GitOps with Argo CD: Managing Kubernetes Application using Git and Argo CD

What is Argo CD

Argo CD is a tool which will read your environment configuration (written either as a helm chart, kustomize files, jsonnet or plain yaml files) from your git repository and apply it to your Kubernetes namespaces. Some of the features of Argo CD are: declarative and version controlled application deployments.

Why Argo CD

It keeps your application definitions, configurations, and environments should be declarative and version controlled. Application deployment and lifecycle management should be automated, auditable, and easy to understand.

Challeneges without Argo CD

1. Install and setup tools like Kubectl in each place from where you are trying to deploy.
2. Configure access to each k8s cluster to deploy the applications.
3. Configure access to cloud providers if we have our clusters are on Cloud. these will raise more security challeneges.
4. We don’t have visibility of deployment status.

How Argo CD resolve above issues

Deploying ArgoCD with in Kubernetes cluster and instead of pushing the application changes or deployments to cluster we can pull it with the help of argo CD agents. So Same argo CD instance is able to sync a fleet of k8s clusters.

We can configure Argo CD rto track the changes of GIT repositry where our kubernetes manifests stored and then pull and deploy it automatically if there is any changes. With this we can clearly seperate the CI & CD flow and maintain the code seperatly.

If there is any manual chages happened in the k8s cluster, then Argo CD automatically will revert those mannual changes and guarantees that k8s manifests in Git remains single source of truth.

Argo CD supports Kubernetes plain yaml files, Helm Charts and kustomize files.

Cluster disaster recovery is very easy with this setup, since we are managing all the deployment code in seperate git repository, we can simply point the Argo CD to git repo. and Argo CD will sync those to cluster.

For specific deployments, we no need to create Cluster roles & access permissions in kubernetes. Instead, we can use the GIT merging strategy’s to deploy the applications into our cluster with Argo CD.

You don’t need to give external cluster access to non human users. So no cluster credentials are outside of k8s.

We can use overlays with customize to test the changes in dev env first and then apply it in prod. (we can even use branching strategy but it’s not quite best option even thouth its quite popular.)

Lamen Diagram

Pre-requisites

Before installing Argo CD, we need below environment ready.(I’m assuming this setup is already available with you).

1. Kubernetes cluster.
2. kubectl package installed. this is needed to manage clusters.
3. Kubernetes Cluster access(default location is ~/.kube/config).
4. GitHub repositry. In my case i have used this repo. https://github.com/Sarvabhowma1995/argocd-demo

Install Argo CD

Argo CD low level architeture

High Level Architecture

Argo CD can be installed in kubernetes or outside of kubernetes, but Argo CD installation on kubernetes is production ready. Hence, i am installing it in kubernetes cluster. For more information on how to install locally, please CLICK HERE.

Note: Even if you install Argo CD locally, you still need kubernetes cluster to deploy the resources.

Before running below commands, please make sure you have a kubernetes cluster access to where you need to install Argo CD. In my case i have kubernetes cluster installed in windows as minikube and i connected to it to perform any actions.

$ kubectl create namespace argocd

$ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

Below is the output looks like after running the commands,

Command Output

Below are the objects which are created as part of Argo CD installation.

Objects created for Argo CD

Once the pods are ready, ArgoCD will be running. But the ArgoCD API server will not be accessible from outside the cluster. We’ll use port-forward to expose a port to the service, and forward it to localhost or change the argocd-server service type to LoadBalancer (applicable for cloud only) or NodePort.

Steps for three cases:

A) For port forwarding run below command, and then access your webpage with https://127.0.0.1:8080

$ kubectl port-forward svc/argocd-server -n argocd 8080:443

B) To Patch service as NodePort, run below command. You can access the webUI with anyone of the cluster node public IP with respective node port port number.

$ kubectl patch svc argocd-server -n argocd — type=’json’ -p ‘[{“op”:”replace”,”path”:”/spec/type”,”value”:”NodePort”},{“op”:”replace”,”path”:”/spec/ports/0/nodePort”,”value”:30080}]’

C) To Patch service as LoadBalancer, run below command. You can access the webUI with LB URL.

$ kubectl patch svc argocd-server -n argocd -p ‘{“spec”: {“type”: “LoadBalancer”}}’

In our case, I am using port forwarding for my convenient.

Once you open the web page in the UI, it will ask user name password. admin is the default username and password we need to check argocd-initial-admin-secret and decode the value.

View secret from secret

Below is the command to decode the above seret value.

$ echo <Secret Value> | base64 --decode

Command to decode the value

After you sign in your initial page looks like below,

Inital ArgoCD page

Connect ArgoCD with Git repository

We can define these settings through yaml file or through UI. But in our case i am following yaml file so that we can maintain this file in source code repository.

I have created one demo repositry in github. in that i have created, develop folder to store all the development environment manifest files and i have creates nginx deployment & service in that directory. You can fillow below URL to view the code.

https://github.com/Sarvabhowma1995/argocd-demo

Now, i am creating application.yaml file to store the confiuration details about connectivity between argocd and github. This file is very similar to kubernetes manifest file but with different options.

In application.yaml manifest file, under source and destination we me mention required values.

I have clearly explained about each line, so please follow below code to understand more about it, you can always refer offcial doccumentation.

Once you create above file, to apply it, run below command. So that from now on Argo CD will track the changes from git and deploy it.

$ kubectl apply -f application.yaml

applying application manifest to

Once application manifest is applied, then you can check from web UI, that the application will be available.

Application details from Argo CD Web UI

you can click on that application to check the application mapping. You can click on each tile to view the summary, logs, events, parameters & yaml config.

Application mapping view

Test Automatic Deployments

To test automatic deployments, you can suimply go ahead and change the image tag from deployment manifest file and wait for 3 sec to automatically deploy the change. you can see that from UI.

In my use case i have given latest tag for nginx, now i am going to change it to nginx:1.20 tag.

After commiting it now you can see argoCD automatically dployed changed image tag into the cluster.

Validatng the automatic deployments

You can even test deleting the demo app deployment or service from the cluster manually and check how argo CD create the application.

We can also create sample application from CLI for that we need to install Argo CD CLI and run Argocd app create command. for more info please follow this doccument.

Conclusion

And there you have it, with full setup we can able to sepeare CI & CD and automatically deploy the applications into cluster with Argo CD.

I hope you guys have enjoyed this hands-on tutorial and learned a bit more than what you know before. Let me know if you have any questions related to this blog.

See you in the next blog.🤘