomization.yaml:

    resources:
      - sources
      - nginx
      - redis
    

    Commit and push. Within 5 minutes, Flux deploys the Redis namespace and service.

    The image shows a GitHub repository interface with a directory structure, including folders like "nginx," "redis," and "sources," and a file named "kustomization.yaml."

With GitOps on AKS, you gain declarative, version-controlled deployments, self-healing infrastructure, and clear audit trails for every change.

Watch Video

Watch video content

Previous
Push Based CICD Workflow