创建 ns argocd

# kubectl create namespace argocd

namespace/argocd created

安装 argocd

# kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.9.3/manifests/ha/install.yaml

customresourcedefinition.apiextensions.k8s.io/applications.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/applicationsets.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
serviceaccount/argocd-application-controller created
serviceaccount/argocd-applicationset-controller created
serviceaccount/argocd-dex-server created
serviceaccount/argocd-notifications-controller created
serviceaccount/argocd-redis-ha created
serviceaccount/argocd-redis-ha-haproxy created
serviceaccount/argocd-repo-server created
serviceaccount/argocd-server created
role.rbac.authorization.k8s.io/argocd-application-controller created
role.rbac.authorization.k8s.io/argocd-applicationset-controller created
role.rbac.authorization.k8s.io/argocd-dex-server created
role.rbac.authorization.k8s.io/argocd-notifications-controller created
role.rbac.authorization.k8s.io/argocd-redis-ha created
role.rbac.authorization.k8s.io/argocd-redis-ha-haproxy created
role.rbac.authorization.k8s.io/argocd-server created
clusterrole.rbac.authorization.k8s.io/argocd-application-controller created
clusterrole.rbac.authorization.k8s.io/argocd-server created
rolebinding.rbac.authorization.k8s.io/argocd-application-controller created
rolebinding.rbac.authorization.k8s.io/argocd-applicationset-controller created
rolebinding.rbac.authorization.k8s.io/argocd-dex-server created
rolebinding.rbac.authorization.k8s.io/argocd-notifications-controller created
rolebinding.rbac.authorization.k8s.io/argocd-redis-ha created
rolebinding.rbac.authorization.k8s.io/argocd-redis-ha-haproxy created
rolebinding.rbac.authorization.k8s.io/argocd-server created
clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller created
clusterrolebinding.rbac.authorization.k8s.io/argocd-server created
configmap/argocd-cm created
configmap/argocd-cmd-params-cm created
configmap/argocd-gpg-keys-cm created
configmap/argocd-notifications-cm created
configmap/argocd-rbac-cm created
configmap/argocd-redis-ha-configmap created
configmap/argocd-redis-ha-health-configmap created
configmap/argocd-ssh-known-hosts-cm created
configmap/argocd-tls-certs-cm created
secret/argocd-notifications-secret created
secret/argocd-secret created
service/argocd-applicationset-controller created
service/argocd-dex-server created
service/argocd-metrics created
service/argocd-notifications-controller-metrics created
service/argocd-redis-ha created
service/argocd-redis-ha-announce-0 created
service/argocd-redis-ha-announce-1 created
service/argocd-redis-ha-announce-2 created
service/argocd-redis-ha-haproxy created
service/argocd-repo-server created
service/argocd-server created
service/argocd-server-metrics created
deployment.apps/argocd-applicationset-controller created
deployment.apps/argocd-dex-server created
deployment.apps/argocd-notifications-controller created
deployment.apps/argocd-redis-ha-haproxy created
deployment.apps/argocd-repo-server created
deployment.apps/argocd-server created
statefulset.apps/argocd-application-controller created
statefulset.apps/argocd-redis-ha-server created
networkpolicy.networking.k8s.io/argocd-application-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-applicationset-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-dex-server-network-policy created
networkpolicy.networking.k8s.io/argocd-notifications-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-redis-ha-proxy-network-policy created
networkpolicy.networking.k8s.io/argocd-redis-ha-server-network-policy created
networkpolicy.networking.k8s.io/argocd-repo-server-network-policy created
networkpolicy.networking.k8s.io/argocd-server-network-policy created

查看 pod 信息

# kubectl get pods -n argocd

NAME                                               READY   STATUS    RESTARTS   AGE
argocd-application-controller-0                    1/1     Running   0          19m
argocd-applicationset-controller-5f975ff5-fjjz5    1/1     Running   0          20m
argocd-dex-server-7bb445db59-vnm8w                 1/1     Running   0          20m
argocd-notifications-controller-566465df76-tm8j9   1/1     Running   0          20m
argocd-redis-ha-haproxy-7b898b954b-d95wf           1/1     Running   0          20m
argocd-redis-ha-haproxy-7b898b954b-gqg6l           1/1     Running   0          20m
argocd-redis-ha-haproxy-7b898b954b-hgbnb           1/1     Running   0          20m
argocd-redis-ha-server-0                           3/3     Running   0          19m
argocd-redis-ha-server-1                           3/3     Running   0          15m
argocd-redis-ha-server-2                           3/3     Running   0          13m
argocd-repo-server-56f754cbb7-c5bvn                1/1     Running   0          20m
argocd-repo-server-56f754cbb7-gjv8t                1/1     Running   0          20m
argocd-server-c9d5dbdb6-676ns                      1/1     Running   0          20m
argocd-server-c9d5dbdb6-zdl4m                      1/1     Running   0          20m

