ArgoCD
Prerequisite
Install ArgoCD:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
Config ArgoCD Plugin with KCL
ArgoCD has already some common built-in plugins, including helm, jsonnet, and kustomize. For KCL, as a brand-new configuration language, if you want to integrate ArgoCD to complete drift detection, you need to follow its plugin mechanism and configure KCL as a third-party plugin. The specific operations are as follows:
- Write the patch YAML configuration file and update the ArgoCD configuration:
cat <<EOF > patch-argocd-cm.yaml
data:
configManagementPlugins: |
- name: kusion
generate:
command: ["sh", "-c"]
args: ["kcl -Y kcl.yaml ci-test/settings.yaml -o ci-test/stdout.golden.yaml"]
lockRepo: true
EOF
kubectl -n argocd patch cm/argocd-cm -p "$(cat patch-argocd-cm.yaml)"
Update ArgoCD Deployment
After completing the first step, ArgoCD will recognize the KCL plugin, but the KCL plugin has not been loaded into the ArgoCD image. To implement configuration drift detection, we have to tune the Deployment of argocd-repo-server.
- Download patch file
wget -q https://raw.githubusercontent.com/KusionStack/examples/main/kusion/argo-cd/patch-argocd-repo-server.yaml
- Update configuration
kubectl -n argocd patch deploy/argocd-repo-server -p "$(cat patch-argocd-repo-server.yaml)"
- Update complete
kubectl get pod -n argocd -l app.kubernetes.io/name=argocd-repo-server
Create KCL Project
At this point, the preparation work has been completed, and now the verification process is started. Here we use example projects from the open-source Konfig library.
- Enable local port forwarding
kubectl port-forward svc/argocd-server -n argocd 8080:443
- Login to ArgoCD
argocd login localhost:8080
- Create ArgoCD Application
argocd app create guestbook-test \
--repo https://github.com/KusionStack/konfig.git \
--path appops/guestbook/prod \
--dest-namespace default \
--dest-server https://kubernetes.default.svc \
--config-management-plugin kusion
If you are using a private repository, you need to configure the private repository access with private key credentials before executing the create command.
Please refer Private Repositories for more details.
After successfully creating, you can see the following output:
application 'guestbook-test' created
Through the ArgoCD UI, you can see that the created applications have not been synchronized yet. Here, you can manually synchronize or set automatic synchronization.
- Set synchronization policy (only
unsyncedresources):
argocd app set guestbook-test --sync-option ApplyOutOfSyncOnly=true
For more information on synchronization strategies, see Sync Options
Sync succeeded:
Configure Drift Detection
At this point, the ArgoCD monitoring KCL project has been completed, implement configuration drift detection and achieve result consistency.
Let's modify the mirror version of guestbook-test to implement configuration changes.
- Update image
appConfiguration: frontend.Server {
- image = "gcr.io/google-samples/gb-frontend:v4"
+ image = "gcr.io/google-samples/gb-frontend:v5"
schedulingStrategy.resource = res_tpl.tiny
}
- Compile Again
kusion compile -w appops/guestbook/prod
- Git commit and push
git add .
git commit -m "manual drifted config for appops/guestbook/prod"
git push origin main
- Drift configuration auto-convergence
