快速开始
少于1分钟
简要概述
基于 gitops 理念管理 k8s 资源。
安装部署
见:github.com/opsaid/manifests/addons/argo-cd
创建 APP
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: demo-apilogin-v1
namespace: argocd
spec:
destination:
namespace: default
server: 'https://kubernetes.default.svc'
source:
path: deploy/kubernetes/dev
repoURL: 'https://github.com/mingqing/apilogin.git'
targetRevision: HEAD
kustomize:
namespace: default
sources: []
project: default
syncPolicy:
automated: null
加入集群
目标集群添加权限
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argocd-manager
namespace: kube-system
---
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: argocd-manager
namespace: kube-system
annotations:
kubernetes.io/service-account.name: argocd-manager
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argocd-manager-role
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argocd-manager-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: argocd-manager-role
subjects:
- kind: ServiceAccount
name: argocd-manager
namespace: kube-system
获取创建的 token
kubectl describe secret argocd-manager -n kube-system
生成 argocd config
{
"bearerToken": "{argocd-manager token}",
"tlsClientConfig": {
"insecure": true
}
}
cat a.txt | base64
apiVersion: v1
kind: Secret
metadata:
labels:
argocd.argoproj.io/secret-type: cluster
name: cluster-c2.k8s.173ops.com
namespace: argocd
type: Opaque
data:
config: {base64 config}
name: YzIuazhzLjE3M29wcy5jb20=
server: aHR0cHM6Ly9jMi5rOHMuMTczb3BzLmNvbTo2NDQz
最后修改 2024.09.05: chore: update argo workflow (e20d5d1)