Skip to content

FluxCD

Decentralized GitOps toolkit for Kubernetes — CNCF Graduated, pull-based, modular controller architecture.

Overview

Flux is a decentralized, pull-based GitOps toolkit built on the GitOps Toolkit (GOTK). Unlike ArgoCD's hub-and-spoke model, Flux runs independently in each cluster, pulling state from Git/OCI sources without requiring a central management plane. It excels in edge, air-gapped, and security-hardened environments. Flux survived the Weaveworks shutdown (2024) and thrives as a community-driven CNCF Graduated project.

Key Facts

Attribute Detail
Repository github.com/fluxcd/flux2
Stars ~7k+ ⭐
Latest Version v2.8 (February 2026)
Language Go
License Apache 2.0
Governance CNCF Graduated

Evaluation

Pros Cons
Decentralized — no SPOF hub No built-in web UI (use Weave GitOps UI or Backstage)
Pull-based — more secure (no inbound access) Steeper config learning curve (many CRDs)
Helm v4 + Kustomize native Less intuitive than ArgoCD's visual diff
Image automation (update tags in Git) Smaller community than ArgoCD
OCI artifact support Debugging requires kubectl fluency
CEL-based readiness evaluation
Air-gapped / edge friendly

Architecture

flowchart TB
    subgraph Cluster["Each Kubernetes Cluster"]
        SC["Source Controller\n(Git, OCI, Helm repos)"]
        KC["Kustomize Controller\n(reconcile Kustomizations)"]
        HC["Helm Controller\n(reconcile HelmReleases)"]
        NC["Notification Controller\n(alerts, PR comments)"]
        IAC["Image Automation\n(tag updates in Git)"]
    end

    Git["Git Repository"]
    OCI["OCI Registry"]
    Helm["Helm Repository"]

    SC -->|"pull artifacts"| Git
    SC -->|"pull artifacts"| OCI
    SC -->|"pull charts"| Helm
    KC -->|"apply"| K8sAPI["K8s API"]
    HC -->|"apply"| K8sAPI
    IAC -->|"push tag update"| Git

    style Cluster fill:#326ce5,color:#fff

v2.8 Highlights

Feature Detail
Helm v4 support SSA + kstatus health checking
Reduced MTTR Cancel stale health checks on new revisions
CEL readiness Custom readiness expressions for managed objects
Cosign v3 OCI artifact verification
PR comments Notify on GitHub/GitLab/Gitea PRs directly

Sources