GitOps实践之kubernetes安装argocd
1. 什么是argocd
1.Argo CD是Kubernetes的一个声明性GitOps持续交付工具。
2.应用程序定义、配置和环境应该是声明性的和版本控制的。应用程序部署和生命周期管理应自动化、可审核且易于理解。
3.Argo CD 是以 Kubernetes 作为基础设施,遵循声明式 GitOps 理念的持续交付(continuous delivery, CD)工具,支持多种配置管理工具,包括 ksonnet/jsonnet、kustomize 和 Helm 等。它的配置和使用非常简单,并且自带一个简单易用的可视化界面。
4.按照官方定义,Argo CD 被实现为一个 Kubernetes 控制器,它会持续监控正在运行的应用,并将当前的实际状态与 Git 仓库中声明的期望状态进行比较,如果实际状态不符合期望状态,就会更新应用的实际状态以匹配期望状态。
5.Argo CD 会被部署在 Kubernetes 集群中,使用的是基于 Pull 的部署模式,它会周期性地监控应用的实际状态,也会周期性地拉取 Git 仓库中的配置清单,并将实际状态与期望状态进行比较,如果实际状态不符合期望状态,就会更新应用的实际状态以匹配期望状态。
官方文档: https://argo-cd.readthedocs.io/en/stable/
2. 安装argocd
2.1 部署yaml
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/core-install.yaml
[root@kn-server-master01-13 argocd]# kubectl apply -n argocd -f install.yaml
customresourcedefinition.apiextensions.k8s.io/applications.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/applicationsets.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
serviceaccount/argocd-application-controller created
serviceaccount/argocd-applicationset-controller created
serviceaccount/argocd-dex-server created
serviceaccount/argocd-notifications-controller created
serviceaccount/argocd-redis created
serviceaccount/argocd-repo-server created
serviceaccount/argocd-server created
role.rbac.authorization.k8s.io/argocd-application-controller created
role.rbac.authorization.k8s.io/argocd-applicationset-controller created
role.rbac.authorization.k8s.io/argocd-dex-server created
role.rbac.authorization.k8s.io/argocd-notifications-controller created
role.rbac.authorization.k8s.io/argocd-server created
clusterrole.rbac.authorization.k8s.io/argocd-application-controller created
clusterrole.rbac.authorization.k8s.io/argocd-server created
rolebinding.rbac.authorization.k8s.io/argocd-application-controller created
rolebinding.rbac.authorization.k8s.io/argocd-applicationset-controller created
rolebinding.rbac.authorization.k8s.io/argocd-dex-server created
rolebinding.rbac.authorization.k8s.io/argocd-notifications-controller created
rolebinding.rbac.authorization.k8s.io/argocd-redis created
rolebinding.rbac.authorization.k8s.io/argocd-server created
clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller created
clusterrolebinding.rbac.authorization.k8s.io/argocd-server created
configmap/argocd-cm created
configmap/argocd-cmd-params-cm created
configmap/argocd-gpg-keys-cm created
configmap/argocd-notifications-cm created
configmap/argocd-rbac-cm created
configmap/argocd-ssh-known-hosts-cm created
configmap/argocd-tls-certs-cm created
secret/argocd-notifications-secret created
secret/argocd-secret created
service/argocd-applicationset-controller created
service/argocd-dex-server created
service/argocd-metrics created
service/argocd-notifications-controller-metrics created
service/argocd-redis created
service/argocd-repo-server created
service/argocd-server created
service/argocd-server-metrics created
deployment.apps/argocd-applicationset-controller created
deployment.apps/argocd-dex-server created
deployment.apps/argocd-notifications-controller created
deployment.apps/argocd-redis created
deployment.apps/argocd-repo-server created
deployment.apps/argocd-server created
statefulset.apps/argocd-application-controller created
