Yesterday a new article titled “Build and deploy apps on AKS using DevOps and GitOps” was published. This is an article I was working on for a while and it is the first item of work that I can share publicly since joining Microsoft. I am working on many other things I can’t share publicly at the moment. :-)!
The article is a part of the Azure Architecture Center. This article is about modernizing end-to-end app build and deploy using containers, continuous integration (CI) via GitHub Actions for build and push to an Azure Container Registry, as well as GitOps via Argo CD for continuous deployment (CD) to an AKS cluster.
The article explores deploying a Python and Flask based app via two CI/CD approaches push-based and pull-based (GitOps). It is complete with a pros and cons comparison of both approaches and architecture diagrams for each that you can download. Here is a screenshot of the pull-based (GitOps) architecture:
The technologies used in this article and scenario include:
Argo CD has something called the Application reconciliation timeout. This is how often your applications will sync from Argo CD to the Git repository. It looks for changes and when it sees changes it will then apply the desired state from the repo to the Kubernetes (K8s) cluster. By default the timeout period is set to 3 minutes. This is set in the General Argo CD configuration.
The General Argo CD configuration is set in the argocd-cm ConfigMap. And the argocd-cm ConfigMap is deployed in the argocd namespace.
You can view what is currently set by running the following kubectl command on your K8s cluster that is running your Argo CD instance:
kubectl describe configmaps argocd-cm -n argocd
The output will look like the following:
You can also see that the argocd-cm Data is empty by running kubectl get configmaps -n argocd or if you are using AKS navigate to ConfigMaps in the Azure portal like in the following screenshot.
Most Argo CD instances are running the default settings for its configurations. The argocd-server component reads and writes to the argocd-cm ConfigMap and other Argo configuration ConfigMaps based on admin user interactions with the Argo CD web UI or the Argo CD CLI. It is normal for it to be empty with Data at 0 if you have not changed any defaults or set anything directly in the ConfigMap yet.
To change the Application reconciliation timeout you need to do the following:
The Application reconciliation timeout can be found on line 283 “timeout.reconciliation: 180s”.
Change “180s” to whatever number you want to change it to i.e. change to “60s” to reduce the sync internal to 1 minute.
Remove all of the other settings in the file except for the Application reconciliation timeout. The file should look like this:
# Application reconciliation timeout is the max amount of time required to discover if a new manifests version got
# published to the repository. Reconciliation by timeout is disabled if timeout is set to 0. Three minutes by default.
# > Note: argocd-repo-server deployment must be manually restarted after changing the setting.
5. Save the file.
6. Connect to the Kubernetes cluster that is running Argo CD and apply the argocd-cm ConfigMap file you just updated by running the following:
kubectl apply -f argocd-cm.yaml -n argocd
7. Run the following to verify the update was applied:
kubectl describe configmaps argocd-cm -n argocd
You should also notice at least 1 is listed under Data for the ConfigMap now.
8. It is a good practice to redeploy the argocd-repo-server after updating the argocd-cm ConfgigMap. You can redeploy the argocd-repo-server by running the following:
Recently Codefresh launched the 1st certification in its GitOps certification path. This one is called “GitOps Fundamentals“. You can find it here: https://codefresh.learnworlds.com .
It takes you through the basics of GitOps to gain theoretical knowledge, and how to utilize Argo CD as the GitOps operator to gain hands-on knowledge. You will learn about both and will have questions on both in the quizzes and final exam.
They also touch on Argo Rollouts to go over Progressive Delivery with topics such as blue/green deployments and canary deployments. This is the 1st ever GitOps certification and it’s free! They do have plans for GitOps at Edge and GitOps at Scale certifications.
I jumped all over this opportunity to get certified on GitOps, by signing up for the course, taking the training, and the exam! I passed and now I am GitOps certified.
Here is the certification:
GitOps is gaining adoption more and more every day in the Kubernetes space. Also, Argo CD is growing extremely fast as one of the top if not the top GitOps operator. I recommend you check this Codefresh GitOps certification out and get GitOps certified as this pattern and the technology behind it are growing at a super fast rate.
