Runbooks
Each runbook provides a complete guide, including deployment, validation and testing.
Cloudflare GitOps via Flux
This runbook provides end-to-end instructions for deploying and managing Cloudflare and the Cloudflare CA Issuer to the cluster using GitOps automation via Flux.
- The Origin CA Issuer controller (from Cloudflare’s upstream repository), deployed via Flux.
- A Cloudflare namespace with a locally managed cloudflared tunnel, Origin CA certificates, ingress and
NetworkPolicyresources. - A GitOps flow from GitLab (Flux continuously reconciles everything).
- SOPS to keep Kubernetes Secrets encrypted in Git.
- Full runbook: Cloudflare GitOps via Flux.
WordPress GitOps runbook series
This series of runbooks provides end-to-end instructions for deploying one or more WordPress sites to the cluster using GitOps automation via Flux.
- WordPress GitOps summary
- WordPress repo and prerequisites
- WordPress manifests
- WordPress flux integration
- WordPress operations, restore and backups
Blaster GitOps runbook series
This series of runbooks uses the Blaster demo game as a worked example to show how code moves from local development to Kubernetes dev and prod using GitLab CI (with Kaniko), FluxCD, SOPS-encrypted secrets and image automation.
- Blaster GitOps summary
- Blaster repo and branches
- Dockerfile & GitLab CI
- Blaster prep for automation
- Dev app k8s manifests
- Dev flux sources & Kustomizations
- Dev image automation
- Dev SOPS & age
- Dev verification & troubleshooting
- Dev full runbook
- Prod overview
- Prod app k8s manifests and deployment
- Prod Flux GitOps and image automation
- Prod Cloudflare, Origin CA and tunnel routing
- Prod full runbook
- Post Git flow