Deploy an application in Kubernetes using Argo CD with GitHub
One of the complicated issues we face while we manage or setup multiple cluster or environments in managing the credentials with roles, mainly we may use any CI/CD system to store those credentials. generally, here we should store the credentials in some CI system or code repo. This method can be problematic if the service gets compromised, e.g.,?as it happened to CodeShip last year.
Even using services such as GitLab CI and GitHub Actions requires that credentials for accessing your cluster be stored with them. If you’re employing GitOps, to take advantage of using the usual Push to repo -> Review Code -> Merge Code sequence for managing your infrastructure configuration as well, this would also mean access to your whole infrastructure.
It can also be difficult to keep track of how the different deployed environments are drifting from the configuration files stored in the repo, since these external services are not specific to Kubernetes and thus aren’t aware of the status of all the deployed pieces.
How to mitigate this? there are tools to help us with these issues. Two of the most known are?Argo CD?and?Flux. They allow credentials to be stored within your Kubernetes cluster, where you have more control over their security. They also offer pull-based deployment with drift detection. Both of these tools solve the same issues, but tackle them from different angles.
Here, we’ll take a deeper look at Argo CD out of the two.
What is Argo CD
As we seen previously, Argo CD is a tool which will read your environment configuration (written either as a helm chart, kustomize files, jsonnet or plain yaml files) from your git repository and apply it to your Kubernetes namespaces. Some of the features of Argo CD are: declarative and version-controlled application deployments.
Argo CD automates the deployment of the desired application states in the specified target environments. Application deployments can track updates to branches, tags, or pinned to a specific version of manifests at a Git commit.
Prerequisites
领英推荐
About Helm
Helm is a templating engine for Kubernetes. It allows us to define values separately from the structure of the yaml files, which can help with access control and managing multiple environments using the same template.
You can grab Helm here:?https://github.com/helm/helm/releases
Deploy application from GITHUB
As mentioned, this article considers Prerequisites has been followed. With that, lets login to argoCD via UI. use `admin` as username, and the password retrieved by this command or your password, if you changed before.
# kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo
Once you’re logged in, connect your repo from the Repositories inside the Settings menu on the left side. Here, we can choose between SSH and https authentication, GitHub – for this article, let’s use https, but for SSH, you’d only need to set up a key pair for use.
As I am using https with GitHub, I am using my GitHub username and token, as GitHub only allows to login via access token. To generate access token,?login to GitHub >> profile settings >> Developer settings >> Personal access token >> Generate new token. With this you can generate new token and use it in argoCD to login the repository.
Once the repository connected successfully, you can set up an application which will help to sync the state of your deployment with that described in the github repo.
Our sample app you can find on?kubernetes/argocd/node-app at main · foxutech/kubernetes (github.com). you can fork and use it.
Continue reading this article on Deploy an application in Kubernetes using Argo CD with GitHub (foxutech.com)