快速开始

简要概述

基于 gitops 理念管理 k8s 资源。

安装部署

见:github.com/opsaid/manifests/addons/argo-cd

创建 APP

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: demo-apilogin-v1
  namespace: argocd
spec:
  destination:
    namespace: default
    server: 'https://kubernetes.default.svc'
  source:
    path: deploy/kubernetes/dev
    repoURL: 'https://github.com/mingqing/apilogin.git'
    targetRevision: HEAD
    kustomize:
      namespace: default
  sources: []
  project: default
  syncPolicy:
    automated: null

加入集群

目标集群添加权限

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: argocd-manager
  namespace: kube-system

---
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
  name: argocd-manager
  namespace: kube-system
  annotations:
    kubernetes.io/service-account.name: argocd-manager

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: argocd-manager-role
rules:
- apiGroups:
  - '*'
  resources:
  - '*'
  verbs:
  - '*'
- nonResourceURLs:
  - '*'
  verbs:
  - '*'

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: argocd-manager-role-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: argocd-manager-role
subjects:
- kind: ServiceAccount
  name: argocd-manager
  namespace: kube-system

获取创建的 token

kubectl describe secret argocd-manager -n kube-system

生成 argocd config

{
  "bearerToken": "{argocd-manager token}",
  "tlsClientConfig": {
    "insecure": true
  }
}
cat a.txt | base64
apiVersion: v1
kind: Secret
metadata:
  labels:
    argocd.argoproj.io/secret-type: cluster
  name: cluster-c2.k8s.173ops.com
  namespace: argocd
type: Opaque
data:
  config: {base64 config}
  name: YzIuazhzLjE3M29wcy5jb20=
  server: aHR0cHM6Ly9jMi5rOHMuMTczb3BzLmNvbTo2NDQz



最后修改 2024.09.05: chore: update argo workflow (e20d5d1)