GitOps Using ArgoCD

Authored by Sunil Paswan

One of our clients was deploying their microservices to the EKS cluster using kubectl CLI. Their major problems were:

• The development team’s access to the deployment files in the Git repositories caused multiple deviations from the original configuration
• Performing k8s automation using kubectl made error detection a nightmare as it was an ‘apply and forget’ command
• Assigning proper roles and access for the project, with respect to the specific project namespace on the cluster was not possible.

To solve these problems, the CloudifyOps team suggested the GitOps strategy using ArgoCD.

We could create a separate repository for manifest files, isolating the source code and configuration. This allowed the developers to be worry-free about managing the k8s manifest files. The developers were able to deploy their code without hands-on input from the operations teams as well.

ArgoCD helps with error detection as it validates the deployment and ensures proper feedback is given during the execution of CI/CD pipelines.

What is GitOps?

GitOps allows the entire code delivery process, including infrastructure and application definition as code and automated updates and rollbacks, to be controlled by Git.

ArgoCD is a GitOps agent that synchronizes the state of the application described in a Git repository with a deployment in the Kubernetes clusters.

The traditional way of deployment without GitOps involves the following steps:

• A developer commits source code to the application repository
• A CI system triggers and builds the application and performs some additional actions such as unit tests, security scans, etc.
• The container image is stored in some container registry
• Then the CI platform (Jenkins, Gitlab, or external system) with direct access to the Kubernetes cluster creates a deployment using commands like “kubectl apply”
• The application is now deployed.

Cons of Traditional Deployment

• The platform that deploys to the cluster has full access to the K8s cluster
• The Cluster state is manually decided by kubectl commands
• The manifest file is not versioned.

What is the GitOps way of Deployment on K8s

• A GitOps agent is deployed on the cluster
• GitOps agent monitors the Git repository that defines the Kubernetes manifest files
• Once a Git commit happens on the repository, the GitOps agent will instruct the cluster to reach the same state as described in the Git
• Developers and operators perform all changes via Git operation and never directly access the cluster (or perform manual kubectl commands).

Pros of GitOps

• No direct access to the K8s cluster given to any stakeholders
• All changes are performed via Git, so all changes are recorded in the version control system
• Easy to rollback to the previous stable version
• Faster deployments
• Eliminating configuration drift

ArgoCD Installation

1. Create namespace argocd.

kubectl create namespace argocd.

1. Apply ArgoCD Deployment

???????????kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

1. Default username is admin and you can? retrieve the admin password easily using kubectl.

kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo?

1. Expose Argocd-server svc type LoadBalancer to access the Web UI Console.

kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'

??OR?

Use an Ingress controller.

Demonstration on how to Implement GitOps with GitLab CICD

Create a Repository to version control your application source code.

You can create in any public Git repository. In our case, we are creating it on Gitlab. In this repository, we will push our application code.

Example:-?

https://gitlab.com/test7474/demo.git

Create a Second Repository to version control your Kubernetes manifest file for deployment.

Let us create the second git repository, as we did in the previous step, for our manifest files on GitLab. In this Repository we will push our application code.

Example:-

https://gitlab.com/test7474/k8s-manifest.git

Create CICD pipeline

Create a CICD pipeline in your source code repository to build and push docker images. This also updates the Kubernetes manifest file with the latest docker image tag from the k8s-manifest repository, so that argoCD agent can pull the latest updates from k8s-manifest repository and apply changes on the cluster.

GitLab CICD code :-

docker-build:

??# Use the official docker image.

??image: docker:latest

??stage: build

??services:

????- name: docker:dind

??????alias: docker

??variables:

????TAG: $CI_PIPELINE_ID

????DOCKER_HOST: tcp://docker:2375

????DOCKER_TLS_CERTDIR: ""

??before_script:

????- docker login -u $DOCKER_USER -p $DOCKER_PASS

??script:

????- docker build -f Dockerfile -t su6680/techtalk:$TAG .

????- docker push su6680/techtalk:$TAG

????- apk add git

????- eval $(ssh-agent -s)

????- echo "$SSH_KEY" | tr -d '\r' | ssh-add -

????- mkdir -p ~/.ssh

????- chmod 700 ~/.ssh

????- ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts

????- git clone [email protected]:test7474/k8s-manifest.git

????- sed -i "s/su6680\/techtalk:.*/su6680\/techtalk:${TAG}/g" k8s-manifest/tech-app/deployment.yaml

????- cd k8s-manifest/tech-app/

????- git config --global user.email "[email protected]"

????- git config --global user.name "sunil"

????- git add .

????- git commit -m "Modifying image tag to build number ${TAG}"

????- git push origin main

Create the application on ArgoCD Web Console.

1. Go to ArgoCD WebConsole > Click on + NEW APP.
2. Under the General Section in the Application Name field, enter the application name of your choice.
3. For Project, select default.
4. Set SYNC POLICY to Automatic.
5. Under the SOURCE section, mention the Repository URL of the manifest file. In the Path section, mention the path of the YAML files.
6. Under DESTINATION, select Cluster URL? default https://kubernetes.default.svc .
7. Enter default in the Namespace field.
8. Click CREATE.

Follow us on our?LinkedIn Page . To know more about our services, visit our?website .

REFERENCE LINK

1. https://github.com/devxp-tech/gitops
2. https://argo-cd.readthedocs.io/en/stable/getting_started/