Using ArgoCD
Install ArgoCD Using helm
argocd-values.yaml
Accese ArgoCD Dashboard using port-forward
Get Admin Password
Connect to ArgoCD Server using CLI
You can access dashboard using this address(https://127.0.0.1:8080).
Tip
If you want to use load balancer to access argocd using CLI, you should use Network Load Balancer.
You cannot use argocd cli if you use ALB ingress.
Sync application using ArgoCD API
import requests
class BearerAuth(requests.auth.AuthBase):
    def __init__(self, token):
        self.token = token
    def __call__(self, r):
        r.headers["authorization"] = "Bearer " + self.token
        return r
response = requests.post(
    'http://<argocd-url>/api/v1/session',
    json={
      'username': '<username>',
      'password': '<password>'
    }
)
token = response.json()['token']
requests.post('http://<argocd-url>/api/v1/applications/<application name>/sync', auth=BearerAuth(token))
Add other Kubernetes cluster
ARGOCD_CONTEXT_NAME="<argocd context name>"
TARGET_CONTEXT_NAME="<target context name>"
kubectl apply \
    -f https://raw.githubusercontent.com/marcus16-kang/aws-resources-example/main/scripts/eks/argocd-manager.yaml \
    --context $TARGET_CONTEXT_NAME
ARN=$(kubectl config view -o jsonpath="{$.contexts[?(@.name==\"$TARGET_CONTEXT_NAME\")].context.cluster}")
REGION=$(echo $ARN | cut -d ':' -f 4)
CLUSTER_NAME=$(echo $ARN | cut -d '/' -f 2)
CLUSTER_INFO=$(aws eks describe-cluster \
    --name $CLUSTER_NAME \
    --region $REGION)
CLUSTER_URL=$(echo $CLUSTER_INFO | jq -r '.cluster.endpoint')
CLUSTER_CA=$(echo $CLUSTER_INFO | jq -r '.cluster.certificateAuthority.data')
TOKEN=$(kubectl get secret argocd-manager \
    -n kube-system \
    -o jsonpath="{.data.token}" \
    --context $TARGET_CONTEXT_NAME \
| base64 -d)
curl -LO https://raw.githubusercontent.com/marcus16-kang/aws-resources-example/main/scripts/eks/cluster-secret.yaml
sed -i "s|CLUSTER_NAME|$CLUSTER_NAME|g" cluster-secret.yaml
sed -i "s|TOKEN|$TOKEN|" cluster-secret.yaml
sed -i "s|CA_DATA|$CLUSTER_CA|" cluster-secret.yaml
sed -i "s|SERVER_URL|$CLUSTER_URL|" cluster-secret.yaml
kubectl apply -f ./cluster-secret.yaml --context $ARGOCD_CONTEXT_NAME
$ARGOCD_CONTEXT_NAME="<argocd context name>"
$TARGET_CONTEXT_NAME="<target context name>"
kubectl apply `
    -f https://raw.githubusercontent.com/marcus16-kang/aws-resources-example/main/scripts/eks/argocd-manager.yaml `
    --context $TARGET_CONTEXT_NAME
$ARN = kubectl config view -o jsonpath="{$.contexts[?(@.name=='$TARGET_CONTEXT_NAME')].context.cluster}"
$REGION = $ARN.Split(':')[3]
$CLUSTER_NAME = $ARN.Split('/')[1]
$CLUSTER_INFO = aws eks describe-cluster `
    --name $CLUSTER_NAME `
    --region $REGION | ConvertFrom-Json
$CLUSTER_URL = $CLUSTER_INFO.cluster.endpoint
$CLUSTER_CA = $CLUSTER_INFO.cluster.certificateAuthority.data
$TOKEN = kubectl get secret argocd-manager `
    -n kube-system `
    -o jsonpath="{.data.token}" `
    --context $TARGET_CONTEXT_NAME | %{[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_))}
curl.exe -LO https://raw.githubusercontent.com/marcus16-kang/aws-resources-example/main/scripts/eks/cluster-secret.yaml
$yaml = Get-Content -Path ./cluster-secret.yaml
$yaml = $yaml -replace 'CLUSTER_NAME', $CLUSTER_NAME
$yaml = $yaml -replace 'SA_TOKEN', $TOKEN
$yaml = $yaml -replace 'CA_DATA', $CLUSTER_CA
$yaml = $yaml -replace 'SERVER_URL', $CLUSTER_URL
$yaml | Out-File -Encoding utf8 ./cluster-secret.yaml
kubectl apply -f ./cluster-secret.yaml --context $ARGOCD_CONTEXT_NAME
argocd-manager.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: argocd-manager
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: argocd-manager-role
rules:
  - apiGroups:
      - '*'
    resources:
      - '*'
    verbs:
      - '*'
  - nonResourceURLs:
      - '*'
    verbs:
