Introduction
Argo CD is a Kubernetes-native and GitOps-based tool used to deploy large-scale applications on Kubernetes. Compared to other continuous delivery tools, Argo CD is lightweight, handy, and user-focused. In addition, Argo CD can pull application code directly from a Git repository and deploy it to a Kubernetes cluster.
It supports different configuration management tools such as YAML, Kustomize, Jsonnet, Helm, and so on. Argo CD has a built-in web UI where you can monitor synchronizations and the state of the application.
Features
Manual and automatic application deployment.
Role-based access control for multi-cluster management.
Two-side syncing.
Supports different SSOs such as GitLab, LDAP, GitHub, OAuth2, Microsoft, and SAML 2.
Automated configuration drift detection and visualization.
Roll back any application configurations committed in the Git repository.
In this guide, you will install Argo CD onto a rcs Kubernetes Engine (VKE) cluster. Then deploy an application to Kubernetes via CLI and Web UI.
Prerequisites
Before you start, you need to:
Deploy a Kubernetes cluster on rcs with at least three nodes.
Install and configure the
kubectl
CLI on your local machine.Install the Helm client on your local machine.
Install Argo CD
Create a namespace for Argo CD.
$ kubectl create namespace argocd
In your home directory, create a new directory for Argo CD.
$ mkdir ~/argocd
Change to the
argocd
directory.$ cd ~/argocd
Clone the Argo CD Helm repository.
$ git clone https://github.com/argoproj/argo-helm.git
Switch to the newly added
argo-cd
directory.$ cd argo-helm/charts/argo-cd/
Update Helm dependencies.
$ helm dependency up
Using Helm, install Argo CD to the
argocd
namespace.$ helm install argocd . -f values.yaml -n argocd
When successful, your output should look like the one below.
NAME: argocd LAST DEPLOYED: Sun Jun 11 18:13:17 2023 NAMESPACE: argocd STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: In order to access the server UI you have the following options: 1. kubectl port-forward service/argocd-server -n argocd 8080:443 and then open the browser on http://localhost:8080 and accept the certificate 2. enable ingress in the values file `server.ingress.enabled` and either - Add the annotation for ssl passthrough: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-1-ssl-passthrough - Set the `configs.params."server.insecure"` in the values file and terminate SSL at your ingress: https://argo-cd.readthedocs.io/en/stable/operator- manual/ingress/#option-2-multiple-ingress-objects-and-hosts After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running: kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d (You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://argo-cd.readthedocs.io/en/stable/getting_started/#4-login-using-the-cli)
Verify that Argo CD is deployed to the
argocd
namespace in your cluster.$ kubectl get pods -n argocd
Output:
NAME READY STATUS RESTARTS AGE argocd-application-controller-0 1/1 Running 0 35s argocd-applicationset-controller-7564444bcf-6d2qc 1/1 Running 0 36s argocd-dex-server-6ccd4cd696-qlpbm 1/1 Running 0 35s argocd-notifications-controller-6df876474d-jg2hx 1/1 Running 0 35s argocd-redis-76bd68b5bf-qrnjb 1/1 Running 0 36s argocd-repo-server-5746d9fb8b-2q5cs 1/1 Running 0 35s argocd-server-659fcfdbc-kkfwv 1/1 Running 0 35s
To get information about all running services and ports, run the following command.
$ kubectl get services -n argocd
Output:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE argocd-applicationset-controller ClusterIP 10.101.12.35 <none> 7000/TCP 53s argocd-dex-server ClusterIP 10.106.185.20 <none> 5556/TCP,5557/TCP 53s argocd-redis ClusterIP 10.97.124.111 <none> 6379/TCP 53s argocd-repo-server ClusterIP 10.107.194.97 <none> 8081/TCP 53s argocd-server ClusterIP 10.101.247.167 <none> 80/TCP,443/TCP 53s
Access the Argo CD UI
At this point, Argo CD is installed and running. However, the Argo CD UI can not be accessible outside the Kubernetes cluster. In this case, you must use port forwarding to expose an Argo CD port to the service and forward it to the localhost. This way you can access Argo CD without exposing the service to the external network.
Using kubectl, forward the Argo CD port
443
to the localhost on port8080
.$ kubectl port-forward svc/argocd-server -n argocd 8080:443
Your output should look like the one below.
Forwarding from 127.0.0.1:8080 -> 8080 Forwarding from [::1]:8080 -> 8080
Extract the password for the default
admin
account stored in a secret namedargocd-initial-admin-secret
.$ kubectl get secrets -n argocd argocd-initial-admin-secret -o yaml
The encrypted password should display in your output as below.
apiVersion: v1 data: password: TU1DaWRNQVJXNWJ3S1FBNA== kind: Secret metadata: creationTimestamp: "2023-06-11T13:32:41Z" name: argocd-initial-admin-secret namespace: argocd resourceVersion: "1398" uid: 14df70cb-94aa-4c0d-8314-f5646a71651c type: Opaque
In the above output
TU1DaWRNQVJXNWJ3S1FBNA==
is the admin account password. Copy the encrypted password to your clipboard for decoding.Decode the password.
$ echo TU1DaWRNQVJXNWJ3S1FBNA== | base64 --decode
Your decoded password should look like the one below.
