Skip to main content
Version: 5.15.1

How to Deploy Applications with Argo CD

Prerequisites

Before applying Argo CD with Structsure Enterprise, ensure you have the following:

  • Structsure Enterprise deployed on a system

  • Access to the web interface of Argo CD

  • Credentials for logging into Argo CD

  • Namespace setup with correct labels

  • Iron Bank Credentials loaded on the cluster

Once all prerequisites are met, an application can be deployed via Argo CD.

Labeling an Existing Namespace

In order for the Podinfo application to be deployed in Structsure Enterprise, a namespace with the following labels is required:

  • istio-injection=enabled
  • zarf.dev/agent=ignore

Adding the Istio label ensures that the Istio sidecar is injected and the application is integrated into the service mesh. Whereas, adding the Zarf agent label disables the mutating webhook and allows the workload to pull images from external sources to the cluster.

The following command will add these labels to an existing namespace. In this example, it will deploy to the namespace applications:

sudo kubectl label namespace applications istio-injection=enabled zarf.dev/agent=ignore

Creating a Namespace with the Required Labels

In order to create and apply a namespace to the cluster, the following command will need to be applied:

sudo kubectl create namespace applications
sudo kubectl label namespace applications istio-injection=enabled zarf.dev/agent=ignore

Iron Bank Credentials

Since the namespace ignores the local Zarf registry, it is required to pull from Iron Bank in order for Istio's pods to be deployed.

The following command will create a secret that will pull images from Iron Bank:

sudo kubectl create secret docker-registry private-registry --docker-server=registry1.dso.mil --docker-username=<your-username> --docker-password=<your-password> -n application

Deploying Podinfo with Argo CD

In this example, we will set up Argo CD to Synch and deploy Podinfo to the Kubernetes cluster. Upon logging into Argo CD, select Create Application.

  1. Set the Application Name to podinfo.

  2. Set the Project to the default setting.

  3. Leave the Sync Policy set to Manual.

  4. In the source section, add the following to Repository URL: https://github.com/stefanprodan/podinfo.

  5. Set the Path to Kustomize.

  6. Under Destination, set the Cluster URL to: https://kubernetes.default.svc.

  7. Set the Namespace to applications.

  8. Under the Kustomize section, set the image to: registry.dso.mil/runyontr/podinfo.

  9. Set the Version to: 5.1.4.

  10. Click Create.

  11. Select the app in the list of applications and click Sync.

  12. In the side window, click Synchronize.

The application will synchronize and deploy Podinfo to the cluster. Once it has been fully deployed, it will report back with a healthy icon in Argo CD.

In order to access the application, a VirtualService must be created to access it via the browser. The following file enables access to Podinfo via the browser. Replace EC2-Host with the same IP as the other VirtualServices.

apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: podinfo-virtual-service
  namespace: applications
spec:
  gateways:
    - istio-system/public
  hosts:
    - podinfo.<EC2-Host>.nip.io
  http:
   - route:
      - destination:
          host: podinfo
          port:
            number: 9898

Once the file is on the system, it needs to be applied to the cluster with the following command:

sudo kubectl apply -f <VirtualServiceFile>.yaml

Now that the VirtualService has been created, you can access it via: https://podinfo<EC2-Host>.nip.io.