forked from k-space/kube
57 lines
2.1 KiB
Markdown
57 lines
2.1 KiB
Markdown
Most applications in our Kubernetes cluster are managed by ArgoCD.
|
|
Most notably operators are NOT managed by ArgoCD.
|
|
|
|
## Managing applications
|
|
Update apps (see TODO below):
|
|
|
|
```
|
|
for j in asterisk bind camtiler etherpad freescout gitea grafana hackerspace nextcloud nyancat rosdump traefik wiki wildduck woodpecker; do
|
|
cat << EOF >> applications/$j.yaml
|
|
---
|
|
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: $j
|
|
namespace: argocd
|
|
annotations:
|
|
# Works with only Kustomize and Helm. Kustomize is easy, see https://github.com/argoproj-labs/argocd-image-updater/tree/master/manifests/base for an example.
|
|
argocd-image-updater.argoproj.io/image-list: TODO:^2 # semver 2.*.*
|
|
argocd-image-updater.argoproj.io/write-back-method: git
|
|
spec:
|
|
project: k-space.ee
|
|
source:
|
|
repoURL: 'git@git.k-space.ee:k-space/kube.git'
|
|
path: $j
|
|
targetRevision: HEAD
|
|
destination:
|
|
server: 'https://kubernetes.default.svc'
|
|
namespace: $j
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
syncOptions:
|
|
- CreateNamespace=true
|
|
EOF
|
|
done
|
|
find applications -name "*.yaml" -exec kubectl apply -n argocd -f {} \;
|
|
```
|
|
|
|
### Repository secrets
|
|
1. Generate keys locally with `ssh-keygen -f argo`
|
|
2. Add `argo.pub` in `git.k-space.ee/<your>/<repo>` → Settings → Deploy keys
|
|
3. Add `argo` (private key) at https://argocd.k-space.ee/settings/repos along with referenced repo.
|
|
|
|
## Argo Deployment
|
|
To deploy ArgoCD itself:
|
|
|
|
```bash
|
|
helm repo add argo-cd https://argoproj.github.io/argo-helm
|
|
kubectl create secret -n argocd generic argocd-secret # Empty secret for sessions
|
|
|
|
helm template -n argocd --release-name k6 argo-cd/argo-cd --include-crds -f values.yaml > argocd.yml
|
|
kubectl apply -f argocd.yml -f application-extras.yml -f redis.yaml -f monitoring.yml -n argocd
|
|
kubectl label -n argocd secret oidc-client-argocd-owner-secrets app.kubernetes.io/part-of=argocd
|
|
|
|
kubectl -n argocd rollout restart deployment/k6-argocd-redis deployment/k6-argocd-repo-server deployment/k6-argocd-server deployment/k6-argocd-notifications-controller statefulset/k6-argocd-application-controller
|
|
```
|