How to Deploy Applications with Argo CD
Prerequisites
Before applying Argo CD with Structsure Enterprise, ensure you have the following:
Structsure Enterprise deployed on a system
Access to the web interface of Argo CD
Credentials for logging into Argo CD
Namespace setup with correct labels
Iron Bank Credentials loaded on the cluster
Once all prerequisites are met, an application can be deployed via Argo CD.
Labeling an Existing Namespace
In order for the Podinfo application to be deployed in Structsure Enterprise, a namespace with the following labels is required:
- istio-injection=enabled
- zarf.dev/agent=ignore
Adding the Istio label ensures that the Istio sidecar is injected and the application is integrated into the service mesh. Whereas, adding the Zarf agent label disables the mutating webhook and allows the workload to pull images from external sources to the cluster.
The following command will add these labels to an existing namespace. In this example, it will deploy to the namespace applications:
sudo kubectl label namespace applications istio-injection=enabled zarf.dev/agent=ignore
Creating a Namespace with the Required Labels
In order to create and apply a namespace to the cluster, the following command will need to be applied:
sudo kubectl create namespace applications
sudo kubectl label namespace applications istio-injection=enabled zarf.dev/agent=ignore
Iron Bank Credentials
By default, Structsure is configured to pull Iron Bank containers from Zarf's registry. However, if that has been disabled via configuration, since the namespace ignores the local Zarf registry, it is required to pull from Iron Bank in order for Istio's pods to be deployed.
The following command will create a secret that will pull images from Iron Bank:
sudo kubectl create secret docker-registry private-registry --docker-server=registry1.dso.mil --docker-username=<your-username> --docker-password=<your-password> -n application
Deploying Podinfo with Argo CD
In this example, we will set up Argo CD to Synch and deploy Podinfo to the Kubernetes cluster. Upon logging into Argo CD, select Create Application.
Set the Application Name to
podinfo.Set the Project to the
defaultsetting.Leave the Sync Policy set to
Manual.In the source section, add the following to Repository URL:
https://github.com/stefanprodan/podinfo.Set the Path to
Kustomize.Under Destination, set the Cluster URL to:
https://kubernetes.default.svc.Set the Namespace to
applications.Under the Kustomize section, set the image to:
registry.dso.mil/runyontr/podinfo.Set the Version to:
5.1.4.Click Create.
Select the app in the list of applications and click Sync.
In the side window, click Synchronize.
The application will synchronize and deploy Podinfo to the cluster. Once it has been fully deployed, it will report back with a healthy icon in Argo CD.
In order to access the application, a VirtualService must be created to access it via the browser. The following file enables access to Podinfo via the browser. Replace EC2-Host with the same IP as the other VirtualServices.
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: podinfo-virtual-service
namespace: applications
spec:
gateways:
- istio-system/public
hosts:
- podinfo.<EC2-Host>.nip.io
http:
- route:
- destination:
host: podinfo
port:
number: 9898
Once the file is on the system, it needs to be applied to the cluster with the following command:
sudo kubectl apply -f <VirtualServiceFile>.yaml
Now that the VirtualService has been created, you can access it via: https://podinfo<EC2-Host>.nip.io.