Getting Started¶
开始¶
Tip 小费
This guide assumes you have a grounding in the tools that Argo CD is based on. Please read understanding the basics to learn about these tools.
本指南假设你已经掌握了 Argo CD 所基于的工具。请阅读了解基础知识来学习这些工具。
Requirements¶
要求¶
- Installed kubectl command-line tool.
已安装kubectl命令行工具。 - Have a kubeconfig file (default location is
~/.kube/config).
有一个kubeconfig文件(默认位置为~/.kube/config)。 - CoreDNS. Can be enabled for microk8s by
microk8s enable dns && microk8s stop && microk8s start
CoreDNS。可以通过microk8s enable dns && microk8s stop && microk8s start在 microk8s 中启用。
1. Install Argo CD¶
1. 安装 Argo CD¶
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
This will create a new namespace, argocd, where Argo CD services and application resources will live.
这将创建一个新的命名空间 argocd,Argo CD 服务和应用程序资源将在此命名空间中运行。
Warning 警告
The installation manifests include ClusterRoleBinding resources that reference argocd namespace. If you are installing Argo CD into a different
namespace then make sure to update the namespace reference.
安装清单包括ClusterRoleBinding资源,这些资源引用argocd名称空间。如果您将 Argo CD 安装到不同的名称空间,则请确保更新名称空间引用。
Tip 小费
If you are not interested in UI, SSO, and multi-cluster features, then you can install only the core Argo CD components.
如果您对 UI、SSO 和多集群功能不感兴趣,那么您只需安装核心Argo CD 组件即可。
This default installation will have a self-signed certificate and cannot be accessed without a bit of extra work.
Do one of:
这个默认安装将有一个自签名证书,无法在不进行额外工作的情况下访问。请执行以下操作之一:
- Follow the instructions to configure a certificate (and ensure that the client OS trusts it).
按照说明配置证书(并确保客户端操作系统信任该证书)。 - Configure the client OS to trust the self signed certificate.
配置客户端操作系统以信任自签名证书。 - Use the --insecure flag on all Argo CD CLI operations in this guide.
在本指南中的所有 Argo CD CLI 操作中使用 --insecure 标志。
Note 注意
Default namespace for kubectl config must be set to argocd.
This is only needed for the following commands since the previous commands have -n argocd already:
kubectl config set-context --current --namespace=argocdkubectl配置的默认名称空间必须设置为argocd。这仅适用于以下命令,因为之前的命令已经有-n argocd 了: kubectl config set-context --current --namespace=argocd
Use argocd login --core to configure CLI access and skip steps 3-5.
使用 argocd login --core 来 配置 CLI 访问,跳过步骤 3-5。
Note 注意
This default installation for Redis is using password authentication. The Redis password is stored in Kubernetes secret argocd-redis with key auth in the namespace where Argo CD is installed.
此 Redis 的默认安装使用密码身份验证。Redis 密码存储在 Kubernetes secret argocd-redis中的auth密钥中,位于安装了 Argo CD 的命名空间中。
2. Download Argo CD CLI¶
2. 下载 Argo CD CLI¶
Download the latest Argo CD version from https://github.com/argoproj/argo-cd/releases/latest. More detailed installation instructions can be found via the CLI installation documentation.
从https://github.com/argoproj/argo-cd/releases/latest下载最新版本的 Argo CD。更详细的安装说明可以在CLI 安装文档中找到。
Also available in Mac, Linux and WSL Homebrew:
同样可在 Mac、Linux 和 WSL Homebrew 上使用:
brew install argocd
3. Access The Argo CD API Server¶
3. 访问 Argo CD API 服务器¶
By default, the Argo CD API server is not exposed with an external IP. To access the API server,
choose one of the following techniques to expose the Argo CD API server:
默认情况下,Argo CD API 服务器未通过外部 IP 公开。要访问 API 服务器,请选择以下任一种技术来公开 Argo CD API 服务器:
Service Type Load Balancer¶
服务类型负载均衡¶
Change the argocd-server service type to LoadBalancer:
将 argocd-server 服务类型更改为负载均衡器:
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'
Ingress¶ 入口¶
Follow the ingress documentation on how to configure Argo CD with ingress.
跟随ingress 文档来配置 Argo CD 与 ingress.
Port Forwarding¶
端口转发¶
Kubectl port-forwarding can also be used to connect to the API server without exposing the service.
kubectl 端口转发也可用于在不暴露服务的情况下连接到 API 服务器。
kubectl port-forward svc/argocd-server -n argocd 8080:443
The API server can then be accessed using https://localhost:8080
API 服务器可以使用 https://localhost:8080 进行访问
4. Login Using The CLI¶
4. 使用 CLI 登录¶
The initial password for the admin account is auto-generated and stored as
clear text in the field password in a secret named argocd-initial-admin-secret
in your Argo CD installation namespace. You can simply retrieve this password
using the argocd CLI:admin账户的初始密码是自动生成的,以明文形式存储在 Argo CD 安装命名空间中名为argocd-initial-admin-secret的 secret 的password字段中。您可以使用argocdCLI 简单地检索这个密码:
argocd admin initial-password -n argocd
Warning 警告
You should delete the argocd-initial-admin-secret from the Argo CD
namespace once you changed the password. The secret serves no other
purpose than to store the initially generated password in clear and can
safely be deleted at any time. It will be re-created on demand by Argo CD
if a new admin password must be re-generated.