networkpolicy.networking.k8s.io/argocd-application-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-applicationset-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-dex-server-network-policy created
networkpolicy.networking.k8s.io/argocd-notifications-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-redis-network-policy created
networkpolicy.networking.k8s.io/argocd-repo-server-network-policy created
networkpolicy.networking.k8s.io/argocd-server-network-policy created
Pod都已经running
[root@kn-server-master01-13 argocd]# kubectl get pods -n argocd
NAME READY STATUS RESTARTS AGE
argocd-application-controller-0 1/1 Running 0 8m11s
argocd-applicationset-controller-fb8d96cb5-l9kxc 1/1 Running 0 8m12s
argocd-dex-server-69f8bb9b-79wkz 1/1 Running 0 8m12s
argocd-notifications-controller-85fdd8f7d9-5hfjt 1/1 Running 0 8m12s
argocd-redis-6d67ff987b-7rffz 1/1 Running 0 8m11s
argocd-repo-server-67566f5fb4-tvkds 1/1 Running 0 8m11s
argocd-server-58dd4685bc-c8wlw 1/1 Running 0 8m11s
修改为Nodeport或者loadbalancer亦或者Ingress才可用访问Argocd WEBUI
[root@kn-server-master01-13 argocd]# kubectl get svc -n argocd
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
argocd-applicationset-controller ClusterIP 10.96.233.34 <none> 7000/TCP,8080/TCP 8m35s
argocd-dex-server ClusterIP 10.96.15.14 <none> 5556/TCP,5557/TCP,5558/TCP 8m35s
argocd-metrics ClusterIP 10.96.99.245 <none> 8082/TCP 8m35s
argocd-notifications-controller-metrics ClusterIP 10.96.154.168 <none> 9001/TCP 8m35s
argocd-redis ClusterIP 10.96.182.219 <none> 6379/TCP 8m35s
argocd-repo-server ClusterIP 10.96.108.40 <none> 8081/TCP,8084/TCP 8m35s
argocd-server ClusterIP 10.96.164.184 <none> 80/TCP,443/TCP 8m35s
argocd-server-metrics ClusterIP 10.96.83.5 <none> 8083/TCP 8m35s
3. 安装argocd CLI
3.1 下载客户端的安装包
[root@kn-server-master01-13 argocd]# wget https://github.com/argoproj/argo-cd/releases/download/v2.5.3/argocd-linux-amd64
--2022-12-04 09:56:47-- https://github.com/argoproj/argo-cd/releases/download/v2.5.3/argocd-linux-amd64
正在解析主机 github.com (github.com)... 20.205.243.166
正在连接 github.com (github.com)|20.205.243.166|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 302 Found
位置:https://objects.githubusercontent.com/github-production-release-asset-2e65be/120896210/dc4d761d-ef5d-4f4c-8dc3-a72e134313c1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221204%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221204T015648Z&X-Amz-Expires=300&X-Amz-Signature=ac9daeadb91a0f6b12cab84d5bc3b5d56abb78e960a93a62f68df9de904360bf&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=120896210&response-content-disposition=attachment%3B%20filename%3Dargocd-linux-amd64&response-content-type=application%2Foctet-stream [跟随至新的 URL]
--2022-12-04 09:56:48-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/120896210/dc4d761d-ef5d-4f4c-8dc3-a72e134313c1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221204%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221204T015648Z&X-Amz-Expires=300&X-Amz-Signature=ac9daeadb91a0f6b12cab84d5bc3b5d56abb78e960a93a62f68df9de904360bf&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=120896210&response-content-disposition=attachment%3B%20filename%3Dargocd-linux-amd64&response-content-type=application%2Foctet-stream
正在解析主机 objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.108.133, 185.199.109.133, 185.199.110.133, ...
