GitOps Application Practice Series Argo CD practice

Hello, I'm Zhang Jintao.

In the first two articles, I will give you This paper introduces the concept of GitOps , and Argo CD tool for implementing GitOps . In this article, we will introduce the practice of Argo CD with an example project.

Create cluster

We use the KIND (Kubernetes in Docker) tool to create a Kubernetes cluster for local testing. Use the following configuration file to create a cluster containing one control plane and three work.

kind: Cluster
- role: control-plane
- role: worker
- role: worker
- role: worker

Use the following command to create a cluster:

➜ (MoeLove) kind create cluster --config=kind-config.yaml 
Creating cluster "kind" ...
 ✓ Ensuring node image (kindest/node:v1.20.2) 🖼 
 ✓ Preparing nodes 📦 📦 📦 📦  
 ✓ Writing configuration 📜 
 ✓ Starting control-plane 🕹️ 
 ✓ Installing CNI 🔌 
 ✓ Installing StorageClass 💾 
 ✓ Joining worker nodes 🚜 
Set kubectl context to "kind-kind"
You can now use your cluster with:

kubectl cluster-info --context kind-kind

Have a nice day! 👋

Execute the following command and wait for the cluster to be fully Ready:

➜ (MoeLove) kubectl wait --for=condition=Ready nodes --all

Deploy Argo CD

After the cluster status is fully Ready, start the Argo CD deployment. We create a namespace called argocd.


Here, you can directly use the deployment file provided in the Argo CD project for installation. It should be noted that the configuration of RBA in this deployment file refers to the namespace argocd, so if you deploy it to other namespaces, you must modify it accordingly.

➜ (MoeLove) kubectl create ns argocd
namespace/argocd created
➜ (MoeLove) kubectl -n argocd apply -f created created
serviceaccount/argocd-application-controller created
serviceaccount/argocd-dex-server created
serviceaccount/argocd-redis created
serviceaccount/argocd-server created created created created created created created created created created created created
configmap/argocd-cm created
configmap/argocd-cmd-params-cm created
configmap/argocd-gpg-keys-cm created
configmap/argocd-rbac-cm created
configmap/argocd-ssh-known-hosts-cm created
configmap/argocd-tls-certs-cm created
secret/argocd-secret created
service/argocd-dex-server created
service/argocd-metrics created
service/argocd-redis created
service/argocd-repo-server created
service/argocd-server created
service/argocd-server-metrics created
deployment.apps/argocd-dex-server created
deployment.apps/argocd-redis created
deployment.apps/argocd-repo-server created
deployment.apps/argocd-server created
statefulset.apps/argocd-application-controller created created created created created created

View status

➜ (MoeLove) kubectl -n argocd get deploy
argocd-dex-server    0/1     1            1           1m
argocd-redis         0/1     1            1           1m
argocd-repo-server   1/1     1            1           1m
argocd-server        0/1     1            1           1m

Get password:

By default, the installed Argo CD enables authentication based on Basic Auth. We can find the corresponding password in the Secret resource. However, it should be noted that the sercret resource with the name argocd initial admin Secret will not be written until the Pod is in the Running state.

# wait for Pod whole Ready
➜ (MoeLove) kubectl wait --for=condition=Ready pods --all -n argocd
pod/argocd-application-controller-0 condition met
pod/argocd-dex-server-5fc596bcdd-lnx65 condition met
pod/argocd-redis-5b6967fdfc-mfbrr condition met
pod/argocd-repo-server-98598b6c7-7pmgb condition met
pod/argocd-server-5b4b7b868b-bjmzz condition met

# Get password
➜ (MoeLove) kubectl  -n argocd get secret argocd-initial-admin-secret -o template="{{ .data.password | base64decode }}" 

Access it through the UI

We can map the 443 port of argocd server to the local 9080 port through kubectl port forward   Port.

➜ (MoeLove) ➜ (MoeLove) kubectl port-forward --address service/argocd-server -n argocd 9080:443

In this way, ArgoCD dashboard can be displayed in the browser, which is username and admin,   And password can be used in the "get password" section mentioned earlier.


Command line access:

If you don't like to operate through the browser, you can also use the CLI tools provided by Argo CD.

➜ (MoeLove) wget -O argocd
➜ (MoeLove) chmod +x argocd
➜ (MoeLove) mv argocd /bin/argocd

# Before we execute this order, we pass kubectl port-forward Port forwarding was performed
➜ (MoeLove) argocd login localhost:9080
WARNING: server certificate had error: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y
Username: admin
'admin:login' logged in successfully
Context 'localhost:9080' updated

Deploy application

Here I created a sample project. The complete content can be found in my GitHub Get.

