6.ArgoCD

GitOps

GitOps is an operational framework that applies DevOps best practices such as version control, collaboration, and continuous integration/continuous deployment (CI/CD) to infrastructure automation.

key principles

The key principles of GitOps are

• Declarative configuration: The entire system, including applications, infrastructure, and containers, is defined declaratively in code stored in a Git repository. This serves as the single source of truth.
• Git as the source of truth: All changes to the system are tracked in the Git repository. The desired state of the system is defined in Git, and software agents automatically reconcile the live environment to match the Git repository.
• Automated deployments: When changes are made to the Git repository, software agents like Flux or ArgoCD automatically detect the changes and apply them to the live environment, ensuring the system is always in the desired state.
• Observability: The Git repository provides full visibility and auditability of all changes made to the system. Software agents monitor the live environment and report any divergence from the desired state defined in Git.

key benefits

The key benefits of GitOps include:

• Increased collaboration and visibility: All changes are tracked in Git, making the system more transparent and resilient.
• Improved security and compliance: The declarative, version-controlled approach enforces security best practices and enables easy auditing.
• Faster, more reliable deployments: Automated deployments from Git reduce human error and enable rapid, consistent updates.
• Self-healing infrastructure: Software agents continuously reconcile the live environment to the desired state in Git, providing self-healing capabilities.

GitOps is particularly well-suited for managing Kubernetes environments, as Kubernetes itself is declarative and can be defined as code in Git. However, the principles of GitOps can be applied to any infrastructure, including cloud resources, databases, and more.

ArgoCD

ArgoCD is a declarative, GitOps continuous delivery tool specifically designed for Kubernetes. It enables you to maintain full control over your application's lifecycle, providing a robust and automated approach to deploying, managing, and updating your applications in a Kubernetes environment.

1. Declarative Infrastructure Management: ArgoCD allows you to define the desired state of your applications and infrastructure in a declarative manner using Git repositories. This means you can specify how your applications should be deployed and maintained, and ArgoCD ensures that the actual state matches the desired state defined in your Git repository.

2. Automated Synchronization: It continuously monitors the Git repository where the desired state is defined. Whenever there is a change in the repository, ArgoCD automatically synchronizes the actual state of the applications to match the updated desired state, effectively handling deployment and lifecycle management while minimizing manual intervention.

3. Application Health Monitoring: ArgoCD provides visibility into the health of your applications running in Kubernetes. It monitors the state of your applications and infrastructure, and if any issues arise, it provides alerts and notifications, allowing you to identify and address any discrepancies.

4. Rolling Updates and Rollbacks: With ArgoCD, you can seamlessly perform rolling updates of your applications, ensuring that new versions are deployed without disrupting the availability of the application. Additionally, in case of issues, ArgoCD supports rollback functionality, enabling you to revert to a previous known-good state.

5. Integration with CI/CD Pipelines: ArgoCD can seamlessly integrate with your existing CI/CD pipelines, enabling automation and control over the deployment and maintenance processes, resulting in consistent and reliable application deployments.

6. Multi-environment Management: ArgoCD supports the management of applications across multiple environments, such as development, staging, and production, providing a cohesive approach to application deployment and maintenance throughout different stages of the software development lifecycle.

Overall, ArgoCD serves as a powerful tool for implementing GitOps best practices in a Kubernetes environment, offering automation, visibility, and reliability in managing the deployment and lifecycle of your applications.

Understand the need for ArgoCD here: solving-configuration-drift

Architecture

Core Components

ArgoCD architecture contains below listed core components.

• Application Controller is responsible for managing the lifecycle of applications. It is pivotal in ensuring that applications are synchronized, consistently deployed, and maintained in the desired state as specified by the Git repository.

• ApplicationSet Controller facilitates the template-based management of applications, offering powerful capabilities for dynamic configuration, multi-tenancy support, GitOps integration, and automation, thus streamlining the management of application instances with consistency and efficiency across different environments or clusters.

• Dex Server is an open-source identity service that provides a unified authentication and authorization layer for your applications, APIs, and infrastructure. Its primary focus is on enabling Single Sign-On (SSO) across multiple services and platforms. Dex server integrates with ArgoCD, providing robust SSO capabilities, enhancing security, enabling integration with external identity providers, and contributing to the overall management and control of user access within the ArgoCD platform.

• Notifications Controller enables real-time event notifications, allowing users and administrators to stay informed about changes and activities within the ArgoCD environment.

• Redis Serves as a caching mechanism, supporting session management, enabling pub/sub messaging, queue management, distributed locking, state management, and contributing to the scalability and performance of the platform. Its integration enhances the efficiency, reliability, and real-time capabilities of ArgoCD's operations.

• Repo Servere acts as the bridge between the Git repositories housing application configurations and the ArgoCD Controller, facilitating efficient synchronization, version control, access management, and configuration consistency within the continuous deployment and GitOps workflow.

• ArgoCD Server When users interact with the Web UI or issue commands through the CLI, the requests are sent to the ArgoCD Server, which processes the inputs and initiates the necessary actions within the ArgoCD environment. The ArgoCD Server is responsible for managing user interactions, interpreting commands, executing deployment actions, and ensuring the synchronization of application configurations with the Kubernetes clusters.

Configure ArgoCD Server

Notice that the ArgoCD Server is by default with ClusterIP.

In order to interact with ArgoCD server from the local browser, we need to change the service type to NodePort.

Notice that you need to keep this terminal open as stated in the above screenshot.

In order to access the ArgoCD web UI, we need the logic credentials.

By default this is a Base64 encoded secret, so decode it.
user: admin
pwd:

Login the ArgoCD UI using the above credentials, http://127.0.0.1:59094

Click 'New App' or 'Create Application', enter the appropriate details.
Use the openly available repository for the deployment, https://github.com/argoproj/argocd-example-apps

ArgoCD CLI

In the previous section we did the application deployment using the web browser. The other convenient way is using ArgoCD CLI tool.

• Install ArgoCD Cli using https://argo-cd.readthedocs.io/en/stable/cli_installation/
• Once the CLI tool is installed successfully, login the argocd using the same credentials we used to access the web UI in the above section.
• Now, deploy a sample application. Eg. see the below command

argocd app create guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --directory-recurse --sync-policy auto

• List the deployed applications using the command 'kubectl get deployments -o wide '
• Deleting the application is by using the command 'argocd app delete -y'

A reference for the ArgoCD CLI commands is available at
https://argo-cd.readthedocs.io/en/stable/user-guide/commands/argocd/