ArgoCD Installation and Setup
=============================
.. toctree::
:maxdepth: 2
:hidden:
ArgoCD is one of the available and popular GitOps tools used to manage services deployed in a Kubernetes cluster. It supports several important features, such as deployment environments, single sign-on, deployment rollbacks, a dashboard to monitor deployment statuses and much more.
.. _manual_argocd:
Installation
------------
The installation reference is ``_.
More precisely:
.. code-block:: bash
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
If you didn't already, `install the local argocd CLI `_.
Setup a port-forward to the argocd cluster:
Connect to ArgoCD via port-forward
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. code-block:: bash
kubectl port-forward svc/argocd-server -n argocd 8080:443
Obtain initial admin password
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Now we're able to retrieve the admin password:
.. code-block:: bash
argocd admin initial-password -n argocd
Connecting to ArgoCD via web UI
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
You should now be able to login as ``admin`` to ``_.
Connecting to ArgoCD via CLI
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
First, login via CLI. Assuming you've setup the port-forward as described above, you can do:
.. code-block:: bash
argocd login localhost:8080 --insecure
And now you should be able to run other commands such as:
.. code-block:: bash
argocd app list
Expose ArgoCD (or not)
~~~~~~~~~~~~~~~~~~~~~~
This section is purposefully removed as it is not a recommended, especially by default,
to expose ArgoCD to the Internet, as it has access over most of the cluster resources.
Setup
-----
Quick Start
~~~~~~~~~~~
The following two configmaps are configured to setup ArgoCD for the CHSRC use cases.
It configures [Helm Kustomize support](#helm-kustomize-support), and configures ArgoCD to [ignore Cilium-related](#cilium-caveat) resources that are added to our clusters behind the scenes.
To configure all of this, create this file:
`argocd-cm.yaml`:
.. code-block:: yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-cm
namespace: argocd
labels:
app.kubernetes.io/name: argocd-cm
app.kubernetes.io/part-of: argocd
data:
url: https://localhost:8080/
kustomize.buildOptions: --load-restrictor LoadRestrictionsNone --enable-helm
# If you need to exclude some resources, use a matching pattern like below.
# For instance, clusters using Cilium add extra resources that you may want to exclude from Argo:
resource.exclusions: |
- apiGroups:
- cilium.io
kinds:
- CiliumIdentity
clusters:
- "*"
Apply:
.. code-block:: bash
kubectl apply -f argocd-cm.yaml -n argocd
At this point, we're done. For more details about what we just did in this quickstart and why, see the sections below.
Helm Kustomize support
~~~~~~~~~~~~~~~~~~~~~~
To enable helm support for kustomizations, as well as loading values files from other directories, add the following in the `argocd-cm` ConfigMap:
.. code-block:: yaml
data:
kustomize.buildOptions: --load-restrictor LoadRestrictionsNone --enable-helm
Install GitOps repo environment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add the repo via web UI or CLI:
.. code-block:: bash
argocd repo add https://gitlab.com/ska-telescope/src/deployments/MYsrc/ska-src-MYsrc-services-cd.git --type git --project default --username argocd --password
.. tip::
The GitLab PAT is generated in GitLab under Settings > Access tokens. Give it a username (matching the command above),
and at least the developer role and repository access so that it can read/clone the source.
Note that the Gitlab generated token cannot be viewed after creation.
To install the environment, ``kubectl apply argocd-apps//main.yaml`` to start the installation of all apps for a specific environment.