Flux Reaches Graduation at the CNCF

[weaveworks]

We are thrilled to tell you that Flux, the Weaveworks sponsored open source GitOps project, has reached Graduated status in the Cloud Native Computing Foundation (CNCF). Flux achieved the CNCF’s highest level of project maturity due to the project’s levels of security, health and governance. Further achievement includes earning a Core Infrastructure Initiatives Best Practices Badge endorsed by the Open Source Security Foundation for projects meeting security best practices. Flux is the 19th Project to hit this milestone, joining the ranks of famous cloud native projects including Kubernetes, Envoy and Prometheus.

“Weave GitOps with Flux at its core lets us help customers across the spectrum from developers getting started through to large scale enterprises. Our involvement in the CNCF, plus our commitment to empower application and platform teams to securely automate operations, is the driving force for further GitOps innovation."  Alexis Richardson, CEO, Weaveworks

GitOps gaining ground with Flux

Flux growth and adoption have been phenomenal. Born at Weaveworks as an internal project to help deploy services from Git, Flux was donated to the CNCF as a sandbox project in 2019 and promoted to incubation status in 2021.

The Flux user base is growing between 2x-5x growth annually, serving over 1 billion container image pulls in 2022. With over 300 contributors from around the world, Flux is available through many platforms including AWS, Microsoft, VMWare Tanzu, among others. It's the GitOps platform of choice for many enterprise companies such as SAP, Volvo Cars, and Axel Springer.

Flux capabilities include:

• Deploying applications reliably using Progressive Delivery
• Deploying applications across different clusters and multiple cloud environments
• Enabling teams to work together safely with isolating multi-tenancy
• Enterprise-grade security through policy as code integration
• Native support for Kustomize, Helm, and Hashicorp Vault

Many developers and infrastructure teams rely on Flux because of its robustness and security. Due to the nature of its microservice architecture, users can select only the required components, lowering the attack surface. To verify artifacts before deployment, Flux features Open Container Initiative (OCI) signature verification. This ensures that Flux adheres to Kubernetes security policies, and by adding policy as code, can add further compliance enforcement if required.

“It is great to see how the Flux community took very seriously the Software supply chain attacks by adding OCI support and verification of authenticity thanks to sigstore.” - Philippe Ensarguet, CTO, Orange Business Services

Many organizations, from SMBs to large enterprises rely on Flux because it has helped them reliably increase their migration to new technologies while cost-effectively managing their cloud resources and consolidating tool usage.

"At ORTEC for Communications, Flux has been an essential part of our DevOps journey and the ability to do more with less. Together with Kubernetes ecosystem tools, Flux is an essential part of providing our teams with end-to-end ownership, autonomy, and an evolved lifecycle. All of these offerings through Flux's capabilities, such as automation, security, and scalability, make DevOps a reality. We congratulate the Flux project for this major milestone!." - Mathijs Hoogland, Senior DevOps Engineer, ORTEC for Communications

Flux to the max with Weave GitOps

At Weaveworks, we’ve created Weave GitOps – an OSS extension with visual tooling that makes GitOps even easier. Weave GitOps has an easy onboarding experience allowing users to install and visualize Flux, Helm Charts, and application deployments via the Weave GitOps user interface. Weave GitOps provides developers, with limited Kubernetes expertise, the tools they need to start deploying their applications easily and securely.

We’ve also added tooling for Visual Studio Code so that development teams can have GitOps right in their IDE.

Try it out and check out the project on Github.

Secure GitOps at Scale

For development and platform teams looking to scale their GitOps environments, Weaveworks provides commercial features via Weave GitOps Enterprise. The Enterprise Edition provides automated DevSecOps using Policy as Code, advanced application deployment with progressive delivery, and the ability to create and manage multiple Kubernetes clusters in hybrid and multi-cloud environments. Platform teams can benefit from easily building self-service Kubernetes platforms utilizing multi-tenancy and Roles Based Access Control (RBAC).

To learn more, request a demo, and we will walk you through the latest features.

Final Thoughts

As the founding project of GitOps, Flux is an indispensable tool for teams developing applications on Kubernetes. Over this past year, Weaveworks has built and shipped a multitude of new features in Flux and Weave GitOps for the Cloud Native community and our customers. And with Flux now a CNCF graduated project, we are further committed to delivering additional enterprise-level features to its growing ecosystem.

Congratulations to all Flux project contributors and maintainers for this remarkable achievement.

To learn more and get started with Flux, or to contribute to the project, visit fluxcd.io, or join their upcoming meetings:

• Flux Dev Meeting: December 7, 12:00 UTC
• Flux Bug Scrub: December 8, 18:00 UTC

View the full article