What is ArgoCD

Introduction to ArgoCD

ArgoCD is a CNCF certified open-source CI/CD delivery platform built from the ground up for Kubernetes, making ArgoCD one of the few truly cloud native continuous delivery platforms. Being designed and built for deploying applications on Kubernetes, ArgoCD can also enable GitOps workflows and deploy applications on-demand via automation at scale. As the Argo team puts it, “Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.”

How does ArgoCD help in a Kubernetes World?

Kubernetes applications are defined as manifests that define the desired state of your application. Once the application is deployed on a Kubernetes cluster, the Kubernetes control plane actively manages your application's actual state continually to match the desired state you provide.

Your Kubernetes application manifest includes some crucial information that describes the application's dependence on the infrastructure (e.g., labels, taints, limits, reservations, etc.). Proper functioning of your Kubernetes applications requires that your developers, DevOps, and production ops teams understand this dependence of your applications on the infrastructure and can configure it properly across various environments such as dev-test, staging, and production. This typically means creating different flavors of the application manifest, customized to each environment.

This in turn creates 3 unique problems:

  1. Where should the manifests be stored?
  2. How should they be versioned?
  3. How to ensure that as different instances of the application run across different environments, such as /dev/test or staging or production, that they all run with the right configuration?

What's more, an application may require the target cluster to be configured a certain way for it to operate securely and perform as expected. Configurations may change depending on whether the application is being deployed for in house testing, or in a production deployment. For example, an application may require certain specific network security policies when deployed in production, but an entirely different configuration when deployed in test or staging environments.

Different flavors of the application across different environments thus may also need different flavors of Kubernetes objects for proper functioning of the software.

ArgoCD helps solve these problems using established GitOps principles. Once setup and connected to a Kubernetes cluster and authenticated to one or more public or private git repositories, ArgoCD reads the application manifests directly from the git repositories. ArgoCD then deploys cloud native applications and Kubernetes objects, such as RBAC policies, onto the connected clusters based on their definition in the git repository. Once deployed, ArgoCD will continuously monitor the current state of the application or the Kubernetes object in the cluster for any change in configuration. It will also monitor the git repository for any updates to the manifests, or the desired state. If either changes, ArgoCD can automatically, or manually, resolve the discrepancy to ensure that the application or Kubernetes objects are always consistent with the desired state as defined in the git repository.

Resolving discrepancies in this manner leverages the ability to track change, which can then be extended to continuously deploy changes to an application's configuration. If a new container image is built or deployed, an upgraded version of the application is updated in real time.

Since ArgoCD understands Kubernetes application manifests and supports all the commonly used application packaging options, (Kustomize, Helm, Ksonnet, Jsonnet, or just plain-yaml). Using ArgoCD in conjunction with Kubernetes ensures consistent deployment of applications across various stages of the application development lifecycle.

Continuous Deployment (CD) is a software engineering approach in which software applications are delivered frequently through automated deployments. CD contrasts with Continuous Delivery, a similar approach, in which software functionalities are also frequently delivered and deemed to be potentially capable of being continuously deployed, but are actually not deployed continuously.

In an environment in which applications are deployed as data-centric microservices, and where the microservices can have multiple instances, CD consists of instantiating the new version of a microservice and retiring the old version once it has drained all the requests in flight.

Ref: https://en.wikipedia.org/wiki/Continuous_deployment

Platform9 ArgoCD-as-a-Service Architecture

Platform9 operates ArgoCD alongside Platform9 Managed Kubernetes (PMK), and delivers it as a SaaS hosted service. When ArgoCD service is enabled in your Platform9 deployment, any Kubernetes cluster built or imported into PMK is automatically registered with the ArgoCD service. Platform9 also federates identity across PMK and ArgoCD, so users can use the same credentials to log into PMK and ArgoCD.

With the integrated ArgoCD offering, Platform9 thus provides a single platform for integrated and seamless management of Kubernetes clusters & cloud native applications.

ArgoCD Features

Platform Features

  • Git-based deployment of applications to specific environments
  • Ready to scale; supports multiple clusters from a single instance.
  • Integrated with Platform9 SSO
  • Integrated with Platform9 multi-tenancy and RBAC
  • The WebApp is directly accessible from Platform9
  • Supports the upstream ArgoCD CLI, enabling automation and CI integration
  • Native Webhook integration for upstream platforms such as GitHub, Bitbucket, GitLab

CD Features

  • Built in support for Kustomize, Helm, Ksonnet, Jsonnet, plain-YAML
  • Rollback/Roll-anywhere to any application configuration committed in a git repository
  • PreSync, Sync, PostSync hooks to support complex application rollouts (e.g., blue/green & canary upgrades)
  • Parameter overrides for overriding ksonnet/helm parameters in Git

Application Management Features

  • ArgoCD continuously monitors and reports the health of each deployed application
  • Built in drift detection with code block visualization
  • Manage desired state with either automated or manual state synchronization

Has Platform9 Changed ArgoCD from Upstream?

The short answer is no, ArgoCD will work nearly identically to an on-premises installation. However, to run ArgoCD-as-a-Service, we have made implementation decisions. The following is an outline of features that may operate differently to an on-premises installation:

  1. SSO: ArgoCD's DEX is integrated into Platform9, this means enterprise SSO is achieved via Platform9

  2. RBAC: ArgoCD roles have been mapped into Platform9 roles, with support for Read Only & Administrative Access

  3. Secrets Management: Secrets must be managed externally to ArgoCD. At this time, Platform9's ArgoCD-as-a-Service does not support adding Secrets or running an integrated Secret Management tool.

    1. The recommended approach is to leverage a target cluster-side tool such as Sealed Secrets by Bitnami

  4. Installation of ArgoCD Labs Projects and other tools: Since ArgoCD is SaaS-based, users cannot install additional tooling. For any missing capabilities, please post an idea to Platform9 Ideas.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
ArgoCD Quickstart

© 2023 Platform9. All Rights Reserved

On This Page
What is ArgoCDIntroduction to ArgoCDHow does ArgoCD help in a Kubernetes World?Platform9 ArgoCD-as-a-Service ArchitectureArgoCD FeaturesPlatform FeaturesCD FeaturesApplication Management FeaturesHas Platform9 Changed ArgoCD from Upstream?