====== Контроллер ArgoCD ====== * [[https://www.digitalocean.com/community/tutorials/how-to-deploy-to-kubernetes-using-argo-cd-and-gitops|How to Deploy to Kubernetes using Argo CD and GitOps]] * [[https://habr.com/ru/companies/otus/articles/544370/|Argo CD: готов к труду и обороне в Kubernetes]] * [[https://habr.com/ru/articles/674704/|Рабочий пример использования ArgoCD]] * [[https://developers.redhat.com/articles/2023/05/25/3-patterns-deploying-helm-charts-argocd|3 patterns for deploying Helm charts with Argo CD]] * [[https://medium.com/globant/using-multiple-sources-for-a-helm-chart-deployment-in-argocd-cf3cd2d598fc|Using multiple sources for a Helm Chart deployment in ArgoCD]] ===== Развертывание и подключение к контроллеру ArgoCD ===== kube1:~# kubectl create namespace argocd kube1:~# kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml kube1:~# watch kubectl get pods -n argocd cmder$ kubectl port-forward svc/argocd-server -n argocd 8080:443 kube1:~# kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo * [[https://localhost:8080/]] ===== Установка, подключение и управление приложениями через утилиту argocd ===== kube1:~# su - student student@kube1:~$ /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" student@kube1:~$ eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" student@kube1:~$ time brew install argocd student@kube1:~$ mkdir .kube student@kube1:~$ scp root@kube1:.kube/config .kube/config student@kube1:~$ kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo student@kube1:~$ kubectl port-forward svc/argocd-server -n argocd 8080:443 & student@kube1:~$ argocd login localhost:8080 Username: admin ... student@kube1:~$ argocd app list student@kube1:~$ kubectl create namespace my-ns student@kube1:~$ argocd app create my-webd --repo http://server.corpX.un/student/gowebd-k8s.git --path webd-chart --dest-server https://kubernetes.default.svc --dest-namespace my-ns student@kube1:~$ argocd app get my-webd student@kube1:~$ argocd app sync my-webd или student@kube1:~$ argocd app set my-webd --sync-policy automated student@kube1:~$ ### argocd app delete my-webd ===== Управление приложениями через kubectl ===== * [[https://argo-cd.readthedocs.io/en/release-1.8/user-guide/private-repositories/#managing-tls-certificates-using-the-argocd-web-ui|Managing TLS certificates using the ArgoCD web UI]] kube1# cat application.yaml apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: my-webd namespace: argocd finalizers: - resources-finalizer.argocd.argoproj.io spec: project: default source: repoURL: 'https://server.corpX.un/student/gowebd-k8s.git' path: webd-chart # helm: # valuesObject: # replicaCount: 2 # image: # tag: "ver1.2" # REALM_NAME: "corp" # valueFiles: # - ../env.yaml destination: server: 'https://kubernetes.default.svc' namespace: my-ns syncPolicy: automated: {} syncOptions: - CreateNamespace=true kube1# kubectl apply -f application.yaml #--dry-run=client #-o yaml kube1# kubectl get Application -n argocd -o yaml | less kube1# ### kubectl delete -f application.yaml ===== Тестирование приложения ===== $ curl http://kube1 -H "Host: gowebd.corpX.un" gitlab-runner@server:~/gowebd-k8s$ cat webd-chart/Chart.yaml ... appVersion: "ver1.N" ИЛИ Gitlab gowebd-k8s values.yaml replicaCount: 3 Chart.yaml appVersion: "ver1.N" ===== Дополнительные материалы ===== ==== Доступ к не публичному git репозиторию ==== Settings -> Repositories + CONNECT REPO student@server:~/argocd$ kubectl -n argocd get secrets student@server:~/argocd$ kubectl -n argocd get secret repo-nnnnnnnnn -o yaml > gowebd-k8s-argocd-repo-cred.yaml student@server:~/argocd$ cat gowebd-k8s-argocd-repo-cred.yaml apiVersion: v1 data: password: UGEkJHcwcmQ= project: ZGVmYXVsdA== type: Z2l0 url: aHR0cDovL3NlcnZlci5jb3JwMTMudW4vc3R1ZGVudC9nb3dlYmQtazhzLmdpdA== username: YXJnb2Nk kind: Secret metadata: annotations: managed-by: argocd.argoproj.io labels: argocd.argoproj.io/secret-type: repository name: gowebd-k8s-argocd-repo-cred namespace: argocd type: Opaque ==== Обновление, при появлении новой версии образа ==== * https://stackoverflow.com/questions/73616877/argocd-what-need-be-done-after-build-a-new-image * https://argocd-image-updater.readthedocs.io/en/stable/install/installation/ gitlab-runner@server:~$ ### kubectl edit configmap/argocd-image-updater-config -n argocd