Argo CD
By Bys on April 21, 2021
- Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes
- Kubernets Helm을 통한 설치
Create Namespace
kubectl create namespace argo
Donwload Template
helm fetch argo/argo-cd
tar -xvzf argo-cd-3.6.4.tgz
Modify values.yaml
cd argo-cd
vim values.yaml
Service Using NLB
## Server service configuration
service:
annotations:
service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
service.beta.kubernetes.io/aws-load-balancer-subnets: subnet-0745ae9d00efcb688, subnet-070711a376c168a6e
labels: {}
type: LoadBalancer
## For node port default ports
nodePortHttp: 30080
nodePortHttps: 30443
servicePortHttp: 80
servicePortHttps: 443
servicePortHttpName: http
servicePortHttpsName: https
namedTargetPort: true
loadBalancerIP: ""
loadBalancerSourceRanges: []
externalIPs: []
externalTrafficPolicy: ""
Service Using NLB
helm install argo -n argo argo/argo-cd -f values.yaml
helm을 통해 정상 배포 후에는 아래와 같이 argo-argocd가 배포되며 argo-argocd-server의 EXTERNAL-IP를 통해 접속 할 수 있다.
k get po -n argo
NAME READY STATUS RESTARTS AGE
argo-argocd-application-controller-7cdcc48d5c-jnt8k 1/1 Running 0 62m
argo-argocd-dex-server-fd6b7d5fc-ssnbp 1/1 Running 0 62m
argo-argocd-redis-7c9dc5d5f4-lczkd 1/1 Running 0 62m
argo-argocd-repo-server-765d5cdbb-qgsln 1/1 Running 0 62m
argo-argocd-server-74c959d6dc-vbtsb 1/1 Running 0 62m
k get svc -n argo
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
argo-argocd-application-controller ClusterIP 172.20.113.195 <none> 8082/TCP 62m
argo-argocd-dex-server ClusterIP 172.20.20.74 <none> 5556/TCP,5557/TCP 62m
argo-argocd-redis ClusterIP 172.20.72.203 <none> 6379/TCP 62m
argo-argocd-repo-server ClusterIP 172.20.90.9 <none> 8081/TCP 62m
argo-argocd-server LoadBalancer 172.20.199.156 a365a14fe8cfd40d3905ff4ee69d52e0-**.elb.ap-northeast-2.amazonaws.com 80:31017/TCP,443:31146/TCP 62m
Ingress Using ALB
server:
ingress:
# -- Enable an ingress resource for the Argo CD server
enabled: true
https: true
# -- Additional ingress annotations
annotations:
alb.ingress.kubernetes.io/group.name: argocd
alb.ingress.kubernetes.io/subnets: subnet-02e6d788fad8afdcf, subnet-020255d69e8c814da
alb.ingress.kubernetes.io/scheme : internet-facing
alb.ingress.kubernetes.io/security-groups: bys-dev-sg-alb-argocd
alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS13-1-2-2021-06
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:ap-northeast-2:558846430793:certificate/250015a4-4753-4a97-b536-88a6e6aaaf73
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
alb.ingress.kubernetes.io/backend-protocol: HTTPS
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": {"Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_302"}}'
alb.ingress.kubernetes.io/healthcheck-path: /
alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15'
alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '10'
alb.ingress.kubernetes.io/healthy-threshold-count: '2'
alb.ingress.kubernetes.io/unhealthy-threshold-count: '4'
alb.ingress.kubernetes.io/healthcheck-port: traffic-port
alb.ingress.kubernetes.io/success-codes: 200,301,302
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/tags: auto-delete=no
# -- Additional ingress labels
labels: {}
# -- Defines which ingress controller will implement the resource
ingressClassName: "alb"
# -- List of ingress hosts
## Argo Ingress.
## Hostnames must be provided if Ingress is enabled.
## Secrets must be manually created in the namespace
hosts:
- argocd-main.bys.world
# - argocd.example.com
# -- List of ingress paths
paths:
- /
# -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific`
pathType: Prefix
# -- Additional ingress paths
extraPaths:
- path: /
pathType: Prefix
backend:
service:
name: ssl-redirect
port:
name: use-annotation
# -- Ingress TLS configuration
tls:
- hosts:
- argocd-main.bys.world
secretName: cert
#tls: []
# - secretName: your-certificate-name
# hosts:
# - argocd.example.com
# -- Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp`
# https: false
Login
Username은 admin이고 패스워드는 아래의 정보를 통해 알 수 있다.
kubectl -n argo get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
- Upgrade ArgoCD
helm upgrade argo-cd argo/argo-cd -f values.yaml -n argocd
- ArgoCD CLI
# Access to argoCD server
kubectl exec -it $(k get po -n argocd | grep argo-cd-argocd-server | awk '{print $1}') -n argocd -- /bin/bash
# Account login
argocd login localhost:8080 --insecure
admin / password
# Account list
argocd account list
# Change password
argocd account update-password --account byoungsoo
argocd account update-password --account admin
cicd
gitlab
gitlab-runner
pipeline
docker
docker-compose
]