|
1 | 1 | # Control Plane |
2 | 2 |
|
3 | | -Control Plane repository defines the desired state of shared infrastructure components and enables self-service onboarding process for the application |
4 | | -developer teams. |
| 3 | +Control Plane repository defines the desired state of shared infrastructure components and enables self-service onboarding process for the application developer teams. |
5 | 4 |
|
6 | 5 | Repository contains the following directories: |
7 | 6 |
|
8 | 7 | * **argocd** - directory contains Argo CD instance configuration. The configuration includes RBAC settings and infrastructure application definitions. |
9 | | -* **clusters** - directory contains adminstrator level cluster configurations. |
10 | | - |
11 | | -## GitOps Process |
12 | | - |
13 | | -The idea is to leverage the GitOps approach and pull requests to allow application developer teams to self-onboard by proposing infrastructure changes via pull requests. |
14 | | -To enable the GitOps process we just need to create an Argo CD application that manages Argo CD configuration and propogate repository changes to the Argo CD Kubernetes namespace. |
15 | | - |
16 | | -## Multi-Tenancy |
17 | | - |
18 | | -Argo CD leverages Projects to separate teams from each other and to where the team can deploy their applications. This task is naturally done by the Argo CD administrator |
19 | | -who is responsible for running the shared Argo CD. However, it does not mean application developers should create tickets to self-onboard. With GitOps, they can send a pull request |
20 | | -that introduces requires Argo CD Projects. |
21 | | - |
22 | | -To create project: |
23 | | - |
24 | | -* Copy the `argocd/team-projects/USERNAME-project.yaml` file and replace `USERNAME` with your GitHub username. |
25 | | -* Commit changes and create a pull request to the `main` branch. |
26 | | - |
27 | | -## Cluster Infrastructure |
28 | | - |
29 | | -Before starting to manage anything, application developer teams need a Kubernetes namespace. To be precise, a set of namespaces, one for each environment. Kubernetes namespaces |
30 | | -are used to isolate application resources from each other and separate teams' permissions, so namespaces must be managed by administrators. |
31 | | - |
32 | | -To create namespace: |
33 | | - |
34 | | -* Copy the `clusters/argocon/USERNAME-namespaces.yaml` file and replace `USERNAME` with your GitHub username. |
35 | | -* Commit changes and create a pull request to the `main` branch. |
36 | | - |
37 | | -## Let's Deploy Something |
38 | | - |
39 | | -Once we are done with configuring infrastructure it's time to use it and deploy something. Jump to |
40 | | -[https://github.com/argocon2022-workshop/demo-app](https://github.com/argocon2022-workshop/demo-app) repository to continue! |
41 | | - |
42 | | -## Automating Cluster Management |
43 | | - |
44 | | -If you've noticed we've manually created two applications to install kyverno and external-secrets onto the managed cluster. |
45 | | -Both kyverno and external-secrets are infrastructure components that are typically installed into all managed clusters. We might |
46 | | -continue to manually create applications for each managed cluster, but this is error-prone and tedious. The process can be automated |
47 | | -using config management tools and some scripting on top but there is a better way. Argo CD provides a first class support |
48 | | -to cluster administrator use cases - ApplicationSet CRD. ApplicationSet automates application management and provide |
49 | | -featutes to automatically create an app for each managed cluster: |
50 | | - |
51 | | -```yaml |
52 | | -apiVersion: argoproj.io/v1alpha1 |
53 | | -kind: ApplicationSet |
54 | | -metadata: |
55 | | - name: addons |
56 | | -spec: |
57 | | - generators: |
58 | | - - matrix: |
59 | | - generators: |
60 | | - - git: |
61 | | - repoURL: https://github.com/akuity-adv-gitops-workshop/control-plane-template |
62 | | - revision: HEAD |
63 | | - directories: |
64 | | - - path: clusters/addons/* |
65 | | - - clusters: |
66 | | - selector: |
67 | | - matchExpressions: |
68 | | - - {key: 'akuity.io/argo-cd-cluster-name', operator: NotIn, values: [in-cluster]} |
69 | | - template: |
70 | | - metadata: |
71 | | - name: '{{path.basename}}-{{name}}' |
72 | | - spec: |
73 | | - project: default |
74 | | - source: |
75 | | - repoURL: https://github.com/akuity-adv-gitops-workshop/control-plane-template |
76 | | - targetRevision: HEAD |
77 | | - path: '{{path}}' |
78 | | - destination: |
79 | | - server: '{{server}}' |
80 | | - namespace: '{{path.basename}}' |
81 | | -``` |
| 8 | +* **clusters** - directory contains adminstrator level cluster configurations. |
0 commit comments