正在连接 objects.githubusercontent.com (objects.githubusercontent.com)|185.199.108.133|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:133625646 (127M) [application/octet-stream]
正在保存至: “argocd-linux-amd64”
100%[==========================================================================================================================================================>] 133,625,646 595KB/s 用时 4m 18s
2022-12-04 10:01:07 (506 KB/s) - 已保存 “argocd-linux-amd64” [133625646/133625646])
3.2 拷贝并赋权
[root@kn-server-master01-13 argocd]# cp argocd-linux-amd64 /usr/local/bin/argocd
[root@kn-server-master01-13 argocd]# chmod +x /usr/local/bin/argocd
4. 使用argocd CLI
4.1 argocd命令帮助
[root@kn-server-master01-13 argocd]# argocd --help
argocd controls a Argo CD server
Usage:
argocd [flags]
argocd [command]
Available Commands:
account Manage account settings
admin Contains a set of commands useful for Argo CD administrators and requires direct Kubernetes access
app Manage applications
appset Manage ApplicationSets
cert Manage repository certificates and SSH known hosts entries
cluster Manage cluster credentials
completion output shell completion code for the specified shell (bash or zsh)
context Switch between contexts
gpg Manage GPG keys used for signature verification
help Help about any command
login Log in to Argo CD
logout Log out from Argo CD
proj Manage projects
relogin Refresh an expired authenticate token
repo Manage repository connection parameters
repocreds Manage repository connection parameters
version Print version information
Flags:
--auth-token string Authentication token
--client-crt string Client certificate file
--client-crt-key string Client certificate key file
--config string Path to Argo CD config (default "/root/.config/argocd/config")
--core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server
--grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2.
--grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root.
-H, --header strings Sets additional header to all requests made by Argo CD CLI. (Can be repeated multiple times to add multiple headers, also supports comma separated headers)
-h, --help help for argocd
--http-retry-max int Maximum number of retries to establish http connection to Argo CD server
--insecure Skip server certificate and domain verification
--kube-context string Directs the command to the given kube-context
--logformat string Set the logging format. One of: text|json (default "text")
--loglevel string Set the logging level. One of: debug|info|warn|error (default "info")
--plaintext Disable TLS
--port-forward Connect to a random argocd-server port using port forwarding
--port-forward-namespace string Namespace name which should be used for port forwarding
--server string Argo CD server address
--server-crt string Server certificate file
Use "argocd [command] --help" for more information about a command.
4.2 命令行登陆argocd
[root@kn-server-master01-13 argocd]# argocd login 10.0.0.14
WARNING: server certificate had error: x509: cannot validate certificate for 10.0.0.14 because it doesn't contain any IP SANs. Proceed insecurely (y/n)? yes
Username: admin
Password:
'admin:login' logged in successfully
Context '10.0.0.14' updated
4.3 命令行修改argocd密码
[root@kn-server-master01-13 argocd]# argocd account update-password
*** Enter password of currently logged in user (admin):
*** Enter new password for user admin:
*** Confirm new password for user admin:
Password updated
Context '10.0.0.14' updated
GitOps实践之kubernetes安装argocd的更多相关文章
- Kubernetes集群(RKE)安装ArgoCD排坑
Photo by Pixabay from Pexels Argo CD是一个声明式的,基于Kubernetes的GitOps持续交付工具.更多的细节参考 ArgoCD官网 的说明,这里记录了一些实践 ...
- Docker系列(九)Kubernetes安装
环境: A.B两天机器A机器IP:192.169.0.104,B机器IP:192.168.0.102,其中A为Master节点,B为Slave节点 操作系统:Centos7 Master与Slave节 ...
- 轻松加愉快的 Kubernetes 安装教程
轻松加愉快的 Kubernetes 安装教程 马哥Linux运维 2 days ago 作者:无聊的学习者 来源:见文末 在国内安装 K8S,一直是大家很头痛的问题,各种麻烦,关键是还不知道需要下载什 ...
- Kuboard Kubernetes安装
一.简介 Kubernetes 容器编排已越来越被大家关注,然而使用 Kubernetes 的门槛却依然很高,主要体现在这几个方面: 集群的安装复杂,出错概率大 Kubernetes相较于容器化,引入 ...
- kubernetes安装-kubeadm
系统信息 角色 系统 CPU Core memory master 18.04.1-Ubuntu 4 8G slave 18.04.1-Ubuntu 4 4G 安装前准备(主节点和从节点都需要执行) ...
