Knowledgebase

How to Set up Argo CD on the RCS Kubernetes Engine (VKE) Print

  • 0

Introduction

Argo CD is a Kubernetes-native and GitOps-based tool used to deploy large-scale applications on Kubernetes. Compared to other continuous delivery tools, Argo CD is lightweight, handy, and user-focused. In addition, Argo CD can pull application code directly from a Git repository and deploy it to a Kubernetes cluster.

It supports different configuration management tools such as YAML, Kustomize, Jsonnet, Helm, and so on. Argo CD has a built-in web UI where you can monitor synchronizations and the state of the application.

Features

  • Manual and automatic application deployment.

  • Role-based access control for multi-cluster management.

  • Two-side syncing.

  • Supports different SSOs such as GitLab, LDAP, GitHub, OAuth2, Microsoft, and SAML 2.

  • Automated configuration drift detection and visualization.

  • Roll back any application configurations committed in the Git repository.

In this guide, you will install Argo CD onto a rcs Kubernetes Engine (VKE) cluster. Then deploy an application to Kubernetes via CLI and Web UI.

Prerequisites

Before you start, you need to:

Install Argo CD

  1. Create a namespace for Argo CD.

    $ kubectl create namespace argocd
    
  2. In your home directory, create a new directory for Argo CD.

    $ mkdir ~/argocd
    
  3. Change to the argocd directory.

    $ cd ~/argocd
    
  4. Clone the Argo CD Helm repository.

    $ git clone https://github.com/argoproj/argo-helm.git
    
  5. Switch to the newly added argo-cd directory.

    $ cd argo-helm/charts/argo-cd/
    
  6. Update Helm dependencies.

    $ helm dependency up
    
  7. Using Helm, install Argo CD to the argocd namespace.

    $ helm install argocd . -f values.yaml -n argocd
    

    When successful, your output should look like the one below.

    NAME: argocd
    
    LAST DEPLOYED: Sun Jun 11 18:13:17 2023
    
    NAMESPACE: argocd
    
    STATUS: deployed
    
    REVISION: 1
    
    TEST SUITE: None
    
    NOTES:
    
    In order to access the server UI you have the following options:
    
    
    
    1. kubectl port-forward service/argocd-server -n argocd 8080:443
    
    
    
        and then open the browser on http://localhost:8080 and accept the certificate
    
    
    
    2. enable ingress in the values file `server.ingress.enabled` and either
    
          - Add the annotation for ssl passthrough: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-1-ssl-passthrough
    
          - Set the `configs.params."server.insecure"` in the values file and terminate SSL at your ingress: https://argo-cd.readthedocs.io/en/stable/operator-  manual/ingress/#option-2-multiple-ingress-objects-and-hosts
    
    
    
    
    
    After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password  by running:
    
    
    
    kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
    
    
    
    (You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://argo-cd.readthedocs.io/en/stable/getting_started/#4-login-using-the-cli)
    
  8. Verify that Argo CD is deployed to the argocd namespace in your cluster.

    $ kubectl get pods -n argocd
    

    Output:

    NAME                                                READY   STATUS    RESTARTS   AGE
    
    argocd-application-controller-0                     1/1     Running   0          35s
    
    argocd-applicationset-controller-7564444bcf-6d2qc   1/1     Running   0          36s
    
    argocd-dex-server-6ccd4cd696-qlpbm                  1/1     Running   0          35s
    
    argocd-notifications-controller-6df876474d-jg2hx    1/1     Running   0          35s
    
    argocd-redis-76bd68b5bf-qrnjb                       1/1     Running   0          36s
    
    argocd-repo-server-5746d9fb8b-2q5cs                 1/1     Running   0          35s
    
    argocd-server-659fcfdbc-kkfwv                       1/1     Running   0          35s
    
  9. To get information about all running services and ports, run the following command.

    $ kubectl get services -n argocd
    

    Output:

    NAME                               TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)             AGE
    
    argocd-applicationset-controller   ClusterIP   10.101.12.35     <none>        7000/TCP            53s
    
    argocd-dex-server                  ClusterIP   10.106.185.20    <none>        5556/TCP,5557/TCP   53s
    
    argocd-redis                       ClusterIP   10.97.124.111    <none>        6379/TCP            53s
    
    argocd-repo-server                 ClusterIP   10.107.194.97    <none>        8081/TCP            53s
    
    argocd-server                      ClusterIP   10.101.247.167   <none>        80/TCP,443/TCP      53s
    

Access the Argo CD UI

At this point, Argo CD is installed and running. However, the Argo CD UI can not be accessible outside the Kubernetes cluster. In this case, you must use port forwarding to expose an Argo CD port to the service and forward it to the localhost. This way you can access Argo CD without exposing the service to the external network.