查看 svc 

# kubectl get svc -n argocd

NAME                                      TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
argocd-applicationset-controller          ClusterIP   10.100.236.115   <none>        7000/TCP,8080/TCP            21m
argocd-dex-server                         ClusterIP   10.100.188.12    <none>        5556/TCP,5557/TCP,5558/TCP   21m
argocd-metrics                            ClusterIP   10.100.22.127    <none>        8082/TCP                     21m
argocd-notifications-controller-metrics   ClusterIP   10.100.61.49     <none>        9001/TCP                     21m
argocd-redis-ha                           ClusterIP   None             <none>        6379/TCP,26379/TCP           21m
argocd-redis-ha-announce-0                ClusterIP   10.100.62.64     <none>        6379/TCP,26379/TCP           21m
argocd-redis-ha-announce-1                ClusterIP   10.100.69.120    <none>        6379/TCP,26379/TCP           21m
argocd-redis-ha-announce-2                ClusterIP   10.100.202.175   <none>        6379/TCP,26379/TCP           21m
argocd-redis-ha-haproxy                   ClusterIP   10.100.74.249    <none>        6379/TCP,9101/TCP            21m
argocd-repo-server                        ClusterIP   10.100.19.66     <none>        8081/TCP,8084/TCP            21m
argocd-server                             ClusterIP   10.100.243.80    <none>        80/TCP,443/TCP               21m
argocd-server-metrics                     ClusterIP   10.100.177.201   <none>        8083/TCP                     21m

查看 CRD

# kubectl api-resources |grep argo

applications                      app,apps                                        argoproj.io/v1alpha1                           true         Application
applicationsets                   appset,appsets                                  argoproj.io/v1alpha1                           true         ApplicationSet
appprojects                       appproj,appprojs                                argoproj.io/v1alpha1                           true         AppProject

暴露 argocd-server

argocd-dashboard-virtualservice.yaml

apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
  name: argocd-dashboard-gateway
  namespace: istio-system
spec:
  selector:
    app: istio-ingressgateway
  servers:
    - hosts:
        - "argocd.wgs.com"
      port:
        number: 80
        name: http
        protocol: HTTP
      tls:
        httpsRedirect: true
    - hosts:
        - "argocd.wgs.com"
      port:
        number: 443
        name: https
        protocol: HTTPS
      tls:
        mode: PASSTHROUGH
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: argocd-dashboard-virtualservice
  namespace: argocd
spec:
  hosts:
  - "argocd.wgs.com"
  gateways:
  - istio-system/argocd-dashboard-gateway
  tls:
  - match:
    - port: 443
      sniHosts:
      - argocd.wgs.com
    route:
    - destination:
        host: argocd-server
        port:
          number: 443

创建 vs

gateway.networking.istio.io/argocd-dashboard-gateway created
virtualservice.networking.istio.io/argocd-dashboard-virtualservice created

查看 vs

# kubectl get vs -n argocd

NAME                              GATEWAYS                                    HOSTS                AGE
argocd-dashboard-virtualservice   ["istio-system/argocd-dashboard-gateway"]   ["argocd.wgs.com"]   5m46s

查看 Istio svc

# kubectl get svc -n istio-system

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP       PORT(S)                                      AGE
istio-egressgateway     ClusterIP      10.100.156.22    <none>            80/TCP,443/TCP                               24d
istio-ingressgateway    LoadBalancer   10.100.148.114   192.168.174.249   15021:31031/TCP,80:31283/TCP,443:30741/TCP   25d
istiod                  ClusterIP      10.100.158.79    <none>            15010/TCP,15012/TCP,443/TCP,15014/TCP        25d
knative-local-gateway   ClusterIP      10.100.169.65    <none>            80/TCP                                       23d

添加hosts

# echo "192.168.174.249 argocd.wgs.com" >> hosts

部署 argocd CLI

curl -sSL -o argocd-linux-amd64 https://github.com/argoproj/argo-cd/releases/download/v2.9.3/argocd-linux-amd64
sudo install -m 555 argocd-linux-amd64 /usr/local/bin/argocd
rm argocd-linux-amd64

使用 CLI 登录

admin帐户的初始密码是自动生成的，并以明文形式存储在 Argo CD 安装命名空间中名为 argocd-initial-admin-secret 的secret中。

获取初始密码

# argocd admin initial-password -n argocd

JoOpha6ShfmVpt4-

 This password must be only used for first time login. We strongly recommend you update the password using `argocd account update-password`.

登录 argocd

# argocd login 10.100.123.2      # argocd-server svc 地址

WARNING: server certificate had error: tls: failed to verify certificate: x509: cannot validate certificate for 10.100.123.2 because it doesn't contain any IP SANs. Proceed insecurely (y/n)? y
Username: admin
Password: 
'admin:login' logged in successfully
Context '10.100.123.2' updated

更新 argocd 密码

# argocd account update-password

*** Enter password of currently logged in user (admin): 
*** Enter new password for user admin: 
*** Confirm new password for user admin: 
Password updated
Context '10.100.123.2' updated

Argocd dashboard

访问 argocd dashboard

https://argocd.wgs.com

参考文档

https://argo-cd.readthedocs.io/en/stable/getting_started/

本栏目推荐文章
• 软件架构实践 V2：第二章
• argo-rollout使用--金丝雀部署
• go-carbon v2.3.5 发布，轻量级、语义化、对开发者友好的 golang 时间处理库
• 聊聊ChatGLM中P-tuning v2的应用
• Argo-rollout使用--蓝绿和金丝雀发布
• cd
• opensuse修改cgroup到v2
• AP5127 DC-DC降压恒流IC 12-24V 9V2A 40珠双色LED车灯方案
• 世微AP3464同步降压恒压IC 4-30V2.4A输出车充专用驱动芯片
• 动手学深度学习v2：数据操作+数据预处理

Argo 9.3 CD v2argo 9.3 cd v2 argo cd argo apps app cd project argo cd 基础argo cd applicationset argo cd 消息argo cd 9.3 内核windows结构9.3 argo