Failed sync attempt to 2.1.0: one or more objects failed to apply, reason: Deployment.apps "reloader-reloader" is invalid: spec.template.metadata.labels: Invalid value: map[string]string{"app.kubernetes.io/instance":"reloader", "app.kubernetes.io/managed-by":"Helm", "app.kubernetes.io/name":"reloader", "app.kubernetes.io/version":"v1.4.0", "group":"com.stakater.platform", "helm.sh/chart":"reloader-2.1.0", "provider":"stakater", "version":"v1.4.0"}: `selector` does not match template `labels` (retried 5 times). This reverts commit db1f33df6d28da34a973678ff576032a445dd39f.
Most applications in our Kubernetes cluster are managed by ArgoCD. Most notably operators are NOT managed by ArgoCD.
Managing applications
Update apps (see TODO below):
for j in asterisk bind camtiler etherpad freescout gitea grafana hackerspace nextcloud nyancat rosdump traefik wiki wildduck woodpecker; do
cat << EOF >> applications/$j.yaml
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: $j
namespace: argocd
annotations:
# Works with only Kustomize and Helm. Kustomize is easy, see https://github.com/argoproj-labs/argocd-image-updater/tree/master/manifests/base for an example.
argocd-image-updater.argoproj.io/image-list: TODO:^2 # semver 2.*.*
argocd-image-updater.argoproj.io/write-back-method: git
spec:
project: k-space.ee
source:
repoURL: 'git@git.k-space.ee:k-space/kube.git'
path: $j
targetRevision: HEAD
destination:
server: 'https://kubernetes.default.svc'
namespace: $j
syncPolicy:
automated:
prune: true
syncOptions:
- CreateNamespace=true
EOF
done
find applications -name "*.yaml" -exec kubectl apply -n argocd -f {} \;
Repository secrets
- Generate keys locally with
ssh-keygen -f argo
- Add
argo.pub
ingit.k-space.ee/<your>/<repo>
→ Settings → Deploy keys - Add
argo
(private key) at https://argocd.k-space.ee/settings/repos along with referenced repo.
Argo Deployment
To deploy ArgoCD itself:
helm repo add argo-cd https://argoproj.github.io/argo-helm
kubectl create secret -n argocd generic argocd-secret # Empty secret for sessions
helm template -n argocd --release-name k6 argo-cd/argo-cd --include-crds -f values.yaml > argocd.yml
kubectl apply -f argocd.yml -f application-extras.yml -f redis.yaml -f monitoring.yml -n argocd
kubectl label -n argocd secret oidc-client-argocd-owner-secrets app.kubernetes.io/part-of=argocd
kubectl -n argocd rollout restart deployment/k6-argocd-redis deployment/k6-argocd-repo-server deployment/k6-argocd-server deployment/k6-argocd-notifications-controller statefulset/k6-argocd-application-controller