19th and 20th of May 2023 by Milan Skuhra

ArgoCD

https://slides.com/profiprog/argocd-kcd2023

practical usage

About Me

DevOps engineer @solargis

ArgoCD Workshop

https://gitlab.com/profiprog/argocd-workshop/-/wikis/home

Web-base Terminal

User Management and RBAG

soon...

What is ArgoCD?

Argo CD is an open-source GitOps continuous delivery tool. It monitors your cluster and your declaratively-defined infrastructure stored in a Git repository and resolves differences between the two — effectively automating an application deployment.

Turning “ClickOps” into GitOps

source: https://www.harness.io/blog/what-is-argo-cd

Application

Project

GitOps Pipeline

GitOps Pipeline

Auto Sync

  • prune: true
  • allowEmpty: true
  • selfHeal: true
  • managedNamespaceMetadata: {labels..., annotations.... }
    • works only with sync option CreateNamespace=true

Phases:

  • PreSync
  • Sync
  • PostSync

Each phase can have one or more waves

Sync Phases and Waves

Waves are defined by annotations

argocd.argoproj.io/sync-wave: "-1"

argocd.argoproj.io/sync-wave: "0"

argocd.argoproj.io/sync-wave: "5"

  • PreSync
  • Sync
  • Skip
  • PostSync
  • SyncFail

Hooks

* are applicable for individual resources

(*) are applicable for application and idividual resources

  • ApplyOutOfSyncOnly=true (Selective Sync)

  • PrunePropagationPolicy=foreground|baground|orphan

  • PruneLast=true(*)

  • Prune=false*

  • Delete=false*

  • Validate=false*

  • SkipDryRunOnMissingResource=true*

  • Replace=true(*)

  • ServerSideApply=true(*)
  • FailOnSharedResource=true
  • RespectIgnoreDifferences=true
  • CreateNamespace=true (required with managedNamespaceMetadata)

Sync Options

* are applicable for individual resources

(*) are applicable for application and idividual resources

Generating Applications with ApplicationSet

  • What is an ApplicationSet?
  • When is it best to use the ApplicationSet controller?
  • How does an ApplicationSet work and what are the benefits it provides?
  • Why do I need a Generator and what types are there?

Generators

Primary generators

Combining generators

Secret Management

apiVersion: v1
kind: Secret
metadata:
  name: example-database
  annotations:
    avp.kubernetes.io/path: "apps/data/database"
    avp.kubernetes.io/secret-version: "2"
stringData:
  username: <username>
  password: <password>
  inlined: <path:kv/data/mysql#user>:<path:kv/data/mysql#user#2>

Argo CD Vault Plugin 

   avp.kubernetes.io/ignore: "true"
   avp.kubernetes.io/remove-missing: "true"
   <key|base64encode|base64decode|jsonParse
       |jsonPath {.username}{': '}{.password}
       |yamlParse|indent 3|sha256sum>

Install ArgoCD

export GIT_REPO=https://github.com/owner/name
export GIT_TOKEN=ghp_PcZ...IP0
argocd-autopilot repo bootstrap

Prerequisites:

  • Access to kubernetes
  • Access token and url to git repository

When should to use autopilot?

How to recover cluster without argocd-autopilot?

             https://gitlab.com/-/snippets/2543586

Demo

Where to start

Questions?

ArgoCD on KCD 2023

By profiprog

Made with Slides.com

ArgoCD on KCD 2023

Kubernetes Community Days Czech & Slovak 2023 [May 19 - 21, 7:30 AM (CEST)]

  • 373

More from profiprog