ArgoCD Logo

This is the known good design for deploying ArgoCD in a Kubernetes cluster.

Overview

ArgoCD Overview

ArgoCD is a declarative, GitOps continuous delivery tool for Kubernetes. It allows you to manage application deployments through Git repositories, ensuring your Kubernetes cluster state matches the desired state defined in your Git repositories.

Key Features

  • GitOps Workflow: Keeps cluster applications in sync with Git repositories.
  • Declarative Configuration: Enables version control for application configurations.
  • Self-Healing: Automatically detects and fixes configuration drifts.
  • Multi-Cluster Management: Manage multiple clusters from a single control plane.

Application of Applications

Implementation Details

Step 1: Install ArgoCD

To install ArgoCD, use the official Helm chart for streamlined deployment:

helm repo add argo https://argoproj.github.io/argo-helm
helm repo update
helm install argocd argo/argo-cd --namespace argocd --create-namespace

For additional guidance, refer to the Rancher Documentation for installing GitOps tools like ArgoCD in Rancher-managed clusters.

Step 2: Access ArgoCD Locally via kubectl port-forward

If you prefer not to expose ArgoCD externally, you can use kubectl port-forward to access the ArgoCD server from your local machine.

  1. Port-Forward the ArgoCD Server: Run the following command to forward the local port 8080 to the ArgoCD server service in the argocd namespace:

    kubectl port-forward svc/argocd-server -n argocd 8080:443

  2. Access ArgoCD: Open your browser and navigate to:

    https://localhost:8080

  3. Log In: Retrieve the initial admin password:

    kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 --decode

    Use admin as the username and the retrieved password to log in.

Example Dashboard

Configuring ArgoCD Applications

Example: Deploying an Application Using ArgoCD

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: example-app
  namespace: argocd
spec:
  destination:
    namespace: example-namespace
    server: https://kubernetes.default.svc
  project: default
  source:
    repoURL: https://github.com/example/repo.git
    targetRevision: HEAD
    path: manifests
  syncPolicy:
    automated:
      prune: true
      selfHeal: true

Apply the application manifest:

kubectl apply -f application.yaml

Deploying an Application

Monitoring and Troubleshooting

Monitoring ArgoCD

ArgoCD exposes metrics compatible with Prometheus. To monitor ArgoCD:

  1. Install Prometheus and Grafana in your cluster.
  2. Create a ServiceMonitor for ArgoCD:
    apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: argocd
  namespace: argocd
spec:
  selector:
    matchLabels:
      app.kubernetes.io/part-of: argocd
  endpoints:
  - port: http-metrics

Troubleshooting Common Issues

  • Sync Failures: Check the logs for the ArgoCD application controller:
    kubectl logs -n argocd -l app.kubernetes.io/name=argocd-application-controller
  • Access Issues: Ensure the ArgoCD server is exposed correctly via LoadBalancer or Ingress.
  • Permission Denied: Verify that ArgoCD has sufficient RBAC permissions in the target namespace.

Considerations

  • Namespace Isolation: Use ArgoCD projects to isolate applications by namespace and permissions.
  • RBAC Configuration: Limit access to ArgoCD applications based on team roles.
  • Backup and Restore: Regularly back up ArgoCD configurations and secrets to ensure recoverability in case of failure.
  • Cluster Scalability: Test ArgoCD performance in large-scale clusters to ensure it meets your scaling requirements.