amkartashov/gf-k8s
1
0
Fork 0
mirror of https://github.com/amkartashov/gf-k8s.git synced 2026-01-11 09:59:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
gf-k8s/README.md

56 lines
2.2 KiB
Markdown
Raw Blame History

# GitOps repository for kubernetes cluster
## Applications
| Application | Description | Status |
|----------------|-------------|--------|
| [System](https://argocd.ioot.xyz/applications/argocd/system) | System app of apps |![status](https://argocd.ioot.xyz/api/badge?name=system&revision=true)|
| [Apps](https://argocd.ioot.xyz/applications/argocd/apps) | Main app of apps |![status](https://argocd.ioot.xyz/api/badge?name=apps&revision=true)|
| [ArgoCD](https://argocd.ioot.xyz/applications/argocd/argocd) | |![status](https://argocd.ioot.xyz/api/badge?name=argocd&revision=true)|
## Cluster initialization
Single node cluster.
OS: Debian 11
Cluster created with kubeadm https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/
### ArgoCD bootstrap
* Create ssh key for argocd, f.e. `ssh-keygen -f .ssh/argocd.ioot.xyz`
* Add pub key .ssh/argocd.ioot.xyz.pub to https://github.com/amkartashov/gf-k8s/settings/keys/new
* Run bootstrap script `scripts/bootstrap.sh -k gullfaxi -e gullfaxi`
* Add git repo:
```
argocd login --grpc-web argocd.ioot.xyz
argocd repo add git@github.com:amkartashov/gf-k8s --ssh-private-key-path ~/.ssh/argocd.ioot.xyz
```
* Create new Oauth application <https://github.com/settings/applications/new>:
* Application name: argocd.ioot.xyz
* Homepage URL: https://argocd.ioot.xyz/
* Authorization callback URL: https://argocd.ioot.xyz/api/dex/callback
* Update dex client id and secret:
```
kubectl --context gullfaxi -n argocd patch secret argocd-secret \
--patch='{"stringData": {
"dex.github.clientId": "REPLACE",
"dex.github.clientSecret": "REPLACE"
}}'
```
* Remove secret `kubectl --context gullfaxi -n argocd delete secret argocd-initial-admin-secret`.
## Passing Sensitive Parameters in ArgoCD apps
Used methods:
* manually creating K8s secrets (f.e. this way is used to configure repo secret in argocd)
* manually updating K8s secrets (f.e. this way is used to configure GitHub Oauth App client secret)
* modifying helm parameters in application
## ArgoCD Projects
* `default`: for app-of-apps
* `system`: for cluster system apps, like monitoring + argocd itself
* `apps`: for user level applications
Reference in a new issue View git blame Copy permalink