Scribd
Upload
29 views7 pages

Getting Started With ArgoCD

ArgoCD is a GitOps-based continuous delivery tool for Kubernetes that automates application deployment and synchronization with Git repositories. It features enhanced security, version control, automated upgrades, and self-healing capabilities. The architecture includes components like the API server, repository server, application controller, and integrates with identity providers for authentication.

Uploaded by

mavvallez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
29 views7 pages

Getting Started With ArgoCD

ArgoCD is a GitOps-based continuous delivery tool for Kubernetes that automates application deployment and synchronization with Git repositories. It features enhanced security, version control, automated upgrades, and self-healing capabilities. The architecture includes components like the API server, repository server, application controller, and integrates with identity providers for authentication.

Uploaded by

mavvallez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

ArgoCD

ArgoCD is a declarative, GitOps-based continuous delivery tool for Kubernetes. It


automates the deployment and synchronization of application states defined in a Git
repository to Kubernetes clusters. It ensures that the cluster state matches the desired
state described in Git

Simple Workflow

Advantages of ArgoCD:

• Security: Enhanced security through declarative configuration and audit trails.

• Versioning (Track of Changes): Full version control of infrastructure and


application configurations, enabling easy rollback and history tracking.

• Auto Upgrades: Automated deployments and updates based on Git commits.

• Auto Healing of Any Unwanted Changes: Self-healing infrastructure that


automatically reverts unwanted changes to the desired state defined in Git.
History of the Argo Project:

• Created by engineers at Applatix.

• Open-Source project.

• Applatix was acquired by Intuit.

• Actively contributed to by Akuity, Black Rock, CodeFresh, Intuit, and Red Hat.

Architecture:

Main components of ArgoCD server: -

API Server: - The ArgoCD API server is a critical component that exposes a REST API for
communication with the Web UI, CLI, and CI/CD systems.

Its main responsibilities include:

➢ Application Management and Status Reporting: It manages the lifecycle of


applications by allowing creation, updates, and deletion. It also monitors the
application's status and ensures it matches the desired state defined in the Git
repository.
➢ Application Operations: Supports operations like syncing applications to their
desired state, rolling back to previous versions, and triggering user-defined actions.
These operations ensure that Kubernetes resources are always in sync with the Git
configuration.
➢ Repository and Cluster Credential Management: Manages credentials for Git
repositories and Kubernetes clusters. These credentials are securely stored as
Kubernetes secrets, ensuring secure access to external systems.
➢ Authentication and Identity Provider Integration: Provides authentication
mechanisms and integrates with external identity providers like LDAP, SAML,
OAuth2, and OpenID Connect for seamless user management.
➢ Webhook Event Listener and Forwarder: Acts as a listener for Git webhook events
(e.g., repository changes). These events are processed and converted into ArgoCD
actions, such as triggering an application sync.

Repository Server: The Repository Server in ArgoCD is an internal service responsible for
handling the Git repository that stores application manifests.

Its key functions include:

➢ Maintaining a Local Cache: It keeps a local copy of the Git repository to ensure
faster access and processing of manifests.

➢ Generating Kubernetes Manifests: It generates Kubernetes manifests by using the


following inputs:

o Repository URL: The Git repository's location.

o Revision: Specifies the commit, tag, or branch to use.

o Application Path: Points to the directory in the repository where manifests or


configurations are stored.

o Template-Specific Settings: Includes parameters like Helm's values.yaml


file and other configurations specific to templating tools.

Application Controller: The Application Controller in ArgoCD is a Kubernetes controller


with the following responsibilities:

1. Monitoring Applications: Continuously monitors the live state of running


applications in the cluster.

2. State Comparison: Compares the current, live state of applications with the
desired state defined in the Git repository.
3. Detecting OutOfSync State: Identifies when an application's live state is
OutOfSync with its desired state.

4. Corrective Actions: Optionally takes corrective actions to bring the application


back into sync with the desired state.

5. Lifecycle Hooks: Invokes user-defined hooks at specific lifecycle stages:

o PreSync: Actions before syncing the application.

o Sync: Actions during the syncing process.

o PostSync: Actions after the sync is complete.

Redis: In ArgoCD, Redis is used as a caching layer to improve performance. It caches


application states, Git metadata, and cluster states to reduce API calls and speed up
operations. Redis also helps with rate-limiting, processing webhook events, and session
management. Its in-memory nature ensures fast and efficient handling of data.

Dex is an open-source identity provider (IdP) used in ArgoCD for authentication. It acts as a
bridge between ArgoCD and external identity providers, enabling Single Sign-On (SSO).

Key Features:

1. Supports Multiple Identity Providers:


Works with LDAP, SAML, GitHub, Google, and others.

2. OIDC Provider:
Dex provides OpenID Connect (OIDC) tokens that ArgoCD uses for user
authentication.

3. Authentication for ArgoCD:


Integrates external identity providers with ArgoCD, allowing users to log in using
their existing credentials.

4. Simplifies User Management:


Makes it easier to manage users by delegating authentication to external systems
Installing Argo CD in a Custom Namespace: -

Install Argo CD in a namespace other than the default ArgoCD, you can use Kubectl to
apply a patch that updates the ClusterRoleBinding to reference the correct namespace for
the ServiceAccount. This ensures that the necessary permissions are correctly set in your
custom namespace

1)Install Argo CD in a custom namespace and ensure the correct permissions are set for
the ServiceAccount, you can follow these steps:

kubectl create namespace argocd

kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-


cd/stable/manifests/install.yaml

2)Patch the ClusterRoleBinding to reference the correct namespace for the


ServiceAccount:

After the installation, you'll need to patch the ClusterRoleBinding to update the Service
Account’s namespace.

kubectl patch clusterrolebinding argocd-application-controller \

--patch '{"subjects":[{"kind":"ServiceAccount","name":"argocd-application-
controller","namespace":"argocd'

3) Verify the installation:

To verify if Argo CD is installed correctly, you can check the pods in your custom
namespace:

This ensures that Argo CD's permissions are correctly set up for the ServiceAccount in your
custom namespace.

kubectl get pods -n argocd


kubectl get svc -n argocd

kubectl get secret -n argocd

Kubectl edit secret argocd-initial admin -n argocd

Decrypt the password: -

echo password | base64 –decode

We can login into UI with below username and password

Username: admin

Password: decode password

Let discuss more on how to create project and how to host application on multiple cluster
together.
Then we can create a project

You might also like