ArgoCD 安装 & Istio 集成

By | 29 1 月, 2025
14 Comments

按官方手册安装:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

然后下载 argocd CLI:

wget https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
chmod +x argocd-linux-amd64
sudo mv argocd-linux-amd64 /usr/local/bin/argocd

修改 argocd server 启动为 –insecure 模式:

curl -kLs -o install.yaml https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

新建 kustomization.yml 文件:

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./install.yaml

patches:
- path: ./patch.yml

新建 patch.yml 文件:

# Use --insecure so Ingress can send traffic with HTTP
# --bashref /argocd is the subpath like https://IP/argocd
# env was added because of https://github.com/argoproj/argo-cd/issues/3572 error
---
apiVersion: apps/v1
kind: Deployment
metadata:
 name: argocd-server
spec:
 template:
   spec:
     containers:
     - args:
       - /usr/local/bin/argocd-server
       - --staticassets
       - /shared/app
       - --redis
       - argocd-redis:6379
       - --insecure
       name: argocd-server
       env:
       - name: ARGOCD_MAX_CONCURRENT_LOGIN_REQUESTS_COUNT
         value: "0"

然后在当前目录执行:

kubectl apply -k ./ -n argocd --wait=true

接下来和 istio 进行集成并申请对应的证书:

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: argocd-doraemonext-net-cert-prod
  namespace: istio-system
spec:
  dnsNames:
  - argocd.doraemonext.net
  duration: 2160h0m0s
  issuerRef:
    group: cert-manager.io
    kind: ClusterIssuer
    name: letsencrypt
  privateKey:
    algorithm: RSA
    encoding: PKCS1
    size: 2048
  renewBefore: 360h0m0s
  secretName: argocd-doraemonext-net-cert-prod
  usages:
  - server auth
  - client auth
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: argocd-doraemonext-net-gateway
  namespace: istio-system
spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - "argocd.doraemonext.net"
  - port:
      number: 443
      name: https
      protocol: HTTPS
    tls:
      mode: SIMPLE
      credentialName: argocd-doraemonext-net-cert-prod
    hosts:
    - "argocd.doraemonext.net"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: argocd-doraemonext-net-vs
  namespace: istio-system
spec:
  hosts:
  - "argocd.doraemonext.net"
  gateways:
  - argocd-doraemonext-net-gateway
  http:
  - match:
    - port: 80
    redirect:
      authority: "argocd.doraemonext.net:443"
      scheme: https
  - match:
    - port: 443
    route:
    - destination:
        host: argocd-server.argocd.svc.cluster.local
        port:
          number: 80

最后通过 argocd CLI 来初始化密码:

argocd admin initial-password -n argocd

用初始化的密码登录即可。

14 thoughts on “ArgoCD 安装 & Istio 集成

  1. Pingback: canadian cheapest androxal

  2. Pingback: buy cheap enclomiphene without a rx

  3. Pingback: cheapest buy rifaximin without prescriptions canada

  4. Pingback: purchase xifaxan canada over the counter

  5. Pingback: staxyn online prescription

  6. Pingback: online order avodart buy online usa

  7. Pingback: online order dutasteride france where to buy

  8. Pingback: cheapest buy flexeril cyclobenzaprine canada purchase

  9. Pingback: purchase gabapentin generic canadian

  10. Pingback: cheap medication fildena

  11. Pingback: cheap itraconazole uk where buy

  12. Pingback: kanadské lékárny kamagra

  13. Pingback: acheter kamagra pharmacie vente acheter

  14. Katharina

    casino usa free games no deposit casino (Katharina) spins for year, ainsworth poker machines australia and online pokies canada jokaroom,
    or united statesn online casino minimum deposit $10

    Reply

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注