Hello everyone, I’m Zhang Jintao.
In the first two articles, I introduced you to the concept of GitOps and the Argo CD, a tool used to implement GitOps. In this article we will introduce you to the Argo CD in practice using an example project.
Create the cluster
We use the KIND (Kubernetes in Docker) tool to create a Kubernetes cluster for local testing. Using the following configuration file, create a cluster with one control plane and three works.
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
- role: worker
- role: worker
- role: worker
Copy the codeRun the following command to create a cluster:
➜ (MoeLove) kind create cluster --config=kind-config.yaml Creating cluster "kind"... ✓ Ensuring node image (Kindest /node:v1.20.2) 🖼 Preparing nodes 📦 📦 📦 📦 ✓ Writing configuration mare - Starting Control-plane 🕹️ ✓ Installing CNI 🔌 ✓ Installing StorageClass 💾 ✓ Joining worker nodes bus Set kubectl context to "kind-kind" You can now use your cluster with: kubectl cluster-info --context kind-kind Have a nice day! 👋Copy the codeRun the following command to wait for the cluster to be fully Ready:
➜ (MoeLove) kubectl wait --for=condition=Ready nodes --all
Copy the codeThe deployment of Argo CD
Deploy the Argo CD when the cluster is Ready. We create a namespace named argocd.
The deployment of
You can install it directly using the deployment file provided with the Argo CD project. It is important to note that the namespace argocd is referenced in the RBA configuration in this deployment file, so if you are deploying it to another namespace, make sure to modify it accordingly.
➜ (MoeLove) kubectl create ns argocd
namespace/argocd created
➜ (MoeLove) kubectl -n argocd apply -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
customresourcedefinition.apiextensions.k8s.io/applications.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
serviceaccount/argocd-application-controller created
serviceaccount/argocd-dex-server created
serviceaccount/argocd-redis created
serviceaccount/argocd-server created
role.rbac.authorization.k8s.io/argocd-application-controller created
role.rbac.authorization.k8s.io/argocd-dex-server created
role.rbac.authorization.k8s.io/argocd-server created
clusterrole.rbac.authorization.k8s.io/argocd-application-controller created
clusterrole.rbac.authorization.k8s.io/argocd-server created
rolebinding.rbac.authorization.k8s.io/argocd-application-controller created
rolebinding.rbac.authorization.k8s.io/argocd-dex-server created
rolebinding.rbac.authorization.k8s.io/argocd-redis created
rolebinding.rbac.authorization.k8s.io/argocd-server created
clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller created
clusterrolebinding.rbac.authorization.k8s.io/argocd-server created
configmap/argocd-cm created
configmap/argocd-cmd-params-cm created
configmap/argocd-gpg-keys-cm created
configmap/argocd-rbac-cm created
configmap/argocd-ssh-known-hosts-cm created
configmap/argocd-tls-certs-cm created
secret/argocd-secret created
service/argocd-dex-server created
service/argocd-metrics created
service/argocd-redis created
service/argocd-repo-server created
service/argocd-server created
service/argocd-server-metrics created
deployment.apps/argocd-dex-server created
deployment.apps/argocd-redis created
deployment.apps/argocd-repo-server created
deployment.apps/argocd-server created
statefulset.apps/argocd-application-controller created
networkpolicy.networking.k8s.io/argocd-application-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-dex-server-network-policy created
networkpolicy.networking.k8s.io/argocd-redis-network-policy created
networkpolicy.networking.k8s.io/argocd-repo-server-network-policy created
networkpolicy.networking.k8s.io/argocd-server-network-policy created
Copy the codeCheck the status
➜ (MoeLove) kubectl -n argocd get deploy NAME READY up-to-date AVAILABLE AGE argocd-dex-server 0/1 11 1m argocd-redis 0/1 1 1 1m argocd-repo-server 1/1 1 1 1m argocd-server 0/1 1 1 1mCopy the codeObtain password:
By default, the installed Argo CD will enable Basic Auth-based authentication, which can be found in the Secret resource. Note that the sercret resource named argocd-initial-admin-secret is not written until the Pod is in the Running state.
➜ (MoeLove) kubectl wait --for=condition=Ready Pods -- all-n argocd Pod /argocd-application-controller-0 condition met pod/argocd-dex-server-5fc596bcdd-lnx65 condition met pod/argocd-redis-5b6967fdfc-mfbrr condition met Pod/argocd-repo-server-98598b6c7-7PMGB condition Met POD /argocd-server-5b4b7b868b-bjmzz condition met # obtain password ➜ (MoeLove) kubectl -n argocd get secret argocd-initial-admin-secret -o template="{{ .data.password | base64decode }}" AFbmuBSmRo1F0DowCopy the codeAccess it through the UI
We can map argocd-server port 443 to local port 9080 via kubectl port-forward.
➜ (MoeLove) ➜ (MoeLove) kubectl port-forward --address 0.0.0.0 service/argocd-server -n argocd 9080:443
Copy the codeThis will enable the ArgoCD dashboard in the browser, where username is admin, and password to access the previously mentioned “Get password” section.
Command line access:
If you prefer not to use your browser, you can also use the CLI tools provided with the Argo CD.
