Skip to Content
TutorialsConfigurationArgo CD

ArgoCD

This repository uses ArgoCD  to deploy applications based on Helm charts. We encourage the community to contribute to the official project .

Configuration

See the related role variables, defined in the main.yaml  defaults file. Review the README.md  file for additional details and the advanced configuration settings listed below.

Important

A role upgrade is required in order to apply any changes related to configuration.

Credentials

While still implemented, the admin credentials are disabled by default and user administrator enabled credentials are configured instead. Additional users can be specified in the facts.yaml  tasks file, under the argocd_resources.server.users collection:

argocd_resources:
  server:
    users:
      - name: "{{ argocd_map.credentials.server.user.name }}"
        password: "{{ argocd_map.credentials.server.user.password }}"
        permissions: "apiKey, login"
        role: admin
        enabled: true

The name and password keys listed above are defined in the all.yaml  group variables file, under the argocd_map.credentials.server collection.

Tip

To enable the admin credentials, set the argocd_vars.kubernetes.configs.cm.admin.enabled value to true in the main.yaml  defaults file.

Parameters

Additional configuration parameters can be defined in the config_params.j2  template.

Tip

Perform a role validation to visualize all rendered templates and variables.

RBAC

Additional RBAC policies can be defined in the config_rbac.j2  template. The role automatically injects the users specified in the facts.yaml  tasks file, under the argocd_resources.server.users collection.

Repository Setup

Log in to the ArgoCD UI, navigate to ArgoCD Settings > Repositories, and connect to the official project repository:

KeyValue
MethodHTTPS
Typegit
Projectdefault
URLhttps://github.com/axivo/k3s-applications.git

Applications Provisioning

Application charts are released with version control, based on repository tags. See below an example of application provisioning in ArgoCD.

Application Resource

In this example, we will create an Ubuntu Server 24.04 LTS container , deployed in the default namespace. Navigate to Applications and create an application, then edit the resource manifest as YAML and paste the following content:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: ubuntu
  namespace: kube-system
spec:
  destination:
    namespace: default
    server: https://kubernetes.default.svc
  project: default
  source:
    helm:
      valueFiles:
        - values.yaml
    path: apps/ubuntu
    repoURL: https://github.com/axivo/k3s-applications.git
    targetRevision: HEAD
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true

Metadata

This repository uses the kube-system namespace for ArgoCD role provisioning. Adjust the metadata.namespace value accordingly if you deploy ArgoCD in a different namespace.

The spec.destination.name is inherited from the metadata.name value.

Shell Login

Example of container shell login:

$ kubectl get pods -n default -o go-template \
  --template='{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'
ubuntu-6589cf5fb4-p9z2b
 
$ kubectl exec -itn default ubuntu-6589cf5fb4-p9z2b -- bash
root@ubuntu-6589cf5fb4-p9z2b:/#

The end-user will have root access to a minimal Ubuntu 24.04 LTS container, connected to the Kubernetes cluster network. Common tools may require manual installation via apt-get.

Last updated on
AnsibleCilium