Also note, it looks like Weaveworks is planning to launch a “Certified GitOps Practitioner (CGP)” certification soon. I would guess the Weaveworks GitOps certification will contain content on Flux another GitOps operator. You can learn more about their coming GitOps certification here: https://www.weave.works/certified-gitops-practitioner
Also for more training on GitOps and Argo CD be sure to check out my GitOps and Argo CD courses on Pluralsight here:
This was a fun podcast with Jez Ward, and Dave Chapman of Cloudreach. They run a podcast called Cloudbusting. On the podcast they focus on transformation, leadership, ways of working and emerging technology they explore the significant impact that cloud is having on people and businesses.
On this podcast episode, we set out to answer very important questions such as what are Jucy Lucy’s?, what are root Canals like today? oh, and yeah we also spend some time talking about what Containers, Kubernetes, & GitOps are and how they fit in the cloud.
Argo CD is a GitOps operator and the goal of it is to be able to deploy apps to Kubernetes. In the majority of cases, we want to use Argo CD to deploy apps to many clusters.
Argo CD itself is deployed as a set of pods on a Kubernetes cluster. By default with an Argo CD deployment, the cluster it is running on is set as “in-cluster” (https://kubernetes.default.svc). When apps are configured for deployment a Kubernetes Cluster under Destination is required. They can be deployed to either the “in-cluster” K8s cluster or an external K8s cluster.
In order to deploy apps to an external Kubernetes cluster, you will need to register an external K8s cluster with Argo CD.
If you want to see the clusters you have registered with your Argo CD one way is through the web UI. Once you log in navigate to Settings and then Clusters to see them.
You can also see the clusters you have in the Argo CD CLI. To use the Argo CD CLI you need to log into the Argo CD API Server as shown in the following screenshot.
To see what clusters are registered from the CLI you can run
argocd cluster list
You will notice that you will only see the In-Cluster K8s cluster until you add an external one. Also, note that you are not able to register a new K8 cluster in the Argo CD web UI. You can only register a new K8s cluster from the Argo CD CLI. Within the Argo CD web UI you can delete the default in-cluster K8s cluster. This is not recommended.
If you click on the In-Cluster K8s cluster you can modify some settings of the in-cluster K8s cluster in the Argo CD web UI such as the name of it and its namespace. Not useful when you want to have more control over the settings around the K8s cluster you will be deploying apps to.
In my example, my Azure subscription has two AKS clusters. You can see this in the following screenshot. The arriving-gelding-k8s cluster is my In-Cluster object in Argo CD. The selected-worm-k8s is not my In-Cluster so I want to add this one to my Argo CD.
To add the new external cluster run use the following steps.
Step 1: Add your target K8s cluster to ArgoCD via the context in your kubectl config.
-For AKS you can simply log into your Azure subscription from VS Code on your computer and then run
az aks get-credentials –resource-group RGNAME –name AKSCLUSTERNAME
This will add the context for your AKS cluster to your kubeconfig file.
In my last post on Argo CD with AKS, I mentioned the next post would explore deploying an app via Argo CD. Well, in this post we are going to do just that. I am going to walk through deploying an app from Argo CD to AKS. Note this same process would work for any Kubernetes cluster. This is not going to be a long post as the process is straightforward.
First of all, you can deploy an app from the Argo CD web UI or CLI. Ready your application in a Git-based repository. It does not matter what source control system you use for your repository as long as it is Git-based. You can use Azure DevOps, Gitlab, Bit Bucket etc. In my case I use GitHub. To deploy an app you need to point to a Git repository of either K8s manifest, Helm, or Kustomize. In this blog post I am going to keep it simple and use the Hello K8s app from Paul Bouwer. Ok, now let’s jump in.
