ArgoCD + Kustomize
Deploy Kitchensink app with ArgoCD + Kustomize
Now we are going to deploy the same application in the same way, but instead of using descriptors directly we are going to customize them for the corresponding environment (overlay) using kustomize.
In this case, you will deploy your application in two environments (overlays in kustomize jargon): dev
and test
. This two environments will map to two namespaces:
-
dev
→kustomize-dev-%USERNAME%
-
test
→kustomize-test-%USERNAME%
How does kustomize
work? In a nutshell, you give kustomize a bunch of descriptors and it will put them in a certain namespace, set labels to all the objects and patch them if necessary. Ideal to deploy an application in a given environment isn’t it?
At a lower level kustomize
requires a kustomization.yml
that points to the descriptors you want to deploy in a certain namespace (of course and adding labels, patching, etc.). Find below the kustomization.yml file corresponding to the dev
environment:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
bases:
- ../../basic (1)
namespace: kustomize-dev-%USERNAME% (2)
commonLabels: (3)
app.kubernetes.io/part-of: kitchensink-app
app.kubernetes.io/managed-by: argocd
secretGenerator:
- name: kitchensink-database-secret
literals:
- DB_HOST=events-database
- DB_USER=luke
- DB_PASSWORD=secret
- DB_NAME=EVENTS
patchesJson6902:
- target:
group: apps.openshift.io
version: v1
kind: DeploymentConfig
name: kitchensink
path: patch/deployment_patch.yml
1 | Points to the folder[1] of descriptors you used before |
2 | Namespace to put all descriptors in |
3 | Labels to apply to all resources |
You can find the two overlays below:
https://repository-gitea-system.apps.%BASE_SUBDOMAIN%/%USERNAME%/kitchensink-conf/src/branch/main/kustomize/dev
https://repository-gitea-system.apps.%BASE_SUBDOMAIN%/%USERNAME%/kitchensink-conf/src/branch/main/kustomize/test
Deploy Using Kustomize and an ApplicationSet
cat <<EOF | oc apply -n openshift-gitops -f -
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: kitchensink-kustomize-%USERNAME%
namespace: openshift-gitops
labels:
argocd-root-app: "true"
username: %USERNAME%
spec:
generators: (1)
- list:
elements:
- env: dev
ns: kustomize-dev-%USERNAME%
desc: "Kustomize Dev"
- env: test
ns: kustomize-test-%USERNAME%
desc: "Kustomize Test"
template: (2)
metadata:
name: kitchensink-kustomize-app-{{ env }}-%USERNAME%
namespace: openshift-gitops
labels:
kitchensink-root-app: "true"
username: %USERNAME%
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
namespace: '{{ ns }}'
name: in-cluster
ignoreDifferences:
- group: apps.openshift.io
kind: DeploymentConfig
jqPathExpressions:
- .spec.template.spec.containers[].image
project: default
syncPolicy:
automated:
selfHeal: true
syncOptions:
- CreateNamespace=true
source:
path: kustomize/{{ env }}
repoURL: "https://repository-gitea-system.apps.%BASE_SUBDOMAIN%/%USERNAME%/kitchensink-conf"
targetRevision: main
EOF
1 | This generator will create two Applications for both overlays: dev and test |
2 | This template uses attributes ns and env to customize the Application object for the two overlays |
We can check the deployment status in both Argo and OpenShift.
Argo
Open the following link to see the new Application objects you just created through the ApplicationSet in ArgoCD UI.
https://openshift-gitops-server-openshift-gitops.apps.%BASE_SUBDOMAIN%
OpenShift
To see the progress of deployment you should go to namespace kustomize-dev-%USERNAME%
and namespace kustomize-test-%USERNAME%
in the OpenShift web console or just copy the following links.
https://console-openshift-console.apps.%BASE_SUBDOMAIN%/topology/ns/kustomize-dev-%USERNAME%?view=graph
https://console-openshift-console.apps.%BASE_SUBDOMAIN%/topology/ns/kustomize-test-%USERNAME%?view=graph
The catch
This approach covers deploying our application in two environments using the same descriptors and adapting them by means of patches, common labels and setting the namespace as well, this is just great.
But… What if you have to adapt the descriptors even more, different storage, different cloud vendor, …?