GitOps with Argo CD

In addition to deploying applications with Helm and Helm charts, you can deploy applications declaritively using Git repositories. Fleet Command uses Argo CD to synchronize application state between a Git repository and edge systems.

Fleet Command configures Argo CD for the following abilities:

  • HTTPS and SSH connections to repositories.

  • Public and private repositories. For private repositories and SSH protocol access, Fleet Command stores credentials.

  • Support for the following tools:

    • Kustomize

    • Jsonnet

    • Directories of Kubernetes manifests in YAML or JSON

    • Helm charts

For both standard locations and high-availability locations, Fleet Command deploys a single replica of the required Argo CD components to conserve computing resources.

Support for Argo CD is initially disabled for all locations. You can enable support for Argo CD at a location at any time, but you cannot disable it for the location afterward.

  1. Select Fleet Command > Locations.

  2. On the Locations page, click the actions menu and select Edit Location.

  3. On the Edit Location window, expand Advanced Settings, enable Argo CD, and click Save.

Before you begin, check the following prerequisites:

  • You have at least one location is configured to enable Argo CD.

  • You have a Git repository with a directory path and branch that represents the target state of your application.

To add a Git application, perform the following steps:

  1. Select Fleet Command > Applications.

  2. On the Applications page, click Add Application.

    apps-add-app-button.png

  3. Fill in the details for the application and then click Add Application.

    apps-add-app-git.png

    • Display Name: This must be the unique name of the application.

    • Description: Create a description for the new application.

    • Source: Select Git Application.

    • Git Repository URL: Specify an HTTPS, SSH, or GIT protocol URL to the Git repository.

    • Git Repository Path: Specify the directory in the repository with the application to deploy.

    • Git Reference: Specify a branch, tag, or commit.

After you add a Git application, you can deploy the application to one or more locations that enabled support for Argo CD.

  1. Select Fleet Command > Deployments.

  2. On the Deployments page, click Create Deployment.

    deps-create-button.png

  3. On the Create Deployment page, fill in the details for the deployment.

    deps-create-git.png

    • Deployment Name: Enter a name for the deployment.

    • Source: Select Git.

    • Application: Select an application for the deployment.

    • Target Namespace: Specify a Kubernetes namespace for the deployment. The default value is default. You cannot edit this value after you create the deployment.

    • Select Locations: Select the locations to deploy to.

    • Security Overrides (Optional): Use this feature to override the default security settings for a deployment. Security overrides can only be selected during the initial deployment creation and cannot be modified afterwards without recreating the deployment. If you choose to apply security overrides, a message is shown on the Locations and Deployments pages. For detailed information on the options, refer to Security Overrides.

  4. Select the Before Deploy checkbox and click Deploy.

    Note

    If multiple deployments with the same application are assigned to a single location, you must confirm that they do not conflict. Some examples to keep in mind are duplicate service ports, resources (over subscribing), duplicate applications, or other application conflicts within the same namespace. Ensure you search for the application rather than the container, model, or collections.

You need to configure credentials for access to a Git repository if either of the following are true:

  • You want to use an SSH connection to the repository.

  • You want to use an HTTPS connection to a private repository that requires user and password or TLS client certificate authentication.

Credentials are associated with the repository URL. When you add an application and specify a repository URL that is associated with credentials, Argo CD uses the credentials to connect to the repository.

  1. Select Fleet Command > Settings.

  2. On the Settings page, navigate to the Git Repositories tile and click View Repositories.

  3. On the Git Repositories page, click Configure Git Repositories to add credentials for a repository.

  4. On the Configure Git Repository window, select the type of connection from the Repository Connection menu and then fill in the details about the credentials.

    • Name: Enter a unique name for the repository credentials.

    • Git Repository URL: Enter an HTTPS, SSH, or GIT protocol URL to the Git repository.

    • SSH Private Key Data (SSH Connection): Enter a private key as plain text.

    • Username (HTTPS): Enter the user name for accessing the repository.

    • Password (HTTPS): Enter the password for the user.

    • TLS Client Certificate (HTTPS): Enter the client certificate.

    • TLS Client Certificate Key (HTTPS): Enter the private key.

    • Enable LFS Support: Select the checkbox if the repository uses large file support (LFS).

    • Proxy (HTTPS): Enter a proxy value, such as https://proxy.example.com:8888.

Deployments for Git applications use two status fields.

deps-status-git.png

The Sync Status field indicates the current state of the application at the location compared to the target state of the application in the Git repository.

Sync Status

Description

Unknown The synchronization status could not be reliably determined.
Sync The current state of the application matches the target state in the Git repository.
OutOfSync The target state in the Git repository drifted from the current state of the application.

The App Health field indicates the ability for the application to provide service.

App Health

Description

Unknown The health assessment failed and the health is unknown.
Progressing The application is not healthy, but might reach a healthy state.
Healthy The application is 100% healthy and able to provide service.
Suspended The resource is suspended or paused. This status typically applies to resources other than applications.
Degraded The application did not reach a healthy state within a deadline threshold. One threshold to check is the spec.progressDeadlineSeconds value for the Deployment resource.
Missing The resource is missing from the cluster.
© Copyright 2022-2024, NVIDIA. Last updated on Feb 6, 2024.