AEWS 2기 7주차 두번째

이제 argocd에 대해 알아보겠습니다.

• Argo - 공홈 & CD Docs & Rollouts Docs & Blog
• 악분님 ArgoCD 정리 글

 

• Argo CD 소개 및 설치 : Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes
  • Application definitions, configurations, and environments should be declarative and version controlled.
  • Application deployment and lifecycle management should be automated, auditable, and easy to understand.
  • 설치 - Helm Helm_AWS_ALB Docs

Argo CD - Declarative GitOps CD for Kubernetes

 

# 간단 설치
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

# helm 설치
cat <<EOT > argocd-values.yaml
global:
  domain: argocd.$MyDomain

configs:
  params:
    server.insecure: true

controller:
  metrics:
    enabled: true
    serviceMonitor:
      enabled: true

server:
  ingress:
    enabled: true
    controller: aws
    ingressClassName: alb
    hostname: "argocd.$MyDomain"
    annotations:
      alb.ingress.kubernetes.io/scheme: internet-facing
      alb.ingress.kubernetes.io/target-type: ip
      alb.ingress.kubernetes.io/backend-protocol: HTTP
      alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]'
      alb.ingress.kubernetes.io/certificate-arn: $CERT_ARN
      alb.ingress.kubernetes.io/ssl-redirect: '443'
    aws:
      serviceType: ClusterIP
      backendProtocolVersion: GRPC
  metrics:
    enabled: true
    serviceMonitor:
      enabled: true

repoServer:
  metrics:
    enabled: true
    serviceMonitor:
      enabled: true

applicationSet:
  metrics:
    enabled: true
    serviceMonitor:
      enabled: true

notifications:
  metrics:
    enabled: true
    serviceMonitor:
      enabled: true
EOT

kubectl create ns argocd
helm repo add argo https://argoproj.github.io/argo-helm
helm install argocd argo/argo-cd --version 6.7.11 -f argocd-values.yaml --namespace argocd

# 확인
kubectl get ingress,pod,svc -n argocd
kubectl get crd | grep argo
applications.argoproj.io                     2024-04-14T08:12:16Z
applicationsets.argoproj.io                  2024-04-14T08:12:17Z
appprojects.argoproj.io                      2024-04-14T08:12:16Z

# 최초 접속 암호 확인
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d ;echo
MC3y8rzzECTIAHSB

 

 

접속 확인

 

 

Architecture - Docs

 

 

App 배포 with Directory

App 생성 : New App 클릭

• Application Name : first-myweb
• Project Name : default
• SYNC POLICY : Manual
  • AUTO-CREATE NAMESPACE : 클러스터에 네임스페이스가 없을 시 argocd에 입력한 이름으로 자동 생성
  • APPLY OUT OF SYNC ONLY : 현재 동기화 상태가 아닌 리소스만 배포
• PRUNE PROPAGATION POLICY
  • foreground : 부모(소유자, ex. deployment) 자원을 먼저 삭제함
  • background : 자식(종속자, ex. pod) 자원을 먼저 삭제함
  • orphan : 고아(소유자는 삭제됐지만, 종속자가 삭제되지 않은 경우) 자원을 삭제함
• [체크] AUTO-CREATE-NAMESPACE
• SOURCE
  • Repository URL : https://github.com/gasida/aews-cicd.git
  • Revision : main
  • Path : 3/deploy
• DESTINATION
  • Cluster URL : https://kubernetes.default.svc
  • Namespace : first
  • [선택] Directory ← 소스를 보고 자동으로 유형 선택됨
• 화면 상단 [CREATE] 클릭
• 배포하기 - [SYNC] 클릭 > [SYNCHRONIZE] 클릭
  • PRUNE : GIt에서 자원 삭제 후 배포시 K8S에서는 삭제되지 않으나, 해당 옵션을 선택하면 삭제시킴
  • FORCE : --force 옵션으로 리소스 삭제
  • APPLY ONLY : ArgoCD의 Pre/Post Hook은 사용 안함 (리소스만 배포)
  • DRY RUN : 테스트 배포 (배포에 에러가 있는지 한번 확인해 볼때 사용)

  ---

• 리소스 클릭 후 확인 : 각각 LIVE MANIFEST(쿠버네티스 정보) vs DESIRED MANIFEST(Git깃 정보)
  • 위 화면에서 Deployment 리소스 직접 수정 해보기 : EDIT 클릭 후 lables 아래 추가 → SAVE

확인

 

 

그리고 sync status 클릭

 

 

라벨 추가해보기 -> add2: eks

 

그러면 바로 수정이 됩니다.

 

 

git에서 수정해보기 -> dengoadd로 수정

 

diff에서 확인

 

 

디플로이 sync클릭 후 확인

 

실습 리소스 삭제 : Argocd 에서 DELETE

 

 

 

 

Getting Started : Argo CD CLI, Sample Application - Docs

Getting Started - Argo CD - Declarative GitOps CD for Kubernetes

#
curl -sSL -o argocd-linux-amd64 https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
sudo install -m 555 argocd-linux-amd64 /usr/local/bin/argocd
rm -f argocd-linux-amd64

#
argocd version

#
argocd login argocd.$MyDomain
Username: admin
Password: ###
'admin:login' logged in successfully

#
kubectl config get-contexts -o name
admin@myeks.ap-northeast-2.eksctl.io
argocd cluster add admin@myeks.ap-northeast-2.eksctl.io
y 입력