➜ (MoeLove wget) https://github.com/argoproj/argo-cd/releases/download/v2.1.2/argocd-linux-amd64 - O argocd ➜ (MoeLove) Chmod +x argocd ➜ (MoeLove) mv argocd /bin/argocd ➜ (MoeLove) argocd login localhost:9080 WARNING: server certificate had error: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y Username: admin Password: 'admin:login' logged in successfully Context 'localhost:9080' updatedCopy the codeThe deployment of application
Here I created a sample project, the full content is available on my GitHub github.com/tao12345666… Access to.
Creating the target Namespace
➜ (MoeLove) kubectl create ns kustomize
namespace/kustomize created
Copy the codeTo create the app
You can directly configure the Argo CD in the UI or use the CLI of the Argo CD to configure the Argo CD. Here I use CLI configuration as an example
➜ (MoeLove) argocd app create Argo - CD - demo - repo https://github.com/tao12345666333/argo-cd-demo.git - revision kustomize --path ./kustomization --dest-server https://kubernetes.default.svc --dest-namespace kustomize application 'argo-cd-demo' createdCopy the codeAmong them:
--repoSpecify the repository address to use to deploy the application.--revisionSpecify the branch to deploy the application. Here I use a branch namedkustomizeThe branch;--pathThe location of the MANIFEST used by the deployment application--dest-serverThe address of the target Kubernetes cluster--dest-``namespaceThe target namespace for the application to deploy
Check the status
After the Application is created, you can also see the specific information directly on the UI:
Or view it in the terminal through argocd:
➜ (MoeLove) argocd app get argo-cd-demo
Name: argo-cd-demo
Project: default
Server: https://kubernetes.default.svc
Namespace: kustomize
URL: https://localhost:8080/applications/argo-cd-demo
Repo: https://github.com/tao12345666333/argo-cd-demo.git
Target: kustomize
Path: ./kustomization
SyncWindow: Sync Allowed
Sync Policy: <none>
Sync Status: OutOfSync from kustomize (e8a2d77)
Health Status: Missing
GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE
Service kustomize argo-cd-demo OutOfSync Missing
apps Deployment kustomize argo-cd-demo OutOfSync Missing
Copy the codeYou can see that the current Application state is OutOfSync, so we can trigger a sync action for it to deploy for the first time.
sync
Synchronization can be triggered by clicking the SYNC button on the UI or through the argocd CLI.
➜ (MoeLove) argocd app sync argo-cd-demo TIMESTAMP GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE 2021-10-30T10:35:33+00:00 Service kustomize argo-cd-demo OutOfSync Missing 2021-10-30T10:35:33+00:00 apps Deployment kustomize argo-cd-demo OutOfSync Missing 2021-10-30T10:35:35+00:00 Service kustomize argo-cd-demo Synced Healthy 2021-10-30T10:35:35+00:00 Service kustomize argo-cd-demo Synced Healthy service/argo-cd-demo created 2021-10-30T10:35:35+00:00 apps Deployment kustomize argo-cd-demo OutOfSync Missing deployment.apps/argo-cd-demo created 2021-10-30T10:35:35+00:00 apps Deployment kustomize argo-cd-demo Synced Progressing deployment.apps/argo-cd-demo created Name: argo-cd-demo Project: default Server: https://kubernetes.default.svc Namespace: kustomize URL: https://localhost:8080/applications/argo-cd-demo Repo: https://github.com/tao12345666333/argo-cd-demo.git Target: kustomize Path: ./kustomization SyncWindow: Sync Allowed Sync Policy: <none> Sync Status: Synced to kustomize (e8a2d77) Health Status: Progressing Operation: Sync Sync Revision: e8a2d77cf0e5405ba9e5dc70d3bf44da91b3ce00 Phase: Succeeded Start: 2021-10-30 10:35:33 +0000 UTC Finished: 2021-10-30 10:35:35 +0000 UTC Duration: 2s Message: successfully synced (all tasks run) GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE Service kustomize argo-cd-demo Synced Healthy service/argo-cd-demo created apps Deployment kustomize argo-cd-demo Synced Progressing deployment.apps/argo-cd-demo createdCopy the codeAfter the synchronization succeeds, you can view the application and synchronization status on the UI.
Click to view the application deployment topology:
Verify the effect of
CI
Next, branch out to Kustomize, make some code changes, and submit them to GitHub. The GitHub Action-based CI in the project is triggered. Let’s see how it is configured:
deploy:
name: Deploy
runs-on: ubuntu-latest
continue-on-error: true
needs: build
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Setup Kustomize
uses: imranismail/setup-kustomize@v1
with:
kustomize-version: "4.3.0"
- name: Update Kubernetes resources
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: |-
cd manifests
kustomize edit set image ghcr.io/${{ github.repository }}/argo-cd-demo:${{ github.sha }}
cat kustomization.yaml
kustomize build ./ > ../kustomization/manifests.yaml
cat ../kustomization/manifests.yaml
- uses: EndBug/add-and-commit@v7
with:
default_author: github_actions
branch: kustomize
Copy the codeYou can see that the kustomize tool is used to write the latest image into the manifest.yaml file used for deploying the application. Then use the EndBug/add-and-commit@v7 action to submit the latest manifest.yaml file back to GitHub.
Check the status
When Sync triggers again, we can see the latest deployment topology.
conclusion
So that’s the practical stuff about implementing GitOps with Argo CDS. A full example of this project can be found directly on GitHub: github.com/tao12345666…
Please feel free to subscribe to my official account [MoeLove]