Here are the steps for Deploying an App to Argo CD within the Web UI:
In the Argo CD web UI ensure you are on the Applications page
Click the + NEW APP button
Give the app the namehellok8s, use the project default (I used a dev project in my example), select Automatic for the sync policy, check AUTO-CREATE NAMESPACE
Yesterday my 12th course on Pluralsight was published! This course is “Getting Started with Argo CD“. In this course, you’ll learn the ins and outs of Argo CD a GitOps Operator tool, its core concepts, architecture, and how to use it with Kubernetes clusters so you can get started using it.
I am really excited about this course because it gave me a chance to continue sharing my GitOps and Kubernetes knowledge. You can view this course as a continuation of my “GitOps: The Big Picture” course. My GitOps course educates you on what GitOps is. This Argo CD course shows GitOps and a GitOps Operator in action!
Many organizations today have adopted cloud & Kubernetes. Organizations multiple production Kubernetes clusters online often across multiple clouds the complexity of management increases. GitOps has risen as a pattern used to reduce the complexity of managing Kubernetes clusters and cloud-native applications. Argo CD is a GitOps Operator that can help with the management of Kubernetes and deployment of applications to it. Some of the major topics that I covered in the Argo CD course include:
Argo CD’s core concepts and architecture.
An overview of Containers, Kubernetes, Helm, Kustomize, GitOps, and how these work with Argo CD.
What it takes to deploy and operate Argo CD including areas such as user management, secrets, webhooks, monitoring and more, as well as how to use the Argo CD API server, Web UI, and use its command line interface.
How to deploying and manage Applications with Argo CD.
This is my 1st course in the Kubernetes Tooling and Techniques path on Pluralsight. I am working on another course for this path. This path focuses on the additional tools and techniques that you can integrate with your Kubernetes operations to improve efficiency, scalability, and a whole host of other factors. There are some other great courses in the Kubernetes Tooling and Techniques path.
I hope you find value in this new Getting Started with Argo CD course. Be sure to follow my profile on Pluralsight so you will be notified as I release new courses including more GitOps related courses and a Rancher course in the Kubernetes Tooling and Techniques path!
As Kubernetes adoption continues to grow so does GitOps. GitOps has been increasing in adoption and popularity among enterprises at a fast rate as well. Here is what GitOps is: “GitOps is an operating model pattern for cloud-native applications & Kubernetes storing application & declarative infrastructure code in Git as the source of truth used for automated continuous delivery.” GitOps puts Git at the center of continuous delivery making git the Source of Truth describing the desired state of your entire system. For a deeper dive into GitOps check out my GitOps course on Pluralsight here: https://app.pluralsight.com/library/courses/gitops-the-big-picture
In the GitOps model, you need GitOps operators. GitOps Operators are software agents that continuously monitor your apps running on your Kubernetes clusters comparing the live state of your app against the desired state you have defined in your Git repository. These GitOps Operators ensure the desired state is in place on your Kubernetes clusters performing create, update, delete activities on your Kubernetes clusters as needed.
This is where Argo CD comes into the picture. Argo CD is one of the top GitOps Operators. It provides declarative, continuous delivery to your Kubernetes clusters. It was created by a team at Intuit in 2018 and later open-sourced. I am going to write a few blogs exploring the use of Argo CD with AKS. This will be the first of the series walking through the deployment of Argo CD to AKS. In the next post, we will deploy an app to Kubernetes using Argo CD and see where the topic goes from there. Now let’s dive into deploying Argo CD to AKS. Here are the steps:
You should end up with many objects in the Argo CD namespace.
By default, the Argo CD is not accessible externally. It is deployed with a service type of ClusterIP.
Leaving it at ClusterIP is fine but for the purposes of this blog/lab and getting started lets change this so we can easily access the ArgoCD Server website. # Change the argocd-server service type to LoadBalancer. To do this run the following:
Now you will be able to see that the argocd-server service type has been changed to a LoadBalancer type. This means that it now has a public Azure load balancer attached to it with an external IP.
NOTE: This is not recommended in production environments. Only use in a lab or dev environment. In production environments, it is recommended to use an ingress for the Argo CD API server that is secured.
Argo CD auto generated a password during the deployment. We need to get the Argo CD password so we can log into it. To get the password run the following: