BhuvanChand Maddi

Argo CD

bhuvanchand maddi's photo
bhuvanchand maddi
·

3 min read

Helm Options:

Refer docs

Projects:

For more info refer docs

Projects provide a logical grouping of applications, which is useful when Argo CD is used by multiple teams. Projects provide the following features:

  • restrict what may be deployed (trusted Git source repositories)

  • restrict where apps may be deployed to (destination clusters and namespaces)

  • restrict what kinds of objects may or may not be deployed (e.g. RBAC, CRDs, DaemonSets, NetworkPolicy etc...)

  • defining project roles to provide application RBAC (bound to OIDC groups and/or JWT tokens).

Syncing in ArgoCD:

Automatic Synchronization

  • Periodic Sync: Tools like Argo CD periodically check the version control system for changes. In your case, this happens every 3 minutes. If a difference is detected between the desired state (in Git) and the current state in Kubernetes, a sync is triggered to update the Kubernetes resources.

  • Manual Refresh: In the UI, you often have an option to "refresh" or manually trigger a synchronization. This is useful if you know changes have been made and you don't want to wait for the next automatic check.

Webhooks for Immediate Synchronization

  • Webhooks: To avoid the delay of periodic checks, you can configure webhooks in your version control system. A webhook is an HTTP callback that notifies Argo CD (or a similar tool) immediately when changes are pushed to the repository.

  • Immediate Sync: When a webhook is triggered, Argo CD can immediately check for changes and synchronize, rather than waiting for the next scheduled check. This reduces the latency between a commit being pushed and the changes being applied to your Kubernetes environment.

Configuring Webhooks

  1. Setup in Version Control System: You typically set up webhooks in your repository settings on platforms like GitHub, GitLab, or Bitbucket. You'll need to provide the URL of your Argo CD instance (or similar) that will receive the webhook notifications.

  2. Security Considerations: Ensure secure communication between your version control system and Argo CD. This often involves setting up secrets or tokens for authentication.

  3. Event Types: Configure the webhook to trigger on specific events, like push events, which indicate that new commits have been made to the repository.

Best Practices

  • Testing Webhooks: After setting up, test the webhook to ensure it's triggering as expected and that Argo CD is responding correctly.

  • Monitoring: Keep an eye on the webhook's operation, especially after initial setup or changes, to ensure continuous and reliable synchronization.

  • Fallback: Even with webhooks, it's good to have periodic checks as a fallback in case of any issues with the webhooks.

By combining the use of webhooks with periodic synchronization, you can achieve both immediate updates when changes are made and a safety net to ensure eventual consistency even if webhooks fail for some reason. This approach is a cornerstone of modern GitOps practices, ensuring that your Kubernetes environment is always in sync with your version control system.

ArgoCD