A First Delivery with Argo CD
The next step in rebuilding my Kubernetes cluster in IaC style was installing Argo CD, which would then handle all the applications I wanted to run. My first idea was to use helmfile to install it. A moment’s consideration revealed just how silly this was: Argo itself does everything helmfile does and far more. Instead, I used the Kustomize provider for Terraform to install Argo CD with some customizations.
It was hard to find explanations of the Application resources themselves. The reference-style documentation is minimal; the getting started guide wasn’t very useful. It took a fair bit of cross-referencing and squinting to whip up the first manifests for the app-of-apps that would bootstrap the cluster, limited to installing only cert-manager.
I struggled with granting Argo CD access to the repository containing said app-of-apps, too. First I
.git at the end. Then specifying repositories in
Secrets didn’t work.
Instead, I had to add
repositories to the
as part of the Kustomization.
That made the Application and its resources materialize in the Argo interface. The only snag was how
the app-of-apps was always
OutOfSync due to a missing
syncPolicy, which I verified with
kubectl describe. Kustomize showed the generated manifest had my specified
syncPolicy, so I
don’t know what the cause was. Even if I updated the Application manually with kubectl apply, it
would immediately revert to the incorrect state.
Next in series: Secrets in Git with Mozilla SOPS and Argo CD(#6 in The Death and Rebirth of a Cluster)