Merge pull request #32 from fluxcd/docs-k

 Add Kustomize install tutorial to docs and other fixes

chart/helm-operator/README.md

@@ -134,6 +134,28 @@ spec:
     replicaCount: 1
 ```
 
+## Use Flux's Git deploy key
+
+You can configure the Helm Operator to use the Git SSH key generated by Flux. 
+
+Assuming you've installed Flux with:
+
+```sh
+helm upgrade -i flux fluxcd/flux \
+--namespace fluxcd \
+--set [email protected]:org/repo
+```
+
+when installing Helm Operator, you can refer the Flux deploy key by its Kubernetes Secret name:
+
+```sh
+helm -i helm-operator fluxcd/helm-operator \
+--namespace fluxcd \
+--set git.ssh.secret=flux-git-deploy
+```
+
+The deploy key naming convention is `<Flux Release Name>-git-deploy`.
+
 ## Uninstall
 
 To uninstall/delete the `helm-operator` deployment:
@@ -142,7 +164,10 @@ To uninstall/delete the `helm-operator` deployment:
 helm delete --purge helm-operator
 ```
 
-The command removes all the Kubernetes components associated with the chart and deletes the release.
+The command removes all the Kubernetes components associated with the chart and deletes the release. 
+
+Note that `helm delete` will not remove the `HelmRelease` CRD.
+Deleting the CRD will trigger a cascade delete of all Helm release objects.
 
 ## Configuration
 

deploy/kustomization.yaml

@@ -0,0 +1,4 @@
+resources:
+  - flux-helm-release-crd.yaml
+  - flux-helm-operator-account.yaml
+  - helm-operator-deployment.yaml

docs/tutorials/get-started-kustomize.md

@@ -0,0 +1,158 @@
+# How to bootstrap Helm operator using Kustomize
+
+This guide shows you how to use Kustomize to bootstrap Helm Operator on a Kubernetes cluster.
+
+## Prerequisites
+
+You will need to have Kubernetes set up. For a quick local test,
+you can use `minikube` or `kubeadm`. Any other Kubernetes setup
+will work as well though.
+
+### A note on GKE with RBAC enabled
+
+If working on e.g. GKE with RBAC enabled, you will need to add a cluster role binding:
+
+```sh
+kubectl create clusterrolebinding "cluster-admin-$(whoami)" \
+    --clusterrole=cluster-admin \
+    --user="$(gcloud config get-value core/account)"
+```
+
+## Prepare Helm Operator installation 
+
+Create a directory and add the `flux` namespace definition to it:
+
+```sh
+mkdir fluxcd
+
+cat > fluxcd/namespace.yaml <<EOF
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: flux
+EOF
+```
+
+Create the `repositories.yaml` file and add the stable, flagger and podinfo Helm repositories to it:
+
+```sh
+cat > deploy/repositories.yaml <<EOF
+apiVersion: v1
+repositories:
+- name: stable
+  url: https://kubernetes-charts.storage.googleapis.com
+  cache: /var/fluxd/helm/repository/cache/stable-index.yaml
+- name: flagger
+  url: https://flagger.app
+  cache: /var/fluxd/helm/repository/cache/flagger-index.yaml
+- name: podinfo
+  url: https://stefanprodan.github.io/podinfo
+  cache: /var/fluxd/helm/repository/cache/podinfo-index.yaml
+EOF
+```
+
+Create a kustomization file and use the Helm operator deploy YAMLs as base:
+
+```sh
+cat > fluxcd/kustomization.yaml <<EOF
+namespace: flux
+resources:
+  - namespace.yaml
+bases:
+ - github.com/fluxcd/helm-operator//deploy
+secretGenerator:
+  - name: helm-repositories
+    files:
+      - repositories.yaml
+patchesStrategicMerge:
+  - patch.yaml
+EOF
+```
+
+> **Note:** If you want to install a specific Helm operator release,
+> add the version number to the base URL:
+> `github.com/fluxcd/helm-operator//deploy?ref=v1.0.0-rc1`
+
+
+Create a patch file for Helm operator and mount the repositories secret:
+
+```sh
+cat > fluxcd/patch.yaml <<EOF
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: flux-helm-operator
+spec:
+  template:
+    spec:
+      volumes:
+       - name: repositories-yaml
+         secret:
+           secretName: helm-repositories
+       - name: repositories-cache
+         emptyDir: {}
+      containers:
+        - name: flux-helm-operator
+          volumeMounts:
+             - name: repositories-yaml
+               mountPath: /var/fluxd/helm/repository
+             - name: repositories-cache
+               mountPath: /var/fluxd/helm/repository/cache
+EOF
+```
+
+## Install Helm Operator with Kustomize
+
+In the next step, deploy Flux to the cluster (you'll need kubectl **1.14** or newer):
+
+```sh
+kubectl apply -k fluxcd
+```
+
+Wait for Helm operator to start:
+
+```sh
+kubectl -n flux rollout status deployment/flux-helm-operator
+```
+
+## Use the `HelmRelease` custom resource
+
+Install podinfo by referring to its Helm repository:
+
+```sh
+cat <<EOF | kubectl apply -f -
+apiVersion: helm.fluxcd.io/v1
+kind: HelmRelease
+metadata:
+  name: podinfo
+  namespace: default
+spec:
+  releaseName: podinfo
+  chart:
+    repository: https://stefanprodan.github.io/podinfo
+    version: 2.1.0
+    name: podinfo
+  values:
+    replicaCount: 1
+EOF
+```
+
+Verify that the Helm Operator has installed the release:
+
+```sh
+kubectl get hr
+
+NAME       RELEASE    STATUS     MESSAGE                  AGE
+podinfo    podinfo    DEPLOYED   helm install succeeded   1m
+```
+
+Delete the release with:
+
+```sh
+kubectl delete hr/podinfo
+```
+
+## Next steps
+
+Try out [fluxcd/helm-operator-get-started](https://github.com/fluxcd/helm-operator-get-started)
+to learn more about Helm Operator capabilities.

