前言Argo CD是一款基于 kubernetes 的声明式的Gitops 持续部署工具。
- 应用程序定义、配置和环境都是声明式的,并受版本控制
- 应用程序部署和生命周期管理都是自动化的、可审计的,并且易于理解。
本文使用 ArgoCD + Kustomize 实现自动化部署Kubernetes工作流。
## 本文同步发表于知乎https://zhuanlan.zhihu.com/p/584881969
安装Argo CD
kubectl create namespace argocdkubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
命令行工具 Argo CD CLIMacOS 安装
brew install argocd
访问 Argo CDOption 1: Service Type Load BalancerYou can change Service Type to Load Balancer
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'
Option 2:(Recommend) 使用 Gateway1. 使用Ingress-nginx可参考云原生之旅 – 8)云原生时代的网关 Ingress Nginx
# Ingress-Nginx installed first---apiVersion: networking.k8s.io/v1kind: Ingressmetadata: annotations: ingress.kubernetes.io/force-ssl-redirect: "true" ingress.kubernetes.io/ssl-redirect: "true" kubernetes.io/ingress.class: nginx # If you encounter a redirect loop or are getting a 307 response code # then you need to force the nginx ingress to connect to the backend using HTTPS. nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" # argocd backend using HTTPS # face to internet, recommend update to restrict access nginx.ingress.kubernetes.io/whitelist-source-range: | 0.0.0.0/0 name: ingress-argocd namespace: dmzspec: rules: - host: argocd.wadexu.cloud http: paths: - backend: service: name: argocd-ext-svc port: number: 8080 path: / pathType: Prefix tls: - hosts: - argocd.wadexu.cloud secretName: tls-secret---# add externalName type svc in dmz namespace, so that Ingress (in dmz) can point to this svc in argocd nsapiVersion: v1kind: Servicemetadata: name: argocd-ext-svc namespace: dmzspec: type: ExternalName externalName: argocd-server.argocd.svc.cluster.local ports: - name: http port: 8080 targetPort: 80 protocol: TCP selector: app.kubernetes.io/name: argocd-server
argocd_ingress.yaml
2. 使用Emissary参考云原生之旅 – 9)云原生时代网关的后起之秀Envoy Proxy 和基于Envoy 的 Emissary Ingress
Option 3:端口转发运行下面命令然后本地浏览器访问 `https://localhost:8080`
kubectl port-forward svc/argocd-server -n argocd 8080:443
The initial password for the admin account is auto-generated and stored as clear text in the field password in a secret named argocd-initial-admin-secret in your Argo CD installation namespace. You can simply retrieve this password using kubectl
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo
域名取决于你在gateway里面的配置,Login now
argocd login https://argocd.wadexu.cloud
如果是端口转发,参考如下命令
kubectl port-forward svc/argocd-server -n argocd 8080:443argocd login https://localhost:8080 --username admin --password
更改密码
argocd account update-password
注册 external Cluster(Optional) 这一步是为了deploy到到外部的cluster,如果仅仅deploy到和Argo CD一起的cluster 则使用https://kubernetes.default.svc
# list contextkubectxargocd cluster add xxx_context
创建 ApplicationCreating Apps Via CLI
kubectl config set-context --current --namespace=argocdargocd app create my-app --repo https://github.com/wadexu007/learning_by_doing.git --path Kustomize/demo-manifests/services/demo-app/dev --dest-server https://kubernetes.default.svc --dest-namespace demo
Sync (Deploy) ApplicationSyncing via CLI
argocd app get my-appargocd app sync my-app
通过UI 创建和Sync Application 也非常简单。详见官方文档。
## 本文同步发表于知乎https://zhuanlan.zhihu.com/p/584881969
更多Argo CD supports several different ways in which Kubernetes manifests can be defined:
- Kustomize applications (我的例子)
- Helm charts
- A directory of YAML/JSON/Jsonnet manifests, including Jsonnet.
- Any custom config management tool configured as a config management plugin
感谢阅读,如果您觉得本文的内容对您的学习有所帮助,您可以打赏和推荐,您的鼓励是我创作的动力。 Learning by Doing