  1. Using kubectl, forward the Argo CD port 443 to the localhost on port 8080.

    $ kubectl port-forward svc/argocd-server -n argocd 8080:443
    

    Your output should look like the one below.

    Forwarding from 127.0.0.1:8080 -> 8080
    
    Forwarding from [::1]:8080 -> 8080
    
  2. Extract the password for the default admin account stored in a secret named argocd-initial-admin-secret.

    $ kubectl get secrets -n argocd argocd-initial-admin-secret -o yaml
    

    The encrypted password should display in your output as below.

    apiVersion: v1
    
    data:
    
      password: TU1DaWRNQVJXNWJ3S1FBNA==
    
    kind: Secret
    
    metadata:
    
      creationTimestamp: "2023-06-11T13:32:41Z"
    
      name: argocd-initial-admin-secret
    
      namespace: argocd
    
      resourceVersion: "1398"
    
      uid: 14df70cb-94aa-4c0d-8314-f5646a71651c
    
    type: Opaque
    

    In the above output TU1DaWRNQVJXNWJ3S1FBNA== is the admin account password. Copy the encrypted password to your clipboard for decoding.

  3. Decode the password.

    $ echo TU1DaWRNQVJXNWJ3S1FBNA== | base64 --decode
    

    Your decoded password should look like the one below.

    MMCidMARW5bwKQA4
    
  4. On your computer, open a web browser such as Microsoft Edge. Then, enter the URL http://127.0.0.1:8080 to access the Argo CD UI.

     http://127.0.0.1:8080
    

    The Argo CD login screen should display as below.

    Argo CD Login Page

  5. Enter admin as the username, paste the password you decoded earlier, then click the Sign In button.

    If the credentials are correct, you are redirected to the Argo CD dashboard.

    Argo CD Dashboard Page

Optional: Access Argo CD using the CLI Tool

Argo CD also offers a CLI tool that lets you deploy the application and other tasks including, syncing, refreshing, and pausing the Argo CD application as described in this section.

  1. Using the wget utility, download the latest Argo CD CLI tool.

    $ wget https://github.com/argoproj/argo-cd/releases/download/v2.7.4/argocd-linux-amd64
    

    In this article, version 2.7.4 is installed, verify the latest version number from the official GitHub repository.

  2. Move the downloaded binary to a system-wide directory such as /usr/local/bin/.

    $ sudo mv argocd-linux-amd64 /usr/local/bin/argocd
    
  3. Grant execute permissions on the Argo CD binary.

    $ sudo chmod +x /usr/local/bin/argocd
    
  4. Use the argocd login command to log in to the Argo CD server.

    $ argocd login localhost:8080
    

    Accept the server certificate, then enter admin username and decoded password as below.

    WARNING: server certificate had error: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y
    
    Username: admin
    
    Password: 
    

    When logged in, your output should look like the one below.

    'admin:login' logged in successfully
    
    Context 'localhost:8080' updated
    
  5. To tighten server security, change the Argo CD default password.

    $ argocd account update-password
    

    Enter your existing password, a new strong password, and confirm the new password.

    *** Enter password of currently logged in user (admin): 
    
    *** Enter new password for user admin: 
    
    *** Confirm new password for user admin: 
    
    Password updated
    
    Context 'localhost:8080' updated
    

Deploy Argo CD Applications

You can create and deploy Argo CD applications in a couple of ways, you can either use YAML files or use the web UI and CLI tool. In this section, you'll deploy example Argo CD applications to your cluster using a YAML file, and the web UI dashboard.

