This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
контроллер_argocd [2023/09/02 12:29] val [Контроллер ArgoCD] |
контроллер_argocd [2024/03/16 11:22] (current) val [Управление приложениями через kubectl] |
||
---|---|---|---|
Line 3: | Line 3: | ||
* [[https://www.digitalocean.com/community/tutorials/how-to-deploy-to-kubernetes-using-argo-cd-and-gitops|How to Deploy to Kubernetes using Argo CD and GitOps]] | * [[https://www.digitalocean.com/community/tutorials/how-to-deploy-to-kubernetes-using-argo-cd-and-gitops|How to Deploy to Kubernetes using Argo CD and GitOps]] | ||
* [[https://habr.com/ru/companies/otus/articles/544370/|Argo CD: готов к труду и обороне в Kubernetes]] | * [[https://habr.com/ru/companies/otus/articles/544370/|Argo CD: готов к труду и обороне в Kubernetes]] | ||
+ | * [[https://habr.com/ru/articles/674704/|Рабочий пример использования ArgoCD]] | ||
+ | ===== Развертывание и подключение к контроллеру ArgoCD ===== | ||
<code> | <code> | ||
kube1:~# kubectl create namespace argocd | kube1:~# kubectl create namespace argocd | ||
Line 11: | Line 13: | ||
kube1:~# watch kubectl get pods -n argocd | kube1:~# watch kubectl get pods -n argocd | ||
- | kube1:~# kubectl port-forward svc/argocd-server -n argocd 8080:443 & | + | cmder$ kubectl port-forward svc/argocd-server -n argocd 8080:443 |
+ | kube1:~# kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo | ||
+ | </code> | ||
+ | |||
+ | * [[https://localhost:8080/]] | ||
+ | |||
+ | ===== Установка, подключение и управление приложениями через утилиту argocd ===== | ||
+ | |||
+ | <code> | ||
kube1:~# su - student | kube1:~# su - student | ||
Line 20: | Line 30: | ||
student@kube1:~$ time brew install argocd | student@kube1:~$ time brew install argocd | ||
+ | |||
+ | student@kube1:~$ mkdir .kube | ||
student@kube1:~$ scp root@kube1:.kube/config .kube/config | student@kube1:~$ scp root@kube1:.kube/config .kube/config | ||
student@kube1:~$ kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo | student@kube1:~$ kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo | ||
+ | |||
+ | student@kube1:~$ kubectl port-forward svc/argocd-server -n argocd 8080:443 & | ||
student@kube1:~$ argocd login localhost:8080 | student@kube1:~$ argocd login localhost:8080 | ||
Line 40: | Line 54: | ||
или | или | ||
student@kube1:~$ argocd app set my-webd --sync-policy automated | student@kube1:~$ argocd app set my-webd --sync-policy automated | ||
+ | |||
+ | student@kube1:~$ ### argocd app delete my-webd | ||
+ | </code> | ||
+ | |||
+ | ===== Управление приложениями через kubectl ===== | ||
+ | |||
+ | * [[https://argo-cd.readthedocs.io/en/release-1.8/user-guide/private-repositories/#managing-tls-certificates-using-the-argocd-web-ui|Managing TLS certificates using the ArgoCD web UI]] | ||
+ | |||
+ | <code> | ||
+ | kube1# cat application.yaml | ||
+ | </code><code> | ||
+ | apiVersion: argoproj.io/v1alpha1 | ||
+ | kind: Application | ||
+ | metadata: | ||
+ | name: my-webd | ||
+ | namespace: argocd | ||
+ | finalizers: | ||
+ | - resources-finalizer.argocd.argoproj.io | ||
+ | spec: | ||
+ | project: default | ||
+ | source: | ||
+ | repoURL: 'https://server.corpX.un/student/gowebd-k8s.git' | ||
+ | path: webd-chart | ||
+ | |||
+ | # helm: | ||
+ | # valuesObject: | ||
+ | # replicaCount: 3 | ||
+ | # image: | ||
+ | # tag: "ver1.1" | ||
+ | # REALM_NAME: "corp" | ||
+ | |||
+ | destination: | ||
+ | server: 'https://kubernetes.default.svc' | ||
+ | namespace: my-ns | ||
+ | syncPolicy: | ||
+ | automated: {} | ||
+ | syncOptions: | ||
+ | - CreateNamespace=true | ||
+ | </code><code> | ||
+ | kube1# kubectl apply -f application.yaml | ||
+ | |||
+ | kube1# ### kubectl delete -f application.yaml | ||
+ | </code> | ||
+ | ===== Тестирование приложения ===== | ||
+ | <code> | ||
+ | $ curl http://kube1 -H "Host: gowebd.corpX.un" | ||
gitlab-runner@server:~/gowebd-k8s$ cat webd-chart/Chart.yaml | gitlab-runner@server:~/gowebd-k8s$ cat webd-chart/Chart.yaml | ||
Line 46: | Line 106: | ||
appVersion: "ver1.N" | appVersion: "ver1.N" | ||
</code><code> | </code><code> | ||
- | $ curl http://gowebd.corpX.un | + | ИЛИ |
- | student@kube1:~$ ### argocd app delete my-webd | + | Gitlab |
+ | gowebd-k8s | ||
+ | values.yaml | ||
+ | replicaCount: 3 | ||
+ | Chart.yaml | ||
+ | appVersion: "ver1.N" | ||
</code> | </code> | ||
===== Дополнительные материалы ===== | ===== Дополнительные материалы ===== | ||
+ | |||
+ | ==== Доступ к не публичному git репозиторию ==== | ||
+ | |||
+ | <code> | ||
+ | Settings -> Repositories + CONNECT REPO | ||
+ | |||
+ | student@server:~/argocd$ kubectl -n argocd get secrets | ||
+ | |||
+ | student@server:~/argocd$ kubectl -n argocd get secret repo-nnnnnnnnn -o yaml > gowebd-k8s-argocd-repo-cred.yaml | ||
+ | |||
+ | student@server:~/argocd$ cat gowebd-k8s-argocd-repo-cred.yaml | ||
+ | </code><code> | ||
+ | apiVersion: v1 | ||
+ | data: | ||
+ | password: UGEkJHcwcmQ= | ||
+ | project: ZGVmYXVsdA== | ||
+ | type: Z2l0 | ||
+ | url: aHR0cDovL3NlcnZlci5jb3JwMTMudW4vc3R1ZGVudC9nb3dlYmQtazhzLmdpdA== | ||
+ | username: YXJnb2Nk | ||
+ | kind: Secret | ||
+ | metadata: | ||
+ | annotations: | ||
+ | managed-by: argocd.argoproj.io | ||
+ | labels: | ||
+ | argocd.argoproj.io/secret-type: repository | ||
+ | name: gowebd-k8s-argocd-repo-cred | ||
+ | namespace: argocd | ||
+ | type: Opaque | ||
+ | </code> | ||
+ | |||
+ | ==== Обновление, при появлении новой версии образа ==== | ||
* https://stackoverflow.com/questions/73616877/argocd-what-need-be-done-after-build-a-new-image | * https://stackoverflow.com/questions/73616877/argocd-what-need-be-done-after-build-a-new-image |