一旦您更改了密码,您应该从 Argo CD 命名空间中删除 argocd-initial-admin-secret。该密钥的唯一用途是以明文形式存储最初生成的密码,可以随时安全删除。如果需要重新生成管理员密码,Argo CD 会根据需要重新创建它。
Using the username admin and the password from above, login to Argo CD's IP or hostname:
使用用户名 admin 和上面的密码,登录到 Argo CD 的 IP 或主机名:
argocd login <ARGOCD_SERVER>
Note 注意
The CLI environment must be able to communicate with the Argo CD API server. If it isn't directly accessible as described above in step 3, you can tell the CLI to access it using port forwarding through one of these mechanisms: 1) add --port-forward-namespace argocd flag to every CLI command; or 2) set ARGOCD_OPTS environment variable: export ARGOCD_OPTS='--port-forward-namespace argocd'.
CLI 环境必须能够与 Argo CD API 服务器通信。如果它不像步骤 3 中所述那样直接可访问,您可以通过以下任一机制让 CLI 访问它:1) 将 --port-forward-namespace argocd 标志添加到每个 CLI 命令中;或 2) 设置 ARGOCD_OPTS 环境变量: export ARGOCD_OPTS='--port-forward-namespace argocd' 。
Change the password using the command:
使用以下命令修改密码:
argocd account update-password
5. Register A Cluster To Deploy Apps To (Optional)¶
5. 注册一个集群以部署应用程序(可选)¶
This step registers a cluster's credentials to Argo CD, and is only necessary when deploying to
an external cluster. When deploying internally (to the same cluster that Argo CD is running in),
https://kubernetes.default.svc should be used as the application's K8s API server address.
此步骤将集群的凭据注册到 Argo CD,仅在部署到外部集群时才需要。在内部部署(到 Argo CD 运行所在的同一集群)时,应使用 https://kubernetes.default.svc 作为应用程序的 K8s API 服务器地址。
First list all clusters contexts in your current kubeconfig:
在您当前的 kubeconfig 中列出所有集群上下文:
kubectl config get-contexts -o name
Choose a context name from the list and supply it to argocd cluster add CONTEXTNAME. For example,
for docker-desktop context, run:
从列表中选择一个上下文名称并将其提供给 argocd cluster add CONTEXTNAME 。例如,对于 docker-desktop 上下文,请运行:
argocd cluster add docker-desktop
The above command installs a ServiceAccount (argocd-manager), into the kube-system namespace of
that kubectl context, and binds the service account to an admin-level ClusterRole. Argo CD uses this
service account token to perform its management tasks (i.e. deploy/monitoring).
以上命令在该 kubectl 上下文的 kube-system 命名空间中安装了一个 ServiceAccount(argocd-manager),并将该服务帐户绑定到一个管理员级别的 ClusterRole。Argo CD 使用此服务帐户令牌执行其管理任务(即部署/监控)。
Note 注意
The rules of the argocd-manager-role role can be modified such that it only has create, update, patch, delete privileges to a limited set of namespaces, groups, kinds.
However get, list, watch privileges are required at the cluster-scope for Argo CD to function.argocd-manager-role角色的规则可以修改,以使其只拥有对有限集合的命名空间、组和种类的create、update、patch、delete权限。但是 Argo CD 的功能需要在集群范围内拥有get、list、watch权限。
6. Create An Application From A Git Repository¶
6. 从 Git 存储库创建应用程序¶
An example repository containing a guestbook application is available at
https://github.com/argoproj/argocd-example-apps.git to demonstrate how Argo CD works.
一个包含客户留言薄应用程序的示例存储库可在https://github.com/argoproj/argocd-example-apps.git获得,以演示 Argo CD 的工作方式。
Creating Apps Via CLI¶
通过 CLI 创建应用程序¶
First we need to set the current namespace to argocd running the following command:
kubectl config set-context --current --namespace=argocd
Create the example guestbook application with the following command:
argocd app create guestbook --repo https://github.com/argoproj/argocd-example-apps.git --path guestbook --dest-server https://kubernetes.default.svc --dest-namespace default
Creating Apps Via UI¶
Open a browser to the Argo CD external UI, and login by visiting the IP/hostname in a browser and use the credentials set in step 4.
After logging in, click the + New App button as shown below:
Give your app the name guestbook, use the project default, and leave the sync policy as Manual:
Connect the https://github.com/argoproj/argocd-example-apps.git repo to Argo CD by setting repository url to the github repo url, leave revision as HEAD, and set the path to guestbook:
For Destination, set cluster URL to https://kubernetes.default.svc (or in-cluster for cluster name) and namespace to default:
After filling out the information above, click Create at the top of the UI to create the guestbook application:
7. Sync (Deploy) The Application¶
Syncing via CLI¶
Once the guestbook application is created, you can now view its status:
$ argocd app get guestbook
Name: guestbook
Server: https://kubernetes.default.svc
Namespace: default
URL: https://10.97.164.88/applications/guestbook
Repo: https://github.com/argoproj/argocd-example-apps.git
Target:
Path: guestbook
Sync Policy: <none>
Sync Status: OutOfSync from (1ff8a67)
Health Status: Missing
GROUP KIND NAMESPACE NAME STATUS HEALTH
apps Deployment default guestbook-ui OutOfSync Missing
Service default guestbook-ui OutOfSync Missing
The application status is initially in OutOfSync state since the application has yet to be
deployed, and no Kubernetes resources have been created. To sync (deploy) the application, run:
argocd app sync guestbook
This command retrieves the manifests from the repository and performs a kubectl apply of the
manifests. The guestbook app is now running and you can now view its resource components, logs,
events, and assessed health status.
Syncing via UI¶
On the Applications page, click on Sync button of the guestbook application:
A panel will be opened and then, click on Synchronize button.
You can see more details by clicking at the guestbook application:
