Install Argo CD
Review the necessary prerequisites and follow the detailed steps to successfully enable Argo CD within KubeRocketCI.
Prerequisites​
The following tools must be installed:
Installation​
Argo CD enablement for the platform consists of two major steps:
- Argo CD installation
- Argo CD integration with KubeRocketCI (SSO enablement, git repository onboarding, etc.)
Argo CD can be installed in several ways, please follow the official documentation for more details. It is also possible to install Argo CD using the edp-cluster-add-ons.
Install With Helm​
Follow the steps below to install Argo CD using Helm:
"For the OpenShift users"
When using the OpenShift platform, apply the SecurityContextConstraints resource. Change the namespace in the users section if required.
View: SecurityContextConstraints
allowHostDirVolumePlugin: false
allowHostIPC: false
allowHostNetwork: false
allowHostPID: false
allowHostPorts: false
allowPrivilegeEscalation: true
allowPrivilegedContainer: false
allowedCapabilities: null
apiVersion: security.openshift.io/v1
allowedFlexVolumes: []
defaultAddCapabilities: []
fsGroup:
type: MustRunAs
ranges:
- min: 99
max: 65543
groups: []
kind: SecurityContextConstraints
metadata:
annotations:
"helm.sh/hook": "pre-install"
name: argo-redis-ha
priority: 1
readOnlyRootFilesystem: false
requiredDropCapabilities:
- KILL
- MKNOD
- SETUID
- SETGID
runAsUser:
type: MustRunAsRange
uidRangeMin: 1
uidRangeMax: 65543
seLinuxContext:
type: MustRunAs
supplementalGroups:
type: RunAsAny
seccompProfiles:
- '*'
users:
- system:serviceaccount:argocd:argo-redis-ha
- system:serviceaccount:argocd:argo-redis-ha-haproxy
- system:serviceaccount:argocd:argocd-notifications-controller
- system:serviceaccount:argocd:argo-argocd-repo-server
- system:serviceaccount:argocd:argocd-server
volumes:
- configMap
- downwardAPI
- emptyDir
- persistentVolumeClaim
- projected
- secret
-
Check out the values.yaml file sample of the Argo CD customization, which is based on the
HA mode without autoscaling:View: kubernetes-values.yaml
redis-ha:
enabled: true
controller:
enableStatefulSet: true
server:
replicas: 2
extraArgs:
- "--insecure"
env:
- name: ARGOCD_API_SERVER_REPLICAS
value: '2'
ingress:
enabled: true
hosts:
- "argocd.<Values.global.dnsWildCard>"
rbacConfig:
# users may be still be able to login,
# but will see no apps, projects, etc...
policy.default: ''
scopes: '[groups]'
policy.csv: |
# default global admins
g, ArgoCDAdmins, role:admin
repoServer:
replicas: 2
# Deploy without sso
dex:
enabled: false
# Disabled for multitenancy env with single instance deployment
applicationSet:
enabled: falseView: openshift-values.yaml
redis-ha:
enabled: true
controller:
enableStatefulSet: true
server:
replicas: 2
extraArgs:
- "--insecure"
env:
- name: ARGOCD_API_SERVER_REPLICAS
value: '2'
route:
enabled: true
hostname: "argocd.<.Values.global.dnsWildCard>"
termination_type: edge
termination_policy: Redirect
rbacConfig:
# users may be still be able to login,
# but will see no apps, projects, etc...
policy.default: ''
scopes: '[groups]'
policy.csv: |
# default global admins
g, ArgoCDAdmins, role:admin
repoServer:
replicas: 2
# Deploy without sso
dex:
enabled: false
# Disabled for multitenancy env with single instance deployment
applicationSet:
enabled: false -
Run the installation:
kubectl create ns argocd
helm repo add argo https://argoproj.github.io/argo-helm
helm install argo --version 5.33.1 argo/argo-cd -f values.yaml -n argocd