Contains raw Kubernetes manifests that contain resources that Argo CD deploys to Kubernetes.
📝 The github.com/adfinis/argocd-configs repository contains a basic Argo CD sandbox environment that can be started in a local kind environment easily. If can be used as a template to start new repos or as a standalone playground.
To bootstrap an environment the following steps on the CLI should get you started.
First you will need a Kubernetes environment. This example works well with kind:
kind create clusterIf you can't use kind, any other Kubernetes distro that supports port-forwarding should work as well. e.g. if you want to isolate the environment in a VM, you might use minishift:
minikube startOnce you have access to a running Kubernetes, you can proceed to deploy Argo CD.
# check you are using the right context
kubectl config current-context
# install with Helm
helm repo add argo https://argoproj.github.io/argo-helm
helm repo update
helm install --create-namespace --namespace infra-argocd argocd argo/argo-cd
# wait for it to deploy and connect
kubectl -n infra-argocd wait pods --selector app.kubernetes.io/instance=argocd --for condition=Ready --timeout=90s
kubectl -n infra-argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
kubectl -n infra-argocd port-forward service/argocd-server 8080:443Once this is done, we can configure Argo CD using kubectl apply:
cat <<EOF | kubectl apply -f -
---
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: infra-argocd
namespace: infra-argocd
spec:
clusterResourceWhitelist:
- group: ""
kind: Namespace
- group: apiextensions.k8s.io
kind: CustomResourceDefinition
- group: rbac.authorization.k8s.io
kind: ClusterRoleBinding
- group: rbac.authorization.k8s.io
kind: ClusterRole
description: Deploy and manage the hosted Argo CD instance.
destinations:
- namespace: infra-argocd
server: https://kubernetes.default.svc
sourceRepos:
- https://argoproj.github.io/argo-helm
- https://charts.adfinis.com
- https://github.com/adfinis/argocd-configs.git
EOF
kubectl apply -f manifests/dev/infra-apps.yamlAfter these steps you'll have to restart the port-forward since Argo CD will have redeployed itself.
kubectl -n infra-argocd port-forward service/argocd-server 8080:443Reload the page and the following apps should be configured and healthy.
infra-apps(app-of-apps application for managing baseline infrastructure)app-argocd(application for managing Argo CD deployment)
To ensure that everything we applied with kubectl is managed by Argo CD
going forward, we create a misc-apps application that managed the
app-argocd-apps application.
kubectl apply -f manifests/dev/misc-apps.yamlWith this some more apps will show up in the UI:
misc-apps(app-of-apps application for managing several misc apps)app-argocd-apps(application for managing applications in Argo CD)argocd-configs(application for the gitops integration of this repository)
Now that you have Argo CD deployed and managed via a git repository you can start using it. In a typical production environment you could consider the following next steps:
- Replace wildcarded versions by replacing the
*intargetRevision: "*"with a specific version - Deploy applications by enabling them in
infra-apps.yaml,misc-apps.yaml, or by adding more YAML - Configure Argo CD to support SSO
- Harden Argo CD
To deploy applications using the managed Argo CD instance, you'll create
additional manifests/dev/app-$name.yaml files. If the application is
available in an Adfinis app-of-apps chart, then the file would be called
manifests/dev/$name-apps.yaml.
If you want to get rid of the environment you built, we recommend that you remove the underlying Kubernetes cluster:
# if you are running kind
kind delete cluster
# if you are running in a minikube VM
minikube delete