100daysofhomelab

ArgoCD & App of Apps (Day 11 - 12)

Keeping everything in git and letting Argo handle deployments. Plus a look at the app of apps pattern for organizing multiple applications.

Vince

3 min read
ArgoCD & App of Apps (Day 11 - 12)

It's hard to see Argo CD mentioned and GitOps not mentioned (though tbf that's the point of Argo).

GitOps is a way to manage your Kubernetes clusters where your desired state lives in Git, and tools like Argo CD continuously sync this state to your cluster.

Think of it like "infrastructure as code" but for Kubernetes resources.

Why GitOps?

Well for starters, given how often I kept rebuilding everything from scratch, being able to just point Argo CD at my repo and have it apply everything was 👌.

Anyway, why GitOps?

GitOps helps:

  • Keep track of all your changes (it's all on git)
  • Making cluster recovery straightforward (just point Argo CD at your repo)
  • Automating deployments (push to git, Argo handles the rest)

Initial Cluster Setup

Before jumping into it, you need your cluster in a "usable" state i.e:

  • CNI configurations done
  • Essential secrets (I apply these directly with sops decrypt and pipe to kubectl)
  • Argo CD itself (installed via helm/helmfile)

The App of Apps Pattern

It's a tree structure (of sorts) where you have one root application that points to all your other applications.

When Argo syncs this root app, it creates and manages everything defined in your repo.

I ended up preferring Helm charts for this, though other methods exist.

Setting Up Argo CD

Assuming you already installed Argo

First, grab the initial admin password:

k -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d

Port forward so you can authenticate to the CLI (you can also access the UI)

k -n argocd port-forward services/argocd-server 8080:80

Login on the CLI

argocd login localhost:8080

Change the default password:

argocd account update-password --new-password "<your password>"

Add your git repo:

argocd repo add [email protected]:mrdvince/<your repo>.git --ssh-private-key-path <your ssh key path>

Creating the Root App

You can create the root app either via CLI:

argocd app create apps \
    --dest-namespace argocd \
    --dest-server https://kubernetes.default.svc \
    --repo [email protected]:mrdvince/<your repo>.git \
    --path apps/argo_apps

Then sync it:

argocd app sync apps

Or apply a manifest with kubectl:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: apps
  namespace: argocd
spec:
  project: default
  source:
    repoURL: [email protected]:mrdvince/<your repo>.git
    targetRevision: HEAD
    path: apps/argo_apps/
  destination:
    server: https://kubernetes.default.svc
    namespace: argocd
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true
      - RespectIgnoreDifferences=true
      - ApplyOutOfSyncOnly
Note: the path: apps/argo_apps/ points to the path from the base of the repo.

The GitOps Workflow

Once everything is set up, the workflow looks like this:

  1. Push changes to your git repo
  2. Argo CD detects changes
  3. Changes are pulled and compared with the cluster state
  4. If different, Argo CD applies the changes

Now just sit back and watch as Argo CD starts creating and managing all your applications defined in the git repo.

You should then be able to see a dashboard that looks like my screenshot below