Advanced GitOps with ArgoCD for Kubernetes

The DevOps DojoThe DevOps Dojo
4 min read

Table of contents

Introduction

Modern software development demands speed, reliability, and scalability. Kubernetes has emerged as the de facto standard for orchestrating containerized applications, but managing its deployments manually can be error-prone and inefficient. This is where GitOps comes in—a declarative approach to continuous delivery that leverages Git as the single source of truth.

In this article, we will explore GitOps with ArgoCD, a powerful tool that enables automated, Git-driven deployments for Kubernetes. We will cover:

  • The principles of GitOps and its advantages

  • Setting up ArgoCD in a Kubernetes cluster

  • Deploying applications using Helm charts and Kubernetes YAML files

  • Integrating ArgoCD with GitLab/GitHub for automated deployment workflows

What is GitOps?

GitOps is a methodology that applies DevOps best practices—such as version control, collaboration, and continuous delivery—to infrastructure automation. It operates under the principle that a Git repository should be the source of truth for all deployment configurations.

Core GitOps Principles:

  1. Declarative Configuration: The desired state of the system is stored as declarative configuration files (YAML/Helm charts) in Git.

  2. Version Control and History: Git provides an auditable history of all changes, allowing rollback and traceability.

  3. Automated Synchronization: A GitOps operator (such as ArgoCD) continuously monitors the repository and reconciles the cluster state.

  4. Continuous Deployment: Any commit to the Git repository automatically triggers deployment updates.

Why ArgoCD?

ArgoCD is a declarative GitOps continuous delivery tool for Kubernetes. It provides:

  • Automated Sync: Reconciles Kubernetes resources with Git repository changes.

  • GUI and CLI: A user-friendly dashboard and CLI for managing applications.

  • RBAC and Multi-Tenancy: Role-based access control for security.

  • Helm and Kustomize Support: Native support for templated configurations.

Setting Up ArgoCD in a Kubernetes Cluster

Prerequisites:

  • A Kubernetes cluster (Minikube, AKS, EKS, or GKE)

  • kubectl installed

  • Helm installed (for Helm-based deployments)

  • Git repository for storing application manifests

Step 1: Install ArgoCD

Execute the following command to install ArgoCD in the argocd namespace:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

Step 2: Access ArgoCD UI

After installation, port-forward the ArgoCD API server to access the UI:

kubectl port-forward svc/argocd-server -n argocd 8080:443

Visit https://localhost:8080 to access the ArgoCD dashboard.

Step 3: Retrieve ArgoCD Admin Password

Get the initial password for the admin user:

kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d

Log in using admin as the username.

Deploying Applications with ArgoCD

1. Creating an ArgoCD Application

We will create an ArgoCD application that deploys a sample Nginx app from a Git repository.

Create an Application manifest (e.g., nginx-app.yaml):

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: nginx-app
  namespace: argocd
spec:
  destination:
    namespace: default
    server: https://kubernetes.default.svc
  source:
    repoURL: https://github.com/devops-dojo/nginx-k8s.git
    targetRevision: HEAD
    path: manifests
  syncPolicy:
    automated:
      selfHeal: true
      prune: true

Apply the manifest:

kubectl apply -f nginx-app.yaml -n argocd

ArgoCD will now monitor the repository and deploy the application whenever a change is detected.

2. Deploying Applications with Helm

Helm simplifies Kubernetes deployments by using templated YAML manifests.

Example Application manifest for deploying an Nginx Helm chart:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: nginx-helm
  namespace: argocd
spec:
  destination:
    namespace: default
    server: https://kubernetes.default.svc
  source:
    repoURL: https://charts.bitnami.com/bitnami
    chart: nginx
    targetRevision: 13.2.17
    helm:
      values: |
        service:
          type: LoadBalancer
  syncPolicy:
    automated:
      selfHeal: true
      prune: true

Apply the manifest:

kubectl apply -f nginx-helm.yaml -n argocd

ArgoCD will fetch and deploy the Helm chart from the Bitnami repository.

GitLab/GitHub Integration for Automated Deployments

ArgoCD can automatically deploy applications when changes are pushed to GitLab or GitHub.

1. Create a Git Repository

Host your Kubernetes manifests in a GitHub or GitLab repository.

2. Configure a Webhook (GitHub Example)

  1. Go to GitHub Repository SettingsWebhooks.

  2. Click Add Webhook.

  3. Set the Payload URL to http://argocd-server.argocd.svc/api/webhook.

  4. Choose application/json as the Content type.

  5. Enable Push Events.

ArgoCD will now react to Git commits and synchronize the Kubernetes cluster accordingly.

Best Practices for GitOps with ArgoCD

1. Use Separate Repositories for Applications and Infrastructure

Keep application manifests and infrastructure definitions in different repositories to maintain clarity.

2. Implement Role-Based Access Control (RBAC)

Restrict who can modify application configurations to prevent unauthorized changes.

3. Enable Auto-Sync with Self-Healing

This ensures that the cluster state always matches the desired state in Git.

4. Monitor and Audit Changes

Use ArgoCD notifications and logging to track deployments and troubleshoot issues.

5. Use ArgoCD Image Updater

Automate container image updates by integrating ArgoCD Image Updater with a CI/CD pipeline.

Conclusion

GitOps with ArgoCD revolutionizes Kