GitOps Workflow with Argo CD

20 MINUTE EXERCISE

In this lab you will learn about deploying and managing Kubernetes resources using a GitOps tool.

GitOps Methodology

GitOps is a set of practices that leverages Git workflows to manage infrastructure and application configurations. By using Git repositories as the source of truth, it allows the DevOps team to store the entire state of the cluster configuration in Git so that the trail of changes are visible and auditable.

GitOps simplifies the propagation of infrastructure and application configuration changes across multiple clusters by defining your infrastructure and applications definitions as “code”.

  • Ensure that the clusters have similar states for configuration, monitoring, or storage.

  • Recover or recreate clusters from a known state.

  • Create clusters with a known state.

  • Apply or revert configuration changes to multiple clusters.

  • Associate templated configuration with different environments.

Gitops is also beneficial for application configuration management. It ensures consistency in applications when you deploy them to different clusters in different environments, like development, stage, and production.

  • Promote applications across clusters, from stage to production.

  • Apply or revert application changes to multiple OpenShift clusters.

OpenShift provides the flexibility to choose when and how you integrate GitOps methodology into your business practices and pipelines.

Export OpenShift Resources

First, you need to export the project resources from OpenShift.

In your Workspace, click on 'Terminal' → 'Run Task…​' → 'GitOps - Export Coolstore'

Che - RunTask

A terminal should be opened with the following output:

--- Export Kubernetes resources for GitOps from my-project%USER_ID% to cn-project%USER_ID% ---
Exporting resources for inventory-coolstore...
Exporting resources for catalog-coolstore...
Exporting resources for gateway-coolstore...
Exporting resources for web-coolstore...
--- Kubernetes resources has been exported! ---

This operation exports the project resources (deploymentconfig, route, secret, service) and cleans them up. As a result, you should have all resources in YAML files under the /projects/workshop/labs/gitops folder.

Che - GitOps Export Result

Create a Git Repository for Your Configuration

The next step is to store all Kubernetes/OpenShift resources in a source code repository.

In your Git Repository, create a new Repository as follows:

Table 1. GitOps Repository
Parameter Value

Repository Name*

inventory-gitops

Push the Configuration of Inventory Service into the Git Repository

Now that you have a Git repository for the configuration, you should push the exported Inventory configuration into it.

In your Workspace, click on 'Terminal' → 'Run Task…​' → 'GitOps - Commit Inventory'

Che - RunTask

A terminal should be opened with the following output:

Initialized empty Git repository in /projects/workshop/labs/gitops/inventory-coolstore/.git/
[master (root-commit) 918f5d6] Initial Inventory GitOps
 6 files changed, 251 insertions(+)
 create mode 100644 configmap.yaml
 create mode 100644 deployment.yaml
 create mode 100644 deploymentconfig.yaml
 create mode 100644 route.yaml
 create mode 100644 secret.yaml
 create mode 100644 service.yaml
Enumerating objects: 8, done.
Counting objects: 100% (8/8), done.
Delta compression using up to 16 threads
Compressing objects: 100% (7/7), done.
Writing objects: 100% (8/8), 2.42 KiB | 2.42 MiB/s, done.
Total 8 (delta 1), reused 0 (delta 0), pack-reused 0
remote: . Processing 1 references
remote: Processed 1 references in total
To http://gitea-server.gitea.svc:3000/user1/inventory-gitops.git
 * [new branch]      master -> master

Once done, in Git Repository, refresh the page of your 'inventory-gitops' repository. You should see the files in the repository.

GitOps Repository

What is Argo CD?

Argo CD Logo

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.

It follows the GitOps pattern of using Git repositories as the source of truth for defining the desired application state.

It automates the deployment of the desired application states in the specified target environments. Application deployments can track updates to branches, tags, or pinned to a specific version of manifests at a Git commit.

Log in to Argo CD

Click on the 'Developer GitOps' button below

Then log in as user%USER_ID%/%OPENSHIFT_PASSWORD%. Once completed, you will be redirected to the following page.

Argo CD - Home Page

Add your Newly Created GitOps Repository

In Argo CD, Select the 'Configuration menu' then click on 'Repositories'

Argo CD - Configure Repositories

Click on 'CONNECT REPO USING HTTPS' and enter the following:

Table 2. Repository Configuration
Parameter Value

Type

git

Repository URL

http://gitea-server.gitea.svc:3000/user%USER_ID%/inventory-gitops.git

Finally, Click on 'CONNECT'.

Your GitOps repository is now added to Argo CD.

Argo CD - Repository

Create a GitOps Application

In Argo CD, Select the 'Application menu' then click on '+ New App' and enter the following details:

Argo CD - Configure Application
Table 3. Application Configuration
Section Parameter Value

GENERAL

Application Name

inventory%USER_ID%

GENERAL

Project

cn-project%USER_ID%

GENERAL

SYNC POLICY

Manual

SOURCE

Repository URL

http://gitea-server.gitea.svc:3000/user%USER_ID%/inventory-gitops.git

SOURCE

Revision

HEAD

SOURCE

Path

. (dot)

DESTINATION

Cluster

https://kubernetes.default.svc

DESTINATION

Namespace

cn-project%USER_ID%

ALL OTHER SECTIONS

*

leave them empty/by default

Finally, Click on 'CREATE'.

Your Coolstore Application has been created in Argo CD.

Argo CD - OutOfSync Application

The application status is initially in yellow OutOfSync state since the application has yet to be deployed into cn-project%USER_ID% OpenShift project, and no Kubernetes resources have been created.

Argo CD - OutOfSync Application

Deploy a Resource on OpenShift

In Argo CD, click on the 3 dots menu at the left of the 'CM Inventory' resource then select 'Sync'

Argo CD - CM Inventory Sync

Then click on the 'Synchonize' button. Now the ConfigMap of Inventory has been deployed and synchronized with your environment.

In the OpenShift Web Console, from the Developer view, select your 'cn-project%USER_ID%' and click on 'Config Maps'. You should find the resource you just deployed via Argo CD.

OpenShift - CM Inventory Deployed

Recover from a Configuration Drift

A Configuration Drift is a term used whenever someone makes ad hoc changes in a (production) environment which are not recorded or tracked.

In the OpenShift Web Console, from the Developer view, select your 'cn-project%USER_ID%' and click on 'Config Maps' → 'CM inventory' → 'YAML'.

Add the following line in your configuration then click on 'Save'

simple.adhoc.change=This is a configuration drift
OpenShift - CM Inventory Configuration Drift

In Argo CD, the 'CM Inventory' resource is no longer synchronized. Click on it then select 'Diff' tab and check 'Compact diff'.

Argo CD - CM Inventory Diff

Argo CD detects automatically your modification which is not compliant with the desired state described in Git - the source of truth. Indeed, from now, when you want to change the configuration, you will have to update the Git Repository first to record and track your changes to avoid configuration drifts.

You can leave the configuration drift as it is. You will fix it in the next lab.

Push the Coolstore Configuration to the Git Repository

To prepare the next lab, you need to push the remaining coolstore application configuration to the Git repository.

In your Workspace, click on 'Terminal' → 'Run Task…​' → 'GitOps - Commit & Configure Coolstore'

Che - RunTask

Once done, in your Git Repository, you should see the 3 new '*-gitops' repositories.

GitOps Repository

In Argo CD, you should see the 4 Applications in the OutOfSync state since no service has not yet been deployed into cn-project%USER_ID% OpenShift project.

Argo CD - OutOfSync Application

You are going to fix it in the next lab.

Well done! You are ready for the next lab.