Introduction
Argo CD is a Kubernetes-native and GitOps-based tool used to deploy large-scale applications on Kubernetes. Compared to other continuous delivery tools, Argo CD is lightweight, handy, and user-focused. In addition, Argo CD can pull application code directly from a Git repository and deploy it to a Kubernetes cluster.
It supports different configuration management tools such as YAML, Kustomize, Jsonnet, Helm, and so on. Argo CD has a built-in web UI where you can monitor synchronizations and the state of the application.
Features
Manual and automatic application deployment.
Role-based access control for multi-cluster management.
Two-side syncing.
Supports different SSOs such as GitLab, LDAP, GitHub, OAuth2, Microsoft, and SAML 2.
Automated configuration drift detection and visualization.
Roll back any application configurations committed in the Git repository.
In this guide, you will install Argo CD onto a rcs Kubernetes Engine (VKE) cluster. Then deploy an application to Kubernetes via CLI and Web UI.
Prerequisites
Before you start, you need to:
Deploy a Kubernetes cluster on rcs with at least three nodes.
Install and configure the
kubectlCLI on your local machine.Install the Helm client on your local machine.
Install Argo CD
Create a namespace for Argo CD.
$ kubectl create namespace argocdIn your home directory, create a new directory for Argo CD.
$ mkdir ~/argocdChange to the
argocddirectory.$ cd ~/argocdClone the Argo CD Helm repository.
$ git clone https://github.com/argoproj/argo-helm.gitSwitch to the newly added
argo-cddirectory.$ cd argo-helm/charts/argo-cd/Update Helm dependencies.
$ helm dependency upUsing Helm, install Argo CD to the
argocdnamespace.$ helm install argocd . -f values.yaml -n argocdWhen successful, your output should look like the one below.
NAME: argocd LAST DEPLOYED: Sun Jun 11 18:13:17 2023 NAMESPACE: argocd STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: In order to access the server UI you have the following options: 1. kubectl port-forward service/argocd-server -n argocd 8080:443 and then open the browser on http://localhost:8080 and accept the certificate 2. enable ingress in the values file `server.ingress.enabled` and either - Add the annotation for ssl passthrough: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-1-ssl-passthrough - Set the `configs.params."server.insecure"` in the values file and terminate SSL at your ingress: https://argo-cd.readthedocs.io/en/stable/operator- manual/ingress/#option-2-multiple-ingress-objects-and-hosts After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running: kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d (You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://argo-cd.readthedocs.io/en/stable/getting_started/#4-login-using-the-cli)Verify that Argo CD is deployed to the
argocdnamespace in your cluster.$ kubectl get pods -n argocdOutput:
NAME READY STATUS RESTARTS AGE argocd-application-controller-0 1/1 Running 0 35s argocd-applicationset-controller-7564444bcf-6d2qc 1/1 Running 0 36s argocd-dex-server-6ccd4cd696-qlpbm 1/1 Running 0 35s argocd-notifications-controller-6df876474d-jg2hx 1/1 Running 0 35s argocd-redis-76bd68b5bf-qrnjb 1/1 Running 0 36s argocd-repo-server-5746d9fb8b-2q5cs 1/1 Running 0 35s argocd-server-659fcfdbc-kkfwv 1/1 Running 0 35sTo get information about all running services and ports, run the following command.
$ kubectl get services -n argocdOutput:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE argocd-applicationset-controller ClusterIP 10.101.12.35 <none> 7000/TCP 53s argocd-dex-server ClusterIP 10.106.185.20 <none> 5556/TCP,5557/TCP 53s argocd-redis ClusterIP 10.97.124.111 <none> 6379/TCP 53s argocd-repo-server ClusterIP 10.107.194.97 <none> 8081/TCP 53s argocd-server ClusterIP 10.101.247.167 <none> 80/TCP,443/TCP 53s
Access the Argo CD UI
At this point, Argo CD is installed and running. However, the Argo CD UI can not be accessible outside the Kubernetes cluster. In this case, you must use port forwarding to expose an Argo CD port to the service and forward it to the localhost. This way you can access Argo CD without exposing the service to the external network.
Using kubectl, forward the Argo CD port
443to the localhost on port8080.$ kubectl port-forward svc/argocd-server -n argocd 8080:443Your output should look like the one below.
Forwarding from 127.0.0.1:8080 -> 8080 Forwarding from [::1]:8080 -> 8080Extract the password for the default
adminaccount stored in a secret namedargocd-initial-admin-secret.$ kubectl get secrets -n argocd argocd-initial-admin-secret -o yamlThe encrypted password should display in your output as below.
apiVersion: v1 data: password: TU1DaWRNQVJXNWJ3S1FBNA== kind: Secret metadata: creationTimestamp: "2023-06-11T13:32:41Z" name: argocd-initial-admin-secret namespace: argocd resourceVersion: "1398" uid: 14df70cb-94aa-4c0d-8314-f5646a71651c type: OpaqueIn the above output
TU1DaWRNQVJXNWJ3S1FBNA==is the admin account password. Copy the encrypted password to your clipboard for decoding.Decode the password.
$ echo TU1DaWRNQVJXNWJ3S1FBNA== | base64 --decodeYour decoded password should look like the one below.
