Setup ArgoCD on Azure Kubernetes Services

FoxuTech
5 min readMay 15, 2022

--

As we have seen recent adaptation to new concept are very quick and also it helps to simplifies lot of complex or manual works. Like wise we have seen the changes from monolithic to microservices which introduced with containers and then we got best container orchestration tool called Kubernetes. Which growing like anything on all the places, part of that, for still further simplification of ops works and deployment section, recently GitOps growing faster among enterprises.

You may ask what is GitOps: “GitOps is an operating model pattern for cloud-native applications & Kubernetes storing application & declarative infrastructure code in Git as the source of truth used for automated continuous delivery.” GitOps keep Git at the centre of continuous delivery making git the Source of Truth describing the desired state of your entire system. You can read more about GitOps on our recent post for better understanding. https://foxutech.com/lets-understand-about-gitops/

As mentioned in the GitOps post, one the secure way for GitOps deployment is pull based, in the pull-based deployments “operator” is key tool. Operators are nothing but software agents that continuously monitor the apps running on the Kubernetes and compares the live state of the apps with desired state defined on the Git repository. These GitOps Operators ensure the desired state is in place on your Kubernetes clusters performing create, update, delete activities on your Kubernetes clusters as needed. To achieve this, we may need some solution tool for that, as like FluxCD or ArgoCD.

In this post we are going to see about ArgoCD, like what is that and how to install, configure and manage it. Please be noted, we are using AKS to install the ArgoCD.

What is ArgoCD?

Argo CD is a tool which will read your environment configuration (written either as a helm chart, kustomize files, jsonnet or plain yaml files) from your git repository and apply it to your Kubernetes namespaces. Some of the features of Argo CD are: declarative and version-controlled application deployments.

Argo CD automates the deployment of the desired application states in the specified target environments. Application deployments can track updates to branches, tags, or pinned to a specific version of manifests at a Git commit.

Prerequisites

Deploy ArgoCD on AKS

Before starting we should create a dedicated namespace, let’s create a namespace for Argo CD to deploy all of its components.

# kubectl create namespace argocd

Now we can install Argo CD in argocd namespace we created. This is quite simple; we can use Argo CD’s GitHub repository for the latest Argo CD operator. Use the below command to deploy it.

# kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yamlOutput: 
customresourcedefinition.apiextensions.k8s.io/applications.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/applicationsets.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
serviceaccount/argocd-application-controller created
serviceaccount/argocd-applicationset-controller created
serviceaccount/argocd-dex-server created
serviceaccount/argocd-notifications-controller created
serviceaccount/argocd-redis created
serviceaccount/argocd-server created
role.rbac.authorization.k8s.io/argocd-application-controller created
role.rbac.authorization.k8s.io/argocd-applicationset-controller created
role.rbac.authorization.k8s.io/argocd-dex-server created
role.rbac.authorization.k8s.io/argocd-notifications-controller created
role.rbac.authorization.k8s.io/argocd-server created
clusterrole.rbac.authorization.k8s.io/argocd-application-controller created
clusterrole.rbac.authorization.k8s.io/argocd-server created
rolebinding.rbac.authorization.k8s.io/argocd-application-controller created
rolebinding.rbac.authorization.k8s.io/argocd-applicationset-controller created
rolebinding.rbac.authorization.k8s.io/argocd-dex-server created
rolebinding.rbac.authorization.k8s.io/argocd-notifications-controller created
rolebinding.rbac.authorization.k8s.io/argocd-redis created
rolebinding.rbac.authorization.k8s.io/argocd-server created
clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller created
clusterrolebinding.rbac.authorization.k8s.io/argocd-server created
configmap/argocd-cm created
configmap/argocd-cmd-params-cm created
configmap/argocd-gpg-keys-cm created
configmap/argocd-notifications-cm created
configmap/argocd-rbac-cm created
configmap/argocd-ssh-known-hosts-cm created
configmap/argocd-tls-certs-cm created
secret/argocd-notifications-secret created
secret/argocd-secret created
service/argocd-applicationset-controller created
service/argocd-dex-server created
service/argocd-metrics created
service/argocd-notifications-controller-metrics created
service/argocd-redis created
service/argocd-repo-server created
service/argocd-server created
service/argocd-server-metrics created
deployment.apps/argocd-applicationset-controller created
deployment.apps/argocd-dex-server created
deployment.apps/argocd-notifications-controller created
deployment.apps/argocd-redis created
deployment.apps/argocd-repo-server created
deployment.apps/argocd-server created
statefulset.apps/argocd-application-controller created
networkpolicy.networking.k8s.io/argocd-application-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-dex-server-network-policy created
networkpolicy.networking.k8s.io/argocd-redis-network-policy created
networkpolicy.networking.k8s.io/argocd-repo-server-network-policy created
networkpolicy.networking.k8s.io/argocd-server-network-policy created

Once all completed, you can list all the resources created in argocd namespace.

Access The Argo CD API Server

By default, the Argo CD API server is not exposed with an external IP. To access the API server, choose one of the following techniques to expose the Argo CD API server:

Service Type Load Balancer

Change the argocd-server service type to LoadBalancer:

# kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'

Now you will be able to see that the argocd-server service type has been changed to a LoadBalancer type. This means that it now has a public Azure load balancer attached to it with an external IP.

# kubectl get svc -n argocd

NOTE: This is not recommended in production environments. Only use in a lab or dev environment. In production environments, it is recommended to use an ingress for the Argo CD API server that is secured.

Ingress

Follow the ingress documentation on how to configure Argo CD with ingress.

Login Using The CLI

The initial password for the admin account is auto-generated and stored as clear text in the field password in a secret named argocd-initial-admin-secret in your Argo CD installation namespace. You can simply retrieve this password using kubectl:

# kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo

Warning

You should delete the argocd-initial-admin-secret from the Argo CD namespace once you changed the password. The secret serves no other purpose than to store the initially generated password in clear and can safely be deleted at any time. It will be re-created on demand by Argo CD if a new admin password must be re-generated.

Using the username admin and the password from above, login to Argo CD’s IP or hostname:

To install argoCD, please use following command,

# curl -sSL -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64 
# chmod +x /usr/local/bin/argocd
# argocd login <ARGOCD_SERVER>

That’s it for now! we have Argo CD deployed on your AKS cluster. In coming posts will see how to deploy a app using argoCD and also how to integrate with GIT repository.

--

--

FoxuTech

Discuss about #Linux, #DevOps, #Docker, #kubernetes, #HowTo’s, #cloud & IT technologies like #argocd #crossplane #azure https://foxutech.com/