Create target namespace

➜ (MoeLove) kubectl  create ns kustomize
namespace/kustomize created

Create app

Here, you can choose to configure directly in the UI of Argo CD or use the CLI of Argo CD. Here I take cli configuration as an example

➜ (MoeLove) argocd app create argo-cd-demo --repo --revision kustomize --path ./kustomization --dest-server https://kubernetes.default.svc --dest-namespace kustomize 
application 'argo-cd-demo' created

Of which:

  • --repo specifies the warehouse address used to deploy the application;
  • --revision specifies the branch used to deploy the application. Here I use a branch named Branches of kustomize;
  • --path is the location of the manifest used to deploy the application
  • --Dest server address of the target Kubernetes cluster
  • --dest-``namespace applies the target namespace to be deployed

View status

After the Application is created, you can also directly see the specific information on the UI:


Or view it under the terminal through argocd:

➜ (MoeLove) argocd app get argo-cd-demo
Name:               argo-cd-demo
Project:            default
Server:             https://kubernetes.default.svc
Namespace:          kustomize
URL:                https://localhost:8080/applications/argo-cd-demo
Target:             kustomize
Path:               ./kustomization
SyncWindow:         Sync Allowed
Sync Policy:        <none>
Sync Status:        OutOfSync from kustomize (e8a2d77)
Health Status:      Missing

       Service     kustomize  argo-cd-demo  OutOfSync  Missing        
apps   Deployment  kustomize  argo-cd-demo  OutOfSync  Missing 

You can see that the current Application state is OutOfSync, so we can trigger a sync operation for it for the first deployment.


You can click the SYNC button on the UI or trigger the synchronization operation through the argocd CLI.

➜ (MoeLove) argocd app sync argo-cd-demo
TIMESTAMP                  GROUP        KIND   NAMESPACE                  NAME    STATUS    HEALTH        HOOK  MESSAGE
2021-10-30T10:35:33+00:00            Service   kustomize          argo-cd-demo  OutOfSync  Missing              
2021-10-30T10:35:33+00:00   apps  Deployment   kustomize          argo-cd-demo  OutOfSync  Missing              
2021-10-30T10:35:35+00:00            Service   kustomize          argo-cd-demo    Synced  Healthy              
2021-10-30T10:35:35+00:00            Service   kustomize          argo-cd-demo    Synced   Healthy              service/argo-cd-demo created
2021-10-30T10:35:35+00:00   apps  Deployment   kustomize          argo-cd-demo  OutOfSync  Missing              deployment.apps/argo-cd-demo created
2021-10-30T10:35:35+00:00   apps  Deployment   kustomize          argo-cd-demo    Synced  Progressing              deployment.apps/argo-cd-demo created

Name:               argo-cd-demo
Project:            default
Server:             https://kubernetes.default.svc
Namespace:          kustomize
URL:                https://localhost:8080/applications/argo-cd-demo
Target:             kustomize
Path:               ./kustomization
SyncWindow:         Sync Allowed
Sync Policy:        <none>
Sync Status:        Synced to kustomize (e8a2d77)
Health Status:      Progressing

Operation:          Sync
Sync Revision:      e8a2d77cf0e5405ba9e5dc70d3bf44da91b3ce00
Phase:              Succeeded
Start:              2021-10-30 10:35:33 +0000 UTC
Finished:           2021-10-30 10:35:35 +0000 UTC
Duration:           2s
Message:            successfully synced (all tasks run)

       Service     kustomize  argo-cd-demo  Synced  Healthy            service/argo-cd-demo created
apps   Deployment  kustomize  argo-cd-demo  Synced  Progressing        deployment.apps/argo-cd-demo created

After successful synchronization, you can also see the current application and synchronization status on the UI.


Click View Details to see the topology of application deployment:


Verification effect


Next, in the kustomize branch, make some code changes and submit them to GitHub. The CI based on GitHub Action in the project will be triggered. Let's take a look at its specific configuration:

    name: Deploy
    runs-on: ubuntu-latest
    continue-on-error: true
    needs: build

      - name: Check out code
        uses: actions/checkout@v2

      - name: Setup Kustomize
        uses: imranismail/setup-kustomize@v1
          kustomize-version: "4.3.0"

      - name: Update Kubernetes resources
          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
        run: |-
          cd manifests
          kustomize edit set image${{ github.repository }}/argo-cd-demo:${{ github.sha }}
          cat kustomization.yaml
          kustomize build ./ > ../kustomization/manifests.yaml
          cat ../kustomization/manifests.yaml

      - uses: EndBug/add-and-commit@v7
          default_author: github_actions
          branch: kustomize

You can see that the tool kustomize is actually used here to write the latest image to the manifest.yaml file used to deploy the application, and then use endbug / add and- commit@v7 This action submits the latest manifest. Yaml file back to GitHub.

View status

At this point, when Sync is triggered again, we can see the latest deployment topology.



The above is the practical content about using Argo CD to implement GitOps. Interested partners can find a complete example of this project directly on GitHub:

Welcome to subscribe my official account number [MoeLove].

This article is shared with WeChat official account MoeLove (TheMoeLove).
In case of infringement, please contact Delete.
Article participation“ OSC source creation program ”, you who are reading are welcome to join us and share with us.

Keywords: github Kubernetes

Added by DimeDropper on Thu, 04 Nov 2021 05:53:49 +0200