MMCidMARW5bwKQA4
On your computer, open a web browser such as Microsoft Edge. Then, enter the URL
http://127.0.0.1:8080
to access the Argo CD UI.http://127.0.0.1:8080
The Argo CD login screen should display as below.
Enter
admin
as the username, paste the password you decoded earlier, then click the Sign In button.If the credentials are correct, you are redirected to the Argo CD dashboard.
Optional: Access Argo CD using the CLI Tool
Argo CD also offers a CLI tool that lets you deploy the application and other tasks including, syncing, refreshing, and pausing the Argo CD application as described in this section.
Using the
wget
utility, download the latest Argo CD CLI tool.$ wget https://github.com/argoproj/argo-cd/releases/download/v2.7.4/argocd-linux-amd64
In this article, version
2.7.4
is installed, verify the latest version number from the official GitHub repository.Move the downloaded binary to a system-wide directory such as
/usr/local/bin/
.$ sudo mv argocd-linux-amd64 /usr/local/bin/argocd
Grant execute permissions on the Argo CD binary.
$ sudo chmod +x /usr/local/bin/argocd
Use the
argocd login
command to log in to the Argo CD server.$ argocd login localhost:8080
Accept the server certificate, then enter
admin
username and decoded password as below.WARNING: server certificate had error: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y Username: admin Password:
When logged in, your output should look like the one below.
'admin:login' logged in successfully Context 'localhost:8080' updated
To tighten server security, change the Argo CD default password.
$ argocd account update-password
Enter your existing password, a new strong password, and confirm the new password.
*** Enter password of currently logged in user (admin): *** Enter new password for user admin: *** Confirm new password for user admin: Password updated Context 'localhost:8080' updated
Deploy Argo CD Applications
You can create and deploy Argo CD applications in a couple of ways, you can either use YAML files or use the web UI and CLI tool. In this section, you'll deploy example Argo CD applications to your cluster using a YAML file, and the web UI dashboard.
Creating and Deploying an Application via YAML File
First, create a YAML file for your application.
$ nano argocd-app.yaml
Add the following configuration.
apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: argo-application namespace: argocd spec: project: default source: repoURL: https://gitlab.com/jasmine.harit/argocd-app-config.git targetRevision: HEAD path: dev destination: server: https://kubernetes.default.svc namespace: myapp syncPolicy: syncOptions: - CreateNamespace=true automated: selfHeal: true prune: true
Save and close the file
Apply the YAML configuration.
$ kubectl apply -f argocd-app.yaml -n argocd
Verify that the application is deployed.
$ kubectl get app -n argocd
Output:
NAME SYNC STATUS HEALTH STATUS argo-application Synced Healthy
You can also verify the deployment using the Argo CD CLI tool.
$ argocd app list
Output:
NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET argocd/argo-application https://kubernetes.default.svc myapp default Synced Healthy Auto-Prune <none> https://gitlab.com/jasmine.harit/argocd-app-config.git dev HEAD
To get detailed information on your application, run the following command.
$ argocd app get argo-application
Output:
Name: argocd/argo-application Project: default Server: https://kubernetes.default.svc Namespace: myapp URL: https://localhost:8080/applications/argo-application Repo: https://gitlab.com/jasmine.harit/argocd-app-config.git Target: HEAD Path: dev SyncWindow: Sync Allowed Sync Policy: Automated (Prune) Sync Status: Synced to HEAD (9c92bf8) Health Status: Healthy GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE Namespace myapp Running Synced namespace/myapp created Service myapp myapp-service Synced Healthy service/myapp-service created apps Deployment myapp myapp1 Synced Healthy deployment.apps/myapp1 created
In your web browser session, refresh the dashboard to view the deployed Argo CD application as below.
http://127.0.0.1:8080
Create and Deploy Applications using the Argo CD Web UI and CLI tool
Load the Argo CD UI dashboard. Click the NEW APP to view the Application configuration screen.
In the GENERAL section, define your application name, project, and sync policy.
Within the SOURCE section, enter the path, revision, and URL of the application repository.
In the DESTINATION section, enter your cluster URL and namespace.
Click CREATE to deploy the application. When the application is deployed, the following screen should display.
Using the Argo CD CLI, run the following command to check the status of your deployed application.
# argocd app get guestbook
Output:
Name: argocd/guestbook Project: default Server: https://kubernetes.default.svc Namespace: argocd URL: https://localhost:8080/applications/guestbook Repo: https://github.com/argoproj/argocd-example-apps.git Target: HEAD Path: guestbook SyncWindow: Sync Allowed Sync Policy: <none> Sync Status: OutOfSync from HEAD (53e28ff) Health Status: Missing GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE Service argocd guestbook-ui OutOfSync Missing apps Deployment argocd guestbook-ui OutOfSync Missing
As displayed in the above output, the application is deployed but the status is
OutofSync
. To sync it, run the following command.$ argocd app sync guestbook
The above command fetches the necessary manifests from the application repository and uses
kubectl
to apply the configuration.On the Argo CD web dashboard, verify your application health status.
Click the application to see view more information about it.
Conclusion
You have installed Argo CD on a rcs Kubernetes Engine (VKE) cluster and explored how to use deploy applications using the web UI, Argo CD CLI, and YAML configuration files. For more information about Argo CD, please visit the official documentation.