Skip to main content

GitOps with Argo CD

Cosmonic Control integrates seamlessly with continuous delivery systems such as Argo CD to enable GitOps patterns, in which Git repositories serve as the source of truth for application state. You can specify Kubernetes manifests to Argo CD in various ways, including as Helm charts and directories of YAML manifests.

In this section, you'll learn...

  • How to deploy and manage Cosmonic Control with Argo CD
  • How to deploy and manage Wasm components with Argo CD

This guide uses Helm charts to specify Kubernetes manifests, but other methods (such as a plain directory of CRD manifests) are possible as well. The manifest and values file used in this guide are available in the control-demos repository on GitHub.

Requirements

  • A Kubernetes cluster with CoreDNS. (This guide was written using kind version 0.27.0, which includes CoreDNS by default.)
  • kubectl
  • Helm v3.8.0+

Deploy Argo CD

If you do not have Argo CD running on your cluster already, you can deploy it using the community-maintained Helm chart and this values.yaml file:

dex:
  enabled: false
notifications:
  enabled: false
applicationSet:
  enabled: false
server:
  insecure: true

This is a simple example deployment of Argo CD that excludes components not needed for this guide (e.g. dex and the notifications controller). The Argo CD server runs with the --insecure flag in order to serve the Argo CD dashboard locally over HTTP without configuring certificates.

helm install argo-cd oci://ghcr.io/argoproj/argo-helm/argo-cd --version 8.1.3 --namespace argocd --create-namespace -f values.yaml

Port-forward the Argo CD server in order to access the Argo CD dashboard. (Note: We're using our local port 3000 for the Argo CD dashboard in order to leave 8080 for the Cosmonic Control Console UI.)

kubectl port-forward service/argo-cd-argocd-server -n argocd 3000:443

In a new terminal tab, use kubectl to get the admin password for the dashboard, which is stored in a Kubernetes secret. (Note that certain shells like zsh may render a % at the end of the returned output.)

kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 -d

Now you should see the login page for the dashboard at localhost:3000.

login page

Log in to the dashboard with the admin username and the returned password.

You should see the Argo CD dashboard without any running Argo CD Applications, the high-level abstraction used by Argo CD for managed deployments.

dashboard

Use the following Argo Application CRD manifests in a file called control-proj.yaml to define your deployments of Cosmonic Control, a HostGroup, and the Welcome Tour component.

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: cosmonic-control
  namespace: argocd
  annotations:
    # ArgoCD will apply this manifest first.
    argocd.argoproj.io/sync-wave: "1"
spec:
  project: default
  source:
    chart: cosmonic-control
    repoURL: ghcr.io/cosmonic  # note: the oci:// syntax is not included.
    targetRevision: 0.2.0
    helm:
      valuesObject: 
        cosmonicLicenseKey: "<insert license here>"
  destination:
    name: "in-cluster"
    namespace: cosmonic-system
  syncPolicy:
    automated: {}
    syncOptions:
      - CreateNamespace=true
    retry:
      limit: -1
      backoff:
        duration: 30s
        factor: 2
        maxDuration: 5m
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: hostgroup
  namespace: argocd
  annotations:
    # ArgoCD will apply this manifest first.
    argocd.argoproj.io/sync-wave: "1"
spec:
  project: default
  source:
    chart: cosmonic-control-hostgroup
    repoURL: ghcr.io/cosmonic  # note: the oci:// syntax is not included.
    targetRevision: 0.2.0
    helm:
      valuesObject: 
        http:
          enabled: true
  destination:
    name: "in-cluster"
    namespace: cosmonic-system
  syncPolicy:
    automated: {}
    retry:
      limit: -1
      backoff:
        duration: 30s
        factor: 2
        maxDuration: 5m
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: welcome-tour
  namespace: argocd
  annotations:
    # ArgoCD will apply this manifest second.
    argocd.argoproj.io/sync-wave: "2"
spec:
  project: default
  source:
    chart: charts/welcome-tour
    repoURL: ghcr.io/cosmonic-labs  # note: the oci:// syntax is not included.
    targetRevision: 0.1.0
  destination:
    name: "in-cluster"
    namespace: welcome-app
  syncPolicy:
    automated: {}
    syncOptions:
      - CreateNamespace=true
    retry:
      limit: -1
      backoff:
        duration: 30s
        factor: 2
        maxDuration: 5m

Apply the manifest:

kubectl apply -f control-proj.yaml

The Applications will appear on the Argo CD dashboard. It may take a moment for the Applications to finish syncing.

healthy apps

You can click on an Application to view it in more detail. Try clicking on the welcome-tour application to view the resources defining the Wasm workload.

Wasm component workload

Test the deployments

Port-forward to access the Cosmonic Control Console UI at localhost:8080:

kubectl -n cosmonic-system port-forward svc/console 8080:8080

In a new terminal tab, port-forward to access the Welcome Tour component at localhost:9091:

kubectl -n cosmonic-system port-forward svc/hostgroup-default 9091:9091

Clean up

When you're finished:

kubectl delete -f control-proj.yaml

helm uninstall argo-cd -n argocd

If you're using kind:

kind delete cluster