docs/tutorials/get-started.md

@@ -1,6 +1,6 @@
-# Get started with the Helm operator
+# Get started with the Helm operator and Tiller
 
-## Installing Helm / Tiller
+## Install Helm / Tiller
 
 Generate certificates for Tiller and Flux. This will provide a CA, servercerts for Tiller and client certs for Helm / Flux.
 
@@ -35,9 +35,7 @@ echo '{"CN":"'$USER_NAME'","hosts":[""],"key":{"algo":"rsa","size":4096}}' | cfs
 
 Alternatively, you can follow the [Helm documentation for configuring TLS](https://docs.helm.sh/using_helm/#using-ssl-between-helm-and-tiller).
 
-Next deploy Helm with TLS and RBAC enabled;
-
-Create a file called `helm-rbac.yaml`. This contains all the RBAC configuration for Tiller:
+Next create the RBAC configuration for Tiller:
 
 ```yaml
 apiVersion: v1
@@ -101,7 +99,7 @@ subjects:
   namespace: kube-system
 ```
 
-Deploy Tiller:
+Save the above config as `helm-rbac.yaml` and deploy Tiller:
 
 ```bash
 kubectl apply -f helm-rbac.yaml
@@ -141,28 +139,29 @@ helm --tls --tls-verify \
 
 ## Deploy the Helm Operator
 
-First create a new Kubernetes TLS secret for the client certs;
+First create a new Kubernetes TLS secret for the client certs:
 
 ```bash
 kubectl create secret tls helm-client --cert=tls/flux-helm-operator.pem --key=./tls/flux-helm-operator-key.pem
 ```
 
 > **Note:** this has to be in the same namespace as the flux-helm-operator is deployed in.
 
-Deploy Flux with Helm;
+Deploy Flux with Helm:
 
 ```bash
 helm repo add fluxcd https://fluxcd.github.io/flux
 
 helm upgrade --install \
     --set helmOperator.create=true \
+    --set helmOperator.createCRD=true \
     --set git.url=$YOUR_GIT_REPO \
     --set helmOperator.tls.enable=true \
     --set helmOperator.tls.verify=true \
     --set helmOperator.tls.secretName=helm-client \
     --set helmOperator.tls.caContent="$(cat ./tls/ca.pem)" \
     flux \
-    fluxcd/helm-operator
+    fluxcd/flux
 ```
 
 > **Note:**

docs/tutorials/index.rst

@@ -8,3 +8,4 @@ Tutorials
    :maxdepth: 1
 
    get-started
+   get-started-kustomize