#
argocd app list
NAME  CLUSTER  NAMESPACE  PROJECT  STATUS  HEALTH  SYNCPOLICY  CONDITIONS  REPO  PATH  TARGET

 

 

Application 생성 with CLi

#
kubectl config set-context --current --namespace=argocd
argocd app create guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path guestbook --dest-server https://kubernetes.default.svc --dest-namespace default

#
argocd app list
NAME              CLUSTER                         NAMESPACE  PROJECT  STATUS     HEALTH   SYNCPOLICY  CONDITIONS  REPO                                                 PATH       TARGET
argocd/guestbook  https://kubernetes.default.svc  default    default  OutOfSync  Missing  <none>      <none>      https://github.com/argoproj/argocd-example-apps.git  guestbook

 

확인

 

 

app 삭제

argocd app delete guestbook
Are you sure you want to delete 'guestbook' and all its resources? [y/n] y

# ns default 로 변경
kubectl ns default

 

 

 

 

• Argo Rollouts 소개 및 설치 : Kubernetes Progressive Delivery Controller - Docs
  • Argo Rollouts : Argo Rollouts is a Kubernetes controller and set of CRDs which provide advanced deployment capabilities such as blue-green, canary, canary analysis, experimentation, and progressive delivery features to Kubernetes.
    • Argo Rollouts (optionally) integrates with ingress controllers and service meshes, leveraging their traffic shaping abilities to gradually shift traffic to the new version during an update. Additionally, Rollouts can query and interpret metrics from various providers to verify key KPIs and drive automated promotion or rollback during an update.
  • Why Argo Rollouts?
    • The native Kubernetes Deployment Object supports the RollingUpdate strategy which provides a basic set of safety guarantees (readiness probes) during an update. However the rolling update strategy faces many limitations:
    • Few controls over the speed of the rollout
    • Inability to control traffic flow to the new version
    • Readiness probes are unsuitable for deeper, stress, or one-time checks
    • No ability to query external metrics to verify an update
    • Can halt the progression, but unable to automatically abort and rollback the update

아키텍처 - Docs

 

 

설치 - Helm Docs

#
cat <<EOT > argorollouts-values.yaml
dashboard:
  enabled: true
  ingress:
    enabled: true
    ingressClassName: alb
    hosts:
      - argorollouts.$MyDomain
    annotations:
      alb.ingress.kubernetes.io/scheme: internet-facing
      alb.ingress.kubernetes.io/target-type: ip
      alb.ingress.kubernetes.io/backend-protocol: HTTP
      alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]'
      alb.ingress.kubernetes.io/certificate-arn: $CERT_ARN
      alb.ingress.kubernetes.io/ssl-redirect: '443'
EOT

kubectl create ns argo-rollouts
helm install argo-rollouts argo/argo-rollouts --version 2.35.1 -f argorollouts-values.yaml --namespace argo-rollouts

# 확인
kubectl get all -n argo-rollouts
kubectl get crd | grep argo

 

 

rollouts 대시보드 : 네임스페이스별 확인 가능 - Docs

https://argorollouts.<자신의 도메인>/rollouts/

 

Getting Started - Docs

Deploying a Rollout

spec:
  replicas: 5
  strategy:
    canary:
      steps:
      - setWeight: 20
      - pause: {}
      - setWeight: 40
      - pause: {duration: 10}
      - setWeight: 60
      - pause: {duration: 10}
      - setWeight: 80
      - pause: {duration: 10}

# Run the following command to deploy the initial Rollout and Service:
kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-rollouts/master/docs/getting-started/basic/rollout.yaml
kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-rollouts/master/docs/getting-started/basic/service.yaml

 

 

CLI vs UI 확인 https://argorollouts.<각자 자신의 도메인>/rollouts/default

kubectl argo rollouts get rollout rollouts-demo
Name:            rollouts-demo
Namespace:       argocd
Status:          ◌ Progressing
Message:         updated replicas are still becoming available
Strategy:        Canary
  Step:          8/8
  SetWeight:     100
  ActualWeight:  100
Images:          argoproj/rollouts-demo:blue (stable)
Replicas:
  Desired:       5
  Current:       5
  Updated:       5
  Ready:         4
  Available:     4

NAME                                       KIND        STATUS               AGE   INFO
⟳ rollouts-demo                            Rollout     ◌ Progressing        113s  
└──# revision:1                                                                   
   └──⧉ rollouts-demo-687d76d795           ReplicaSet  ◌ Progressing        113s  stable
      ├──□ rollouts-demo-687d76d795-bqtp6  Pod         ◌ ContainerCreating  113s  ready:0/1
      ├──□ rollouts-demo-687d76d795-hz5v8  Pod         ✔ Running            113s  ready:1/1
      ├──□ rollouts-demo-687d76d795-vjzfz  Pod         ✔ Running            113s  ready:1/1
      ├──□ rollouts-demo-687d76d795-vvdtj  Pod         ✔ Running            113s  ready:1/1
      └──□ rollouts-demo-687d76d795-xjx5v  Pod         ✔ Running            113s  ready:1/1

kubectl argo rollouts get rollout rollouts-demo --watch

 

확인

 

 

Updating a Rollout

#
watch -d kubectl get pod -n argocd -l app=rollouts-demo -owide --show-labels

# Run the following command to update the rollouts-demo Rollout with the "yellow" version of the container:
kubectl argo rollouts set image rollouts-demo rollouts-demo=argoproj/rollouts-demo:yellow

 

확인

 

버전 2로 변경

 

이것으로 7주차 스터디 공유를 마치겠습니다.