====== Контроллер ArgoCD ======
* [[https://www.digitalocean.com/community/tutorials/how-to-deploy-to-kubernetes-using-argo-cd-and-gitops|How to Deploy to Kubernetes using Argo CD and GitOps]]
* [[https://habr.com/ru/companies/otus/articles/544370/|Argo CD: готов к труду и обороне в Kubernetes]]
* [[https://habr.com/ru/articles/674704/|Рабочий пример использования ArgoCD]]
===== Развертывание и подключение к контроллеру ArgoCD =====
kube1:~# kubectl create namespace argocd
kube1:~# kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
kube1:~# watch kubectl get pods -n argocd
cmder$ kubectl port-forward svc/argocd-server -n argocd 8080:443
kube1:~# kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo
* [[https://localhost:8080/]]
===== Установка, подключение и управление приложениями через утилиту argocd =====
kube1:~# su - student
student@kube1:~$ /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
student@kube1:~$ eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
student@kube1:~$ time brew install argocd
student@kube1:~$ mkdir .kube
student@kube1:~$ scp root@kube1:.kube/config .kube/config
student@kube1:~$ kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo
student@kube1:~$ kubectl port-forward svc/argocd-server -n argocd 8080:443 &
student@kube1:~$ argocd login localhost:8080
Username: admin
...
student@kube1:~$ argocd app list
student@kube1:~$ kubectl create namespace my-ns
student@kube1:~$ argocd app create my-webd --repo http://server.corpX.un/student/gowebd-k8s.git --path webd-chart --dest-server https://kubernetes.default.svc --dest-namespace my-ns
student@kube1:~$ argocd app get my-webd
student@kube1:~$ argocd app sync my-webd
или
student@kube1:~$ argocd app set my-webd --sync-policy automated
student@kube1:~$ ### argocd app delete my-webd
===== Управление приложениями через kubectl =====
* [[https://argo-cd.readthedocs.io/en/release-1.8/user-guide/private-repositories/#managing-tls-certificates-using-the-argocd-web-ui|Managing TLS certificates using the ArgoCD web UI]]
kube1# cat application.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-webd
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: 'https://server.corpX.un/student/gowebd-k8s.git'
path: webd-chart
# helm:
# valuesObject:
# replicaCount: 3
# image:
# tag: "ver1.1"
# REALM_NAME: "corp"
destination:
server: 'https://kubernetes.default.svc'
namespace: my-ns
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
kube1# kubectl apply -f application.yaml
kube1# ### kubectl delete -f application.yaml
===== Тестирование приложения =====
$ curl http://kube1 -H "Host: gowebd.corpX.un"
gitlab-runner@server:~/gowebd-k8s$ cat webd-chart/Chart.yaml
...
appVersion: "ver1.N"
ИЛИ
Gitlab
gowebd-k8s
values.yaml
replicaCount: 3
Chart.yaml
appVersion: "ver1.N"
===== Дополнительные материалы =====
==== Доступ к не публичному git репозиторию ====
Settings -> Repositories + CONNECT REPO
student@server:~/argocd$ kubectl -n argocd get secrets
student@server:~/argocd$ kubectl -n argocd get secret repo-nnnnnnnnn -o yaml > gowebd-k8s-argocd-repo-cred.yaml
student@server:~/argocd$ cat gowebd-k8s-argocd-repo-cred.yaml
apiVersion: v1
data:
password: UGEkJHcwcmQ=
project: ZGVmYXVsdA==
type: Z2l0
url: aHR0cDovL3NlcnZlci5jb3JwMTMudW4vc3R1ZGVudC9nb3dlYmQtazhzLmdpdA==
username: YXJnb2Nk
kind: Secret
metadata:
annotations:
managed-by: argocd.argoproj.io
labels:
argocd.argoproj.io/secret-type: repository
name: gowebd-k8s-argocd-repo-cred
namespace: argocd
type: Opaque
==== Обновление, при появлении новой версии образа ====
* https://stackoverflow.com/questions/73616877/argocd-what-need-be-done-after-build-a-new-image
* https://argocd-image-updater.readthedocs.io/en/stable/install/installation/
gitlab-runner@server:~$ ### kubectl edit configmap/argocd-image-updater-config -n argocd