- kubernetes安装-二进制
主要参考https://github.com/opsnull/follow-me-install-kubernetes-cluster,采用Flanel和docker 系统信息 角色 系统 CPU C ...
- 从零开始针对 .NET 应用的 DevOps 运营实践 - Jenkins & SonarQube 安装配置
一.Overview 继续 DevOps 实施的相关内容,在上一篇的博客中,完成了对于工具链中使用到的软件所需的运行环境的配置,在这一篇的博客中,将聚焦于我们使用到的两个主要的软件:Jenkins 与 ...
- 服务网格Istio入门-详细记录Kubernetes安装Istio并使用
我最新最全的文章都在南瓜慢说 www.pkslow.com,文章更新也只在官网,欢迎大家来喝茶~~ 1 服务网格Istio Istio是开源的Service Mesh实现,一般用于Kubernetes ...
- Nagios学习实践系列——基本安装篇
开篇介绍 最近由于工作需要,学习研究了一下Nagios的安装.配置.使用,关于Nagios的介绍,可以参考我上篇随笔Nagios学习实践系列——产品介绍篇 实验环境 操作系统:Red Hat Ente ...
- 图形化Cisco设备管理实践(附安装配置视频)
图形化Cisco设备管理实践 Ciscoworks 2000是Cisco公司推出的基于SNMP协议的网络管理系统,通过它网络管理人员可以方便快捷地完成设备的配置.管理.监控和故障分析等任务, Cisc ...
随机推荐
- win10系统恢复默认的照片查看器
新建一个TXT文本文档,把以下代码复制粘贴到其中: 注:你可以根据需要按同样的格式增减或修改其中的图片格式代码 Windows Registry Editor Version 5.00 ; Chang ...
- CentOS7配置nodejs环境
# 安装 wget https://nodejs.org/dist/v12.18.3/node-v12.18.3-linux-x64.tar.xz tar xf node-v12.18.3-linux ...
- useEffect 和 useLayoutEffect浅析
执行时期的区别 useEffect 回调函数的执行时期 useEffect为异步执行,执行时期为 触发状态更新(如:setState,forceUpdate) React渲染函数执行(render) ...
- P5657 [CSP-S2019] 格雷码 (找规律)
观察几个数据,有一种思路:类似于二分,判断每一位应该填1还是0: 1 #include <bits/stdc++.h> 2 //#define loveGsy 3 using namesp ...
- HDU3507 print article (斜率优化DP)
状态表示:dp[i]表示打印前i个单词的最小成本:s[i]维护前缀和. 状态转移:dp[i]=min(dp[j]+(s[i]-s[j])2)+m , 0<=j<i. 换成y=kx+b的形式 ...
- 洛谷P1656 炸铁路 (求割边)
用tarjan变种求割边的模板题 其实还可以求出所有的边双(用栈),但本题不需要求. 1 #include<bits/stdc++.h> 2 using namespace std; 3 ...
- BZOJ2654 tree (wqs二分)
题目描述 给你一个无向带权连通图,每条边是黑色或白色.让你求一棵最小权的恰好有need条白色边的生成树. 题目保证有解. 一个最小生成树问题,但是我们要选need条白边,我们用g(i)表示选取i条 ...
- 洛谷P1640 SCOI2010 连续攻击游戏 (并查集/匹配)
本题介绍两种做法: 1 并查集 1 #include<bits/stdc++.h> 2 using namespace std; 3 const int N=1000005; 4 int ...
- Go_Channel详解
一 channel介绍 单纯地将函数并发执行是没有意义的.函数与函数间需要交换数据才能体现并发执行函数的意义. 虽然可以使用共享内存进行数据交换,但是共享内存在不同的goroutine中容易发生竞态问 ...
- SQL--临时表的使用
临时表的创建 临时表分为:本地临时表和全局临时表 通俗区分: 本地临时表:只能在当前查询页面使用,新开的查询是不能使用它的 #temp 全局临时表:不管开多少查询页面都可以使用 ##temp ...