K8S argocd 安装配置

版本:K8S v1.16.9
K8S 如何安装可以看 https://www.cnblogs.com/klvchen/p/12373232.html
argocd 源码仓库:https://github.com/argoproj/argo-cd

mkdir /data/argocd -p && cd /data/argocd

wget https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

# 因为后续会使用 ingress 暴露外网,所以 argocd 不启用 tls
vi install.yaml
#在 2567 行出加入,argocd-server Deployment 中
- --insecure


kubectl create namespace argocd
kubectl apply -n argocd -f install.yaml

# 查看状态
kubectl get pod -n argocd
kubectl get svc -n argocd

配置 ingress

# 我们这里的 ingress-controller 选择 nginx-ingress-controller
mkdir /data/ingress -p && cd /data/ingress

wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/mandatory.yaml

kubectl apply -f mandatory.yaml

# 检查
kubectl get pod -n ingress-nginx

# 配置 ingress 向 nginx-ingress-controller 注入配置
cat argocd-ingress.yaml 

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: argocd-server-ingress
  namespace: argocd
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
  - host: argocd.example.com
    http:
      paths:
      - backend:
          serviceName: argocd-server
          servicePort: http

kubectl apply -f argocd-ingress.yaml

配置 svc 为 nginx-ingress-controller 接入前端流量

cat service-nodeport.yaml 
apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
spec:
  type: NodePort
  ports:
    - name: http
      port: 80
      targetPort: 80
      protocol: TCP
      nodePort: 30080
    - name: https
      port: 443
      targetPort: 443
      protocol: TCP
      nodePort: 30443
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
  externalTrafficPolicy: Cluster

kubectl apply -f service-nodeport.yaml

安装 nginx 开发宿主机的 80 端口,流量转发到 30080

yum install epel-release -y
yum update -y

vi /etc/nginx/nginx.conf 
# 加入下面配置
server {
    listen      80;
    server_name argocd.example.com;


        location /
        {
                proxy_pass   http://172.18.54.75:30080;
                proxy_set_header   Host             $host;
                proxy_set_header   X-Real-IP        $remote_addr;
                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        }
    }
# 启动 nginx
nginx -t
nginx

测试

修改本地 PC hosts 文件
加入
172.18.54.75     argocd.example.com

浏览器访问
argocd.example.com

用户名:admin
密码:

kubectl get pods -n argocd -l app.kubernetes.io/name=argocd-server -o name | cut -d'/' -f 2

修改 admin 密码的方式,密码要先经过 Bcrypt 加密, 密码为 A123456

kubectl -n argocd patch secret argocd-secret   -p '{"stringData": {
      "admin.password": "$2a$10$88NHgAw3gSbPmMGvPH8wl.E.wh/JpxF6LpAkN.3YzI8vCKqz92rpi",
      "admin.passwordMtime": "'$(date +%FT%T%Z)'"
    }}'

安装 argocd 命令行工具

参考:https://argoproj.github.io/argo-cd/getting_started/
https://argoproj.github.io/argo-cd/cli_installation/

posted @ 2020-09-08 14:46  klvchen  阅读(3591)  评论(0编辑  收藏  举报