AZURE HEROES
  • Home-Updates
  • Blog
    • Azure Blog
    • Azure Heroes Events >
      • Azure Heroes Sessions #1
      • Azure Heroes Sessions #2
      • Azure Heroes Sessions #3
      • Azure Heroes Sessions #4
      • Azure Heroes Sessions #5
      • Azure Heroes Sessions #6
      • Azure Heroes Sessions #7
  • Who We Are!
  • eBooks
  • Azure All In One!
    • Azure Disk & Storage
    • Azure Network
    • Azure VPN
    • Azure VMs
  • Free Azure Support!
  • Contact Us
  • Events
    • Beginners Event
    • Developers Event
    • Special Event
    • Azure Workshop #4
    • Azure Workshop #5
    • Azure Workshop #6
    • Azure Workshop #7
    • Azure Workshop #8
    • Upcoming Events
  • Registration Form
  • Privacy Policy
  • Home-Updates
  • Blog
    • Azure Blog
    • Azure Heroes Events >
      • Azure Heroes Sessions #1
      • Azure Heroes Sessions #2
      • Azure Heroes Sessions #3
      • Azure Heroes Sessions #4
      • Azure Heroes Sessions #5
      • Azure Heroes Sessions #6
      • Azure Heroes Sessions #7
  • Who We Are!
  • eBooks
  • Azure All In One!
    • Azure Disk & Storage
    • Azure Network
    • Azure VPN
    • Azure VMs
  • Free Azure Support!
  • Contact Us
  • Events
    • Beginners Event
    • Developers Event
    • Special Event
    • Azure Workshop #4
    • Azure Workshop #5
    • Azure Workshop #6
    • Azure Workshop #7
    • Azure Workshop #8
    • Upcoming Events
  • Registration Form
  • Privacy Policy

GitOps, Argo, and Azure Kubernetes Service - Part 1

6/10/2022

0 Comments

 
First, what is GitOps? Is it the same as DevOps?
DevOps is the union of people, process, and products to enable the continuous delivery of value to our end users.
GitOps is different than DevOps because it focuses specifically on practices designed to improve infrastructure and application configuration management using Git.
Picture
GitOps builds on DevOps with Git as a single source of truth for the
desired state of the system
  • The entire system state is under version control and described in Git (trunk best)
  • Operational changes on production clusters are made by pull request
  • Rollback and audit logs are provided via Git
  • When disaster strikes, the whole infrastructure can be quickly restored from Git

Why Gitops?
  • Audit trail of deployments
  • Limit access to clusters
  • Make Disaster Recovery an unpainful event

Second, what is Argo?
Argo is a declarative GitOps continuous delivery tool specifically designed for Kubernetes. Argo relies on Git to be the "source of truth" for defining everything you want for your application state; essentially, you are declaring the state of the world you want for your application, and Argo will either ensure it is that way, or alert you if it is not that way (I.E. out of sync).

Features:
  • Automated deployment of applications to specified target environments
  • Support for multiple config management/templating tools (Kustomize, Helm, Ksonnet, Jsonnot, plain- YAML)
  • Ability to manage and deploy to multiple clusters
  • SSO Integration (OIDC, OAuth2, LDAP, SAML 2.0, GitHub, Gitlab, Microsoft)
  • Multi-tenancy and RBAC policies for authorization
  • Rollback/Roll-anywhere to any application configuration committed in Git repository
  • Health status analysis of application resources
  • Automated configuration drift detection and visualization
  • Automated or manual syncing of applications to its desired state
  • WebUl which provides real-time view of application activity
  • CLI for automation and Cl integration
  • Wobhook integration (GitHub, BitBucket, Gitlab)
  • Access tokens for automation
  • PreSync, Sync, PostSync hooks to support complex application rollouts
    (e.g.blue/green & canary upgrades)
  • Audit trails for application events and APl calls
  • Prometheus metrics

Why you should not use kubectl to manage Kubernetes cluster?!
  • Ci/CD needs write access to your clusters
  • How to track rollout failures?
  • No audit trail of the Kubernetes resources
  • No single source of truth of the state in the cluster
  • It's imperative. It should be declarative.
I will explain take you now though a simple demo on how to setup ArgoCD with Azure Devops and AKS

Note: I already have ASK cluster setup on my azure subscription
Demo Steps:
1- Create manifest/yaml deployment file and store them in Azure Devops repos
Picture
deployment.yaml
----------------------
apiVersion: apps/v1
kind: Deployment
metadata:
  name: azureheroes
spec:
  selector:
    matchLabels:
      app: azureheroes
  replicas: 4
  template:
    metadata:
      labels:
        app: azureheroes
    spec:
      containers:
      - name: azureheroes
        image: hello-world
        ports:
        - containerPort: 8090

service.yaml
----------------------
apiVersion: v1
kind: Service
metadata:
  name: myapp-service
spec:
  selector:
    app: mazureheroesyapp
  ports:
  - port: 8090
    protocol: TCP
    targetPort: 8090
2-Install ArgoCD with Application "CRD"
2.1-let’s create a namespace for Argo CD to deploy all of its components in. To do this run:

  • kubectl create namespace argocd

2.2-
Next we can install Argo CD into the new namespace we created. We will reference Argo CD’s repository for the latest Argo CD operator
  • kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yamlYou should see the following:

Picture
You should end up with many objects in the Argo CD namespace.
Picture
2.2 - now, in order to access ArgoCD CP from the UI, you have to expose/publish the servcie, hence I will change the ArgoCD-Server from ClusterIP to LoadBalancer

by running the following command:
  • kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'
  • kubectl get services --namespace argocd argocd-server --output jsonpath='{.status.loadBalancer.ingress[0].ip}'

NOTE: This is not recommended in production environments. Only use in a dev/test environments. In production environments, it is recommended to use an ingress for the Argo CD API server that is secured.
Picture
2.3- now, let's open the UI
username: admin
password: run this command since Argo CD auto generated a password during the deployment
  • kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d && echo
Picture
That’s it! You have Argo CD deployed on your AKS cluster. In the next post, I will walk through deploying a simple app to your Kubernetes cluster via Argo CD.
0 Comments



Leave a Reply.

    Author

    Mohammad Al Rousan is a Microsoft MVP (Azure), Microsoft Certified Solution Expert (MCSE) in Cloud Platform & Azure DevOps & Infrastructure, An active community blogger and speaker. Al Rousan has over 8 years of professional experience in IT Infrastructure and very passionate about Microsoft technologies and products.

    Picture
    Picture
    Top 10 Microsoft Azure Blogs

    Archives

    November 2022
    October 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    May 2021
    February 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    June 2020
    April 2020
    January 2020
    July 2019
    June 2019
    May 2019
    February 2019
    January 2019

    Categories

    All
    AKS
    Azure
    Beginner
    CDN
    DevOps
    End Of Support
    Fundamentals
    Guide
    Hybrid
    License
    Migration
    Network
    Security
    SQL
    Storage
    Virtual Machines
    WAF

    RSS Feed

    Follow
    Free counters!
Powered by Create your own unique website with customizable templates.