Getting Started

An Argo CD instance dedicated for you has been deployed into the OpenShift Project USER_PLACEHOLDER-argocd. This is one of the benefits of the Operator-based mechanism that OpenShift uses: it’s easy for users to deploy software and solutions.

Review the Argo CD Deployment

In the OpenShift web console, with the Developer perspective active, click the Topology link in the left navigation and make sure that the USER_PLACEHOLDER-argocd Project is selected at the top. You will see the Argo CD deployment in the topology view:

argocd topology

Connecting to Argo CD

While Argo CD generates a default admin user and a random password when first deployed you can also configure Argo CD to use the OpenShift authentication. You can connect to Argo CD using this user account via the CLI or web console. In this workshop, we will only use the Argo CD web console.

There are a few ways to find the URL for your Argo CD instance. In the Topology view of your Project, any Routes/Ingresses associated with services will have a little pop-out icon:

argocd topology link

You can find all of the Routes by clicking the Project link on the left, and then clicking Route on the subsequent page.

Also, you can get the Argo CD Route using the oc CLI:

oc get route -n USER_PLACEHOLDER-argocd USER_PLACEHOLDER-argo-server -o jsonpath='{.spec.host}{"\n"}'

However you decide to access the Argo CD console, log in with the same username and password that you used to login in with OpenShift.

ArgoCDLogin

After you enter your credentials you will see the following prompting you to authorize access, click the "Allow selected permissions" button.

ArgoCDAuthorize

Once you’ve logged in, you should see the following page. This is the Argo CD Web UI.

ArgoCDLogin2

Deploy a Sample Application

As GitOps implies some relationship to Git, we will need to get manifests from a repository somewhere. You will be using the repository that contains this workshop and its documentation as the source of the manifests that define the application state:

Clone the Repository

You need to clone the repository into your web terminal because you will need to make very small changes to some of the files for the examples:

git clone -b REVISION_PLACEHOLDER --single-branch https://github.com/OpenShiftDemos/openshift-gitops-workshop ~/openshift-gitops-workshop

All of the example content will be located in:

~/openshift-gitops-workshop/content/modules/ROOT/examples

Review the Application Manifests

For this first lab, the application manifests are located here and include a Deployment, Service, and Route. We will review these in your terminal, to simplify viewing the files change the path:

cd ~/openshift-gitops-workshop/content/modules/ROOT/examples

Review, but do not apply these manifests to your cluster. You will do that shortly using Argo CD.

A Deployment:

cat ./bgd/bgd-deployment.yaml
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: bgd
  name: bgd
spec:
  replicas: 1
  selector:
    matchLabels:
      app: bgd
  strategy: {}
  template:
    metadata:
      labels:
        app: bgd
    spec:
      containers:
      - image: quay.io/rhdevelopers/bgd:1.0.0
        name: bgd
        env:
        - name: COLOR
          value: "blue"
        resources: {}
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - ALL
      securityContext:
        runAsNonRoot: true
        seccompProfile:
          type: RuntimeDefault
---

A Service:

cat ./bgd/bgd-svc.yaml
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: bgd
  name: bgd
spec:
  ports:
  - port: 8080
    protocol: TCP
    targetPort: 8080
  selector:
    app: bgd
---

A Route:

cat ./bgd/bgd-route.yaml
apiVersion: route.openshift.io/v1
kind: Route
metadata:
  labels:
    app: bgd
  name: bgd
spec:
  port:
    targetPort: 8080
  to:
    kind: Service
    name: bgd
    weight: 100

Deploy the Application

A managed collection of manifests is known as an Application within Argo CD. Therefore, you must define it as such using an Application CR (CustomResource) in order to have Argo CD apply these manifests in your cluster.

