ArgoCD

This repository uses ArgoCD to deploy applications, based on Helm charts. We encourage the community contributing to the official project.

Configuration

See the related role variables, defined into main.yaml defaults file. Review the README.md file, for additional details and the advanced configuration settings, listed below.

Important

A role upgrade is required, in order to apply any changes related to configuration.

Credentials

While still implemented, the admin credentials are disabled by default and user administrator enabled credentials are configured instead. Additional users can be specified into facts.yaml tasks file, under argocd_resources.server.users collection:

argocd_resources:
  server:
    users:
      - name: '{{ argocd_map.credentials.server.user.name }}'
        password: '{{ argocd_map.credentials.server.user.password }}'
        permissions: 'apiKey, login'
        role: admin
        enabled: true

The name and password keys listed above are defined into all.yaml group variables file, under argocd_map.credentials.server collection.

Tip

To enable the admin credentials, set the argocd_vars.kubernetes.configs.cm.admin.enabled value to true, into main.yaml defaults file.

Parameters

Additional configuration parameters can be defined into config_params.j2 template.

Tip

Perform a role validation, to visualize all rendered templates and variables.

RBAC

Additional RBAC policies can be defined into config_rbac.j2 template. The role automatically injects the users specified into facts.yaml tasks file, under argocd_resources.server.users collection.

Repository Setup

Login into ArgoCD UI, navigate to ArgoCD Settings > Repositories and connect to official project repository:

KeyValue
MethodHTTPS
Typegit
Projectdefault
URLhttps://github.com/axivo/k3s-applications.git

Applications Provisioning

Application charts are released with version control, based on repository tags. See below an example of application provisioning in ArgoCD.

Application Resource

In this example, we will create an Ubuntu Server pod, deployed into default namespace. Navigate to Applications and create an application, then edit the resource manifest as YAML and paste the following content:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: ubuntu
  namespace: kube-system
spec:
  destination:
    name: ''
    namespace: default
    server: 'https://kubernetes.default.svc'
  source:
    path: argo/ubuntu
    repoURL: 'https://github.com/axivo/k3s-applications.git'
    targetRevision: ubuntu/v1.0.0
    helm:
      valueFiles:
        - values.yaml
  sources: []
  project: default
  syncPolicy:
    automated:
      prune: true
      selfHeal: true

Metadata

This repository uses the kube-system namespace for ArgoCD role provisioning. Adjust the metadata.namespace value accordingly, if you deploy ArgoCD in a different namespace.

The spec.destination.name is inherited from metadata.name value.

Shell Login

Example of pod shell login:

$ kubectl get pods -n default -o go-template \
  --template='{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'
ubuntu-6589cf5fb4-p9z2b

$ kubectl exec -itn default ubuntu-6589cf5fb4-p9z2b -- bash
root@ubuntu-6589cf5fb4-p9z2b:/#