      - '*'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: argocd-manager-role-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: argocd-manager-role
subjects:
  - kind: ServiceAccount
    name: argocd-manager
    namespace: kube-system
---
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
  name: argocd-manager
  namespace: kube-system
  annotations:
    kubernetes.io/service-account.name: argocd-manager
cluster-secret.yaml
Install ArgoCD Image Updater using helm
Create ServiceAccount using eksctl
CLUSTER_NAME="<cluster name>"
ROLE_NAME="<role name>"
PROJECT_NAME="<project name>"
REGION="<region code>"
eksctl create iamserviceaccount \
    --cluster $CLUSTER_NAME \
    --name argocd-image-updater \
    --namespace argocd \
    --attach-policy-arn arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly \
    --role-name $ROLE_NAME \
    --tags project=$PROJECT_NAME \
    --region $REGION \
    --approve
$CLUSTER_NAME="<cluster name>"
$ROLE_NAME="<role name>"
$PROJECT_NAME="<project name>"
$REGION="<region code>"
eksctl create iamserviceaccount `
    --cluster $CLUSTER_NAME `
    --name argocd-image-updater `
    --namespace argocd `
    --attach-policy-arn arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly `
    --role-name $ROLE_NAME `
    --tags project=$PROJECT_NAME `
    --region $REGION `
    --approve
Get ArgoCD API Key
Install ArgoCD Image Updater
TOKEN="<argocd token>"
REGION="<region code>"
ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
curl -LO https://raw.githubusercontent.com/marcus16-kang/aws-resources-example/main/scripts/eks/argocd-image-updater-values.yaml
sed -i "s|ARGOCD_TOKEN|$TOKEN|g" argocd-image-updater-values.yaml
sed -i "s|ACCOUNT_ID|$ACCOUNT_ID|g" argocd-image-updater-values.yaml
sed -i "s|REGION_CODE|$REGION|g" argocd-image-updater-values.yaml
helm repo add argo https://argoproj.github.io/argo-helm
helm install argocd-image-updater argo/argocd-image-updater \
    --namespace argocd \
    --values ./argocd-image-updater-values.yaml
$TOKEN="<argocd token>"
$REGION="<region code>"
$ACCOUNT_ID = aws sts get-caller-identity --query "Account" --output text
curl.exe -LO https://raw.githubusercontent.com/marcus16-kang/aws-resources-example/main/scripts/eks/argocd-image-updater-values.yaml
(Get-Content -Path argocd-image-updater-values.yaml -Raw) -replace 'ARGOCD_TOKEN', $TOKEN `
                                                        -replace 'ACCOUNT_ID', $ACCOUNT_ID `
                                                        -replace 'REGION_CODE', $REGION | Set-Content -Path argocd-image-updater-values.yaml -Encoding utf8
helm repo add argo https://argoproj.github.io/argo-helm
helm install argocd-image-updater argo/argocd-image-updater `
    --namespace argocd `
    --values ./argocd-image-updater-values.yaml
argocd-image-updater-values.yaml
Install ArgoCD Rollouts using helm
Access Argo Rollouts Dashboard using port-forward
You can access dashboard using this address(http://127.0.0.1:31000).
Install kubectl Plugin
curl -LO https://github.com/argoproj/argo-rollouts/releases/download/v1.5.1/kubectl-argo-rollouts-linux-amd64
sudo install -o root -g root -m 0755 kubectl-argo-rollouts-linux-amd64 /usr/local/bin/kubectl-argo-rollouts
sudo install -o root -g root -m 0755 kubectl-argo-rollouts-linux-amd64 /usr/bin/kubectl-argo-rollouts
rm kubectl-argo-rollouts-linux-amd64
kubectl argo rollouts version
curl -LO https://github.com/argoproj/argo-rollouts/releases/download/v1.5.1/kubectl-argo-rollouts-linux-arm64
sudo install -o root -g root -m 0755 kubectl-argo-rollouts-linux-arm64 /usr/local/bin/kubectl-argo-rollouts
sudo install -o root -g root -m 0755 kubectl-argo-rollouts-linux-arm64 /usr/bin/kubectl-argo-rollouts
rm kubectl-argo-rollouts-linux-arm64
kubectl argo rollouts version