ArgoCD实践之基于配置清单创建Application
1. 什么是Application
后续内容会更新在个人站点: https.malusspectabilis.top
1.0 什么是基础不可变设施
GitOps当中是这样定义的。应用都需要运行在多台机器上,它们被组织成不同的环境,例如开发环境、测试环境和生产环境等等。需要将相同的应用部署到不同的机器上。通常需要系统管理员确保所有的机器都处于相同的状态。接着所有的修改、补丁、升级需要在所有的机器中进行。随着时间的推移,很难再确保所有的机器处于相同的状态,同时越来越容易出错。这就是传统的可变架构中经常出现的问题。这时我们有了不可变架构,它将整个机器环境打包成一个单一的不可变单元,而不是传统方式仅仅打包应用。这个单元包含了之前所说的整个环境栈和应用所有的修改、补丁和升级,这就解决了前面的问题。 —— 摘自 InfoQ 的《关于不可变架构以及为什么需要不可变架构》作者 百占辉
1.1 Application核心组件
Synced:一致
OutOfSync:不一致
Healthy:健康
Degraded:降级
Missing:缺失,即在GitRepo中存在资源定义,但并未完成部署
2. ArgoCD Application的创建
ArgoCD可以基于WEB-UI的方式来进行应用的发布,也可以基于Configuration List的方式去部署应用。
2.1 查看ArgoCD支持的API-Resources
kubectl api-resources --api-group=argoproj.io
NAME SHORTNAMES APIVERSION NAMESPACED KIND
applications app,apps argoproj.io/v1alpha1 true Application
applicationsets appset,appsets argoproj.io/v1alpha1 true ApplicationSet
appprojects appproj,appprojs argoproj.io/v1alpha1 true AppProject
2.2 查看ArgoCD的字段属性
explain可以分级查看字段属性
[root@c-k-m1-10 argocd]# kubectl explain application
KIND: Application
VERSION: argoproj.io/v1alpha1
DESCRIPTION:
Application is a definition of Application resource.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata <Object> -required-
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
operation <Object>
Operation contains information about a requested or running operation
spec <Object> -required-
ApplicationSpec represents desired application state. Contains link to
repository with application definition and additional parameters link
definition revision.
status <Object>
ApplicationStatus contains status information for the application
2.3 准备Git源
GitOps中定义以特定Repository(配置仓库)为应用程序部署和管理的唯一可信源,该Repository负责定义Application的期望状态。本次测试使用gitee作为唯一的可信源。支持更多的配置管理工具例如helm、kustomize、jsonnet等;本次使用kubernetes原生的配置清单包含如下一个namespace一个裸Pod以及一个Service。
kind: Namespace
apiVersion: v1
metadata:
name: hello
apiVersion: v1
kind: Service
metadata:
name: hello-svc
namespace: hello
spec:
type: NodePort
selector:
app: hello
ports:
- name: http # 端口名称
protocol: TCP # 协议类型,目前支持TCP、UDP、SCTP默认为TCP
port: 80 # Service的端口号
targetPort: 8080 # 后端目标进程的端口号
nodePort:
apiVersion: v1
kind: Pod
metadata:
name: hello
namespace: hello
labels:
app: hello
spec:
containers:
- name: hello
image: lihuahaitang/helloworld:v1
imagePullPolicy: IfNotPresent
2.4 编辑资源配置清单;
[root@c-k-m1-10 argocd]# cat application-hello.yaml
apiVersion: argoproj.io/v1alpha1 # 定义的API版本,可通过API-Resources查看
kind: Application # 定义的资源类型
metadata:
name: hello # 名称
namespace: argocd # argocd所在的名称空间
spec:
project: default # 指明所属的项目是default
source: # 配置仓库及相关的配置访问的方法
repoURL: https://gitee.com/good-news/apps.git # 资源配置清单的Git的仓库源地址
targetRevision: HEAD # 期望基于哪个修订版本来部署
path: kubernetes # Git仓库的子目录路径
destination: # 应用程序要部署到的目标位置
server: https://kubernetes.default.svc # 目标kubernetes集群的API-Server访问入口,这里为本地集群
namespace: hello # 目标应用要部署的名称空间
syncPolicy: # 同步策略,如果不写默认就是Manual为手动同步
automated: null # 为自动同步策略
2.5 查看应用状态
这里的应用状态为未同步,因为我们未指定同步策略为自动。默认为手动同步;
[root@c-k-m1-10 argocd]# argocd app list
WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web.
NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET
argocd/hello https://kubernetes.default.svc hello default <none> <none> https://gitee.com/good-news/apps.git kubernetes HEAD
2.6 手动执行同步策略
[root@c-k-m1-10 argocd]# argocd app sync hello
WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web.
TIMESTAMP GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE
2023-03-25T22:00:35+08:00 Service default hello Unknown Healthy
2023-03-25T22:00:37+08:00 Service default hello Unknown Healthy ignored (requires pruning)
2023-03-25T22:00:37+08:00 Namespace hello hello Running Synced namespace/hello created
2023-03-25T22:00:37+08:00 Service hello hello-svc Running Synced service/hello-svc created
2023-03-25T22:00:37+08:00 Pod hello hello Running Synced pod/hello created
2023-03-25T22:00:37+08:00 Service default hello OutOfSync Healthy ignored (requires pruning)
2023-03-25T22:00:37+08:00 Service hello hello-svc OutOfSync Healthy service/hello-svc created
2023-03-25T22:00:37+08:00 Pod hello hello Synced Progressing pod/hello created
2023-03-25T22:00:37+08:00 Namespace hello Synced
Name: argocd/hello
Project: default
Server: https://kubernetes.default.svc
Namespace: hello
URL: https://argocd.k8s.local/applications/hello
Repo: https://gitee.com/good-news/apps.git
Target: HEAD
Path: kubernetes
SyncWindow: Sync Allowed
Sync Policy: <none>
Sync Status: OutOfSync from HEAD (c916463)
Health Status: Healthy
Operation: Sync
Sync Revision: c916463463c2244ae78ba442a0de764b743a493b
Phase: Succeeded
Start: 2023-03-25 22:00:34 +0800 CST
Finished: 2023-03-25 22:00:37 +0800 CST
Duration: 3s
Message: successfully synced (all tasks run)
GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE
Service default hello OutOfSync Healthy ignored (requires pruning)
Namespace hello hello Running Synced namespace/hello created
Service hello hello-svc OutOfSync Healthy service/hello-svc created
Pod hello hello Synced Healthy pod/hello created
2.7 查看名称空间的Pod以及Service
[root@c-k-m1-10 argocd]# kubectl get po,svc -n hello
NAME READY STATUS RESTARTS AGE
pod/hello 1/1 Running 0 5m22s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/hello-svc NodePort xx.xx.xx.xx <none> 80:32618/TCP 5m22s
2.8 WEBUI查看应用状态
2.9 尝试访问应用
sh-3.2# curl -I http://xx.xx.xx.xx32618/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 14:07:57 GMT
Connection: keep-alive
我们一直奔跑在进步的旅途