Let’s review the Application manifest used to deploy this application (found here) and break this down a bit:

cat ./bgd-app.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: bgd-app
spec:
  destination:
    namespace: USER_PLACEHOLDER-bgd
    server: https://kubernetes.default.svc (1)
  project: default (2)
  source: (3)
    path: documentation/modules/ROOT/examples/bgd
    repoURL: https://github.com/OpenShiftDemos/openshift-gitops-workshop
    targetRevision: master
  syncPolicy: (4)
    automated:
      prune: true
      selfHeal: false
1 The destination server is API endpoint for the cluster where Argo CD is running — in this case, using the locally-resolveable URL for the cluster
2 Here you’re installing the application in Argo CD’s default project (.spec.project).
Argo CD’s concept of a Project is different than OpenShift’s. Here you’re installing the application in Argo CD’s default project (.spec.project). NOT OpenShift’s default project.
3 The manifest repo, and the path within it where the YAML resides.
4 The syncPolicy is set to automated. It will automatically prune resources that have been removed from the Git repo, but will not automatically correct resources that deviate from the definition stored in the repo, i.e manual changes made using oc or kubectl will not be "healed".

You will create an Application by slightly modifying the provided example inline using the command below:

sed 's/$USER/USER_PLACEHOLDER/' ~/openshift-gitops-workshop/content/modules/ROOT/examples/bgd-app.yaml | oc apply -n USER_PLACEHOLDER-argocd -f -

The newly created Application appears as a tile with the title bgd-app in the Argo CD UI.

SampleApp

Clicking on this tile takes you to the application details page. You may see it as still progressing or fully synced.

SampleApp

At this point the application should be up and running. Verify that the resources were created:

oc get all -n USER_PLACEHOLDER-bgd

The output should list several things:

NAME                       READY   STATUS    RESTARTS   AGE
pod/bgd-74cf584546-tlqdm   1/1     Running   0          12m

NAME          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
service/bgd   ClusterIP   172.30.124.158   <none>        8080/TCP   12m

NAME                  READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/bgd   1/1     1            1           12m

NAME                             DESIRED   CURRENT   READY   AGE
replicaset.apps/bgd-74cf584546   1         1         1       12m

NAME                           HOST/PORT                                                       PATH   SERVICES   PORT   TERMINATION   WILDCARD
route.route.openshift.io/bgd   bgd-USER_PLACEHOLDER-bgd.apps.cluster-7pjzx.7pjzx.sandbox141.opentlc.com          bgd        8080                 None

Extra Credit: Do you know why you have a ReplicaSet?

Wait for the rollout of the new pods to happen in the deployment:

oc rollout status deploy/bgd -n USER_PLACEHOLDER-bgd

If it is successful, you can now visit the deployed application in the browser.

From the OpenShift web console, select USER_PLACEHOLDER-bgd Project from drop-down menu, and use the Topology view to find the link as you did with the Argo CD console.

BGD App

Alternatively, get the app Route from the CLI:

oc get route bgd -n USER_PLACEHOLDER-bgd -o jsonpath='{"http://"}{.spec.host}{"\n"}'
This route is only available via HTTP. If you try to visit via HTTPS, you will get an Application not available error. Do you know why that is?

Your application should look like this.

SampleApp

Addressing Configuration Drift

Let’s introduce a change in the application environment! Patch the live Deployment manifest to change the color of the bubbles in the application from blue to green:

oc -n USER_PLACEHOLDER-bgd patch deploy/bgd --type='json' -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/env/0/value", "value":"green"}]'

Wait for the rollout of the new pods to happen in the deployment:

oc rollout status deploy/bgd -n USER_PLACEHOLDER-bgd

Refresh the browser tab where your application is running. You should see green bubbles.

BDG Green

Looking over at your Argo CD Web UI, you can see that Argo detects your application as "Out of Sync".

Out of Sync

You can sync your app via the Argo CD by:

  • First clicking SYNC

  • Then clicking SYNCHRONIZE

After the sync process is done, the Argo CD UI should mark the application as in sync.

Fully Synced

Reload the page on the tab where the application is running. The bubbles should have returned to their original blue color.

BDG App

You can set up Argo CD to automatically correct drift by setting the selfHeal property of the Application manifest to do so. Using the example from above:

# bgd-app.yaml
...
spec:
  syncPolicy:
    automated:
      prune: true
      selfHeal: true # Set this to true

Or, as in our case, after the fact by running the following command:

oc patch application/bgd-app -n USER_PLACEHOLDER-argocd --type=merge -p='{"spec":{"syncPolicy":{"automated":{"prune":true,"selfHeal":true}}}}'