Source | alibaba cloud native public number The author | hong-chao deng, ali cloud Ed Lee, a senior technical experts, Argo, founder of the project
introduce
Argo CD is a GitOps continuous delivery tool for Kubernetes. It is part of the CNCF Argo project, a set of Kubernetes native tools for running and managing jobs and applications on Kubernetes.
KubeVela is an Open source Application engine based on Kubernetes and OAM (Open Application Model). KubeVela was designed primarily for platform and operations teams to easily create simple but highly extensible abstractions for developers on Kubernetes. Many of the complexities of configuring application listings on Kubernetes, such as scaling policies, deployment policies, and portals, are hidden from the developer (that is, the end user), but the platform team is allowed to customize and control these configurations independently based on organizational policies.
In this blog post, we will share our experience building a developer-centric continuous application delivery pipeline using Argo CD and KubeVela, based on the Ari Cloud use case.
A developer-centric GitOps experience
Ideally, developers want to focus on writing applications and pushing their code to git repositories without having to worry about CI/CD pipelining and other operational issues when configuring and running applications. A very popular pattern on Kubernetes is to automatically deploy applications from Git to production. That’s where the Argo CD comes in. It continuously monitors new commits to the Git repository and automatically deploys them to production. The predefined Kubernetes deployment manifest file in the Argo CD application repository creates or upgrades applications that run on Kubernetes. This model, known as GitOps, is key to continuous automated app delivery within Alibaba’s modern cloud-native stack.
While conceptually simple, several important issues arise when applying GitOps to a broader end-user scenario:
-
The first problem is that actual production applications are complex and require developers to understand how to configure many different types of Kubernetes resources.
-
The second problem (related to the first) is that it becomes very challenging for every developer to learn how to properly configure and maintain all of these objects while complying with organizational security, compliance, and operational policies. Even simple misconfiguration can lead to deployment failures or even service unavailability.
-
The third problem is that when Kubernetes specifications or organizational policies change, all application listings must be updated to reflect those changes. This is a huge task for an organization with potentially thousands of applications and millions of lines of Kubernetes manifest files for YAML.
These issues create a strong need for application abstractions that isolate developers from platform and operational concerns that do not directly affect their applications, and provide an anchor to avoid configuration drift. Kubernetes’ core abstraction, by design, does not provide a standard mechanism for abstract applications.
With this goal in mind, KubeVela was created and designed as a minimal, extensible application engine for platform builders to create a “Paas-like” experience on Kubernetes. Specifically, KubeVela provides a simple and effective abstraction that separates application configuration issues from platform and operational issues. Here is an example of an artifact called AppFile:
By using the Appfile and deploying it with the Argo CD, developers can write a simple application configuration and push the code to Git. Their application will then be automatically deployed and start processing real-time traffic on the target Kubernetes cluster. Behind the scenes, platforms and operations teams have the ability to pre-define and/or modify these abstract behaviors with CUElang templates and ensure that they meet the organization’s security, compliance, and other operational needs.
Below, we’ll explain in more detail how the above GitOps workflow works.
KubeVela with Argo CD
1. Prerequisites
The only “trick” for platform operators is to make KubeVela a custom plug-in for Argo CD so that it “understands” the AppFile format.
2. Register the plug-in
Argo CD allows additional configuration management plug-ins such as Kubevela to be integrated by editing Argocd -CM ConfigMap.
Save the following file as argo-cm.yaml:
data:
configManagementPlugins: |
- name: vela
init:
command: ["sh", "-xc"]
args: ["vela traits"]
generate:
command: ["sh", "-xc"]
args: ["vela export"]
Copy the codeThen run the following command to update argocd-cm ConfigMap:
kubectl -n argocd patch cm/argocd-cm -p "$(cat argo-cm.yaml)"
Copy the code3. The configuration Argo – ’08 – server
The Argo CD has a component called argo-repo-server that extracts the deployment manifest file from Git and renders the final output. Here, we will use Vela CLI to parse the Appfile and render it into a Kubernetes resource.
First, create a ConfigMap using the required KubeconFig certificate to communicate with the target Kubernetes cluster that has KubeVela installed:
apiVersion: v1
kind: ConfigMap
metadata:
name: vela-kubeconfig
namespace: argocd
data:
config: |
# fill your kubeconfig here
Copy the codeWhen the ConfigMap above is created, update argo-repo-server to save the Vela CLI and credentials.
Save the following patch files as deploy.yaml:
spec:
template:
spec:
# 1. Define an emptyDir volume which will hold the custom binaries
volumes:
- name: custom-tools
emptyDir: {}
- name: vela-kubeconfig
configMap:
name: vela-kubeconfig
# 2. Use an init container to download/copy custom binaries
initContainers:
- name: download-tools
image: oamdev/argo-tool:v1
command: [sh, -c]
args:
- cp /app/vela /custom-tools/vela
volumeMounts:
- mountPath: /custom-tools
name: custom-tools
# 3. Volume mount the custom binary to the bin directory
containers:
- name: argocd-repo-server
env:
- name: KUBECONFIG
value: /home/argocd/.kube/config
volumeMounts:
- mountPath: /usr/local/bin/vela
name: custom-tools
subPath: vela
- mountPath: /home/argocd/.kube/
name: vela-kubeconfig
Copy the codeThen run the following command to update the argocd-repo-server deployment:
kubectl -n argocd patch deploy/argocd-repo-server -p "$(cat deploy.yaml)"
Copy the codeBy now, the Vela plug-in should be registered and argo-repo-Server should have access to the Vela CLI to render appfiles to Kubernetes resources.
Use KubeVela in Argo CDS
Now, as an application developer, you can deploy applications using KubeVela through GitOps. When creating an application from the argocd command line, remember to specify the plug-in name:
argocd app create <appName> --config-management-plugin vela
Copy the codeLet’s use the Argo CD UI to demonstrate this. Here is an example repository containing an AppFile.
Configure the Argo CD to monitor Git push repositories, including the initial state:
Any push to the warehouse will now be automatically detected and deployed:
That’s it! Now you can create/modify appfiles, push them to Git, and Argo CD will automatically deploy them to your Kubernetes cluster, all through the magic of GitOps!
To learn more
All of the above Settings and configurations are available in this repository. KubeVela Core and Argo CD are currently producing applications on Alibaba’s Web application platform and have been used in tens of thousands of applications on internal and public cloud services. Give it a try and let us know what you think!
- CNCF Slack #kubevela
slack.cncf.io/
- ArgoCD Slack:
Argoproj. Making. IO/community/j…
- KubeVela address:
Github.com/oam-dev/kub…
If you have any questions, please feel free to join us at 23310022 and interact with nearly 2000 developers!