Creating and Deploying an Application via YAML File

  1. First, create a YAML file for your application.

    $ nano argocd-app.yaml
    

    Add the following configuration.

    apiVersion: argoproj.io/v1alpha1
    
    kind: Application
    
    metadata:
    
      name: argo-application
    
      namespace: argocd
    
    spec:
    
      project: default
    
      source:
    
        repoURL: https://gitlab.com/jasmine.harit/argocd-app-config.git
    
        targetRevision: HEAD
    
        path: dev
    
      destination: 
    
        server: https://kubernetes.default.svc
    
        namespace: myapp
    
      syncPolicy:
    
        syncOptions:
    
        - CreateNamespace=true
    
        automated:
    
          selfHeal: true
    
          prune: true
    

    Save and close the file

  2. Apply the YAML configuration.

    $ kubectl apply -f argocd-app.yaml -n argocd
    
  3. Verify that the application is deployed.

    $ kubectl get app -n argocd
    

    Output:

    NAME               SYNC STATUS   HEALTH STATUS
    
    argo-application   Synced        Healthy
    

    You can also verify the deployment using the Argo CD CLI tool.

    $ argocd app list
    

    Output:

    NAME                     CLUSTER                         NAMESPACE  PROJECT  STATUS  HEALTH   SYNCPOLICY  CONDITIONS       REPO                                                    PATH  TARGET
    
    argocd/argo-application  https://kubernetes.default.svc  myapp      default  Synced  Healthy  Auto-Prune  <none>      https://gitlab.com/jasmine.harit/argocd-app-config.git  dev   HEAD
    
  4. To get detailed information on your application, run the following command.

    $ argocd app get argo-application
    

    Output:

    Name:               argocd/argo-application
    
    Project:            default
    
    Server:             https://kubernetes.default.svc
    
    Namespace:          myapp
    
    URL:                https://localhost:8080/applications/argo-application
    
    Repo:               https://gitlab.com/jasmine.harit/argocd-app-config.git
    
    Target:             HEAD
    
    Path:               dev
    
    SyncWindow:         Sync Allowed
    
    Sync Policy:        Automated (Prune)
    
    Sync Status:        Synced to HEAD (9c92bf8)
    
    Health Status:      Healthy
    
    
    
    GROUP  KIND        NAMESPACE  NAME           STATUS   HEALTH   HOOK  MESSAGE
    
           Namespace              myapp          Running  Synced         namespace/myapp created
    
           Service     myapp      myapp-service  Synced   Healthy        service/myapp-service created
    
    apps   Deployment  myapp      myapp1         Synced   Healthy        deployment.apps/myapp1 created
    
  5. In your web browser session, refresh the dashboard to view the deployed Argo CD application as below.

     http://127.0.0.1:8080
    

    A Deployed Argo CD Application

Create and Deploy Applications using the Argo CD Web UI and CLI tool

  1. Load the Argo CD UI dashboard. Click the NEW APP to view the Application configuration screen.

    General Configuration

    • In the GENERAL section, define your application name, project, and sync policy.

    • Within the SOURCE section, enter the path, revision, and URL of the application repository.

    • In the DESTINATION section, enter your cluster URL and namespace.

    • Click CREATE to deploy the application. When the application is deployed, the following screen should display.

    Argo CD Guestbook Application

    Using the Argo CD CLI, run the following command to check the status of your deployed application.

    # argocd app get guestbook
    

    Output:

    Name:               argocd/guestbook
    
    Project:            default
    
    Server:             https://kubernetes.default.svc
    
    Namespace:          argocd
    
    URL:                https://localhost:8080/applications/guestbook
    
    Repo:               https://github.com/argoproj/argocd-example-apps.git
    
    Target:             HEAD
    
    Path:               guestbook
    
    SyncWindow:         Sync Allowed
    
    Sync Policy:        <none>
    
    Sync Status:        OutOfSync from HEAD (53e28ff)
    
    Health Status:      Missing
    
    
    
    GROUP  KIND        NAMESPACE  NAME          STATUS     HEALTH   HOOK  MESSAGE
    
            Service     argocd     guestbook-ui  OutOfSync  Missing        
    
            apps   Deployment  argocd     guestbook-ui  OutOfSync  Missing  
    

    As displayed in the above output, the application is deployed but the status is OutofSync. To sync it, run the following command.

    $ argocd app sync guestbook
    

    The above command fetches the necessary manifests from the application repository and uses kubectl to apply the configuration.

  2. On the Argo CD web dashboard, verify your application health status.

  3. Click the application to see view more information about it.

    Argo CD Guestbook Application Details

Conclusion

You have installed Argo CD on a rcs Kubernetes Engine (VKE) cluster and explored how to use deploy applications using the web UI, Argo CD CLI, and YAML configuration files. For more information about Argo CD, please visit the official documentation.


Was this answer helpful?
Back

Powered by WHMCompleteSolution