MMCidMARW5bwKQA4On your computer, open a web browser such as Microsoft Edge. Then, enter the URL
http://127.0.0.1:8080to access the Argo CD UI.http://127.0.0.1:8080The Argo CD login screen should display as below.
Enter
adminas the username, paste the password you decoded earlier, then click the Sign In button.If the credentials are correct, you are redirected to the Argo CD dashboard.
Optional: Access Argo CD using the CLI Tool
Argo CD also offers a CLI tool that lets you deploy the application and other tasks including, syncing, refreshing, and pausing the Argo CD application as described in this section.
Using the
wgetutility, download the latest Argo CD CLI tool.$ wget https://github.com/argoproj/argo-cd/releases/download/v2.7.4/argocd-linux-amd64In this article, version
2.7.4is installed, verify the latest version number from the official GitHub repository.Move the downloaded binary to a system-wide directory such as
/usr/local/bin/.$ sudo mv argocd-linux-amd64 /usr/local/bin/argocdGrant execute permissions on the Argo CD binary.
$ sudo chmod +x /usr/local/bin/argocdUse the
argocd logincommand to log in to the Argo CD server.$ argocd login localhost:8080Accept the server certificate, then enter
adminusername and decoded password as below.WARNING: server certificate had error: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y Username: admin Password:When logged in, your output should look like the one below.
'admin:login' logged in successfully Context 'localhost:8080' updatedTo tighten server security, change the Argo CD default password.
$ argocd account update-passwordEnter your existing password, a new strong password, and confirm the new password.
*** Enter password of currently logged in user (admin): *** Enter new password for user admin: *** Confirm new password for user admin: Password updated Context 'localhost:8080' updated
Deploy Argo CD Applications
You can create and deploy Argo CD applications in a couple of ways, you can either use YAML files or use the web UI and CLI tool. In this section, you'll deploy example Argo CD applications to your cluster using a YAML file, and the web UI dashboard.
Creating and Deploying an Application via YAML File
First, create a YAML file for your application.
$ nano argocd-app.yamlAdd the following configuration.
apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: argo-application namespace: argocd spec: project: default source: repoURL: https://gitlab.com/jasmine.harit/argocd-app-config.git targetRevision: HEAD path: dev destination: server: https://kubernetes.default.svc namespace: myapp syncPolicy: syncOptions: - CreateNamespace=true automated: selfHeal: true prune: trueSave and close the file
Apply the YAML configuration.
$ kubectl apply -f argocd-app.yaml -n argocdVerify that the application is deployed.
$ kubectl get app -n argocdOutput:
NAME SYNC STATUS HEALTH STATUS argo-application Synced HealthyYou can also verify the deployment using the Argo CD CLI tool.
$ argocd app listOutput:
NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET argocd/argo-application https://kubernetes.default.svc myapp default Synced Healthy Auto-Prune <none> https://gitlab.com/jasmine.harit/argocd-app-config.git dev HEADTo get detailed information on your application, run the following command.
$ argocd app get argo-applicationOutput:
Name: argocd/argo-application Project: default Server: https://kubernetes.default.svc Namespace: myapp URL: https://localhost:8080/applications/argo-application Repo: https://gitlab.com/jasmine.harit/argocd-app-config.git Target: HEAD Path: dev SyncWindow: Sync Allowed Sync Policy: Automated (Prune) Sync Status: Synced to HEAD (9c92bf8) Health Status: Healthy GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE Namespace myapp Running Synced namespace/myapp created Service myapp myapp-service Synced Healthy service/myapp-service created apps Deployment myapp myapp1 Synced Healthy deployment.apps/myapp1 createdIn your web browser session, refresh the dashboard to view the deployed Argo CD application as below.
http://127.0.0.1:8080
Create and Deploy Applications using the Argo CD Web UI and CLI tool
Load the Argo CD UI dashboard. Click the NEW APP to view the Application configuration screen.
In the GENERAL section, define your application name, project, and sync policy.
Within the SOURCE section, enter the path, revision, and URL of the application repository.
In the DESTINATION section, enter your cluster URL and namespace.
Click CREATE to deploy the application. When the application is deployed, the following screen should display.
Using the Argo CD CLI, run the following command to check the status of your deployed application.
# argocd app get guestbookOutput:
Name: argocd/guestbook Project: default Server: https://kubernetes.default.svc Namespace: argocd URL: https://localhost:8080/applications/guestbook Repo: https://github.com/argoproj/argocd-example-apps.git Target: HEAD Path: guestbook SyncWindow: Sync Allowed Sync Policy: <none> Sync Status: OutOfSync from HEAD (53e28ff) Health Status: Missing GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE Service argocd guestbook-ui OutOfSync Missing apps Deployment argocd guestbook-ui OutOfSync MissingAs displayed in the above output, the application is deployed but the status is
OutofSync. To sync it, run the following command.$ argocd app sync guestbookThe above command fetches the necessary manifests from the application repository and uses
kubectlto apply the configuration.On the Argo CD web dashboard, verify your application health status.
Click the application to see view more information about it.
Conclusion
You have installed Argo CD on a rcs Kubernetes Engine (VKE) cluster and explored how to use deploy applications using the web UI, Argo CD CLI, and YAML configuration files. For more information about Argo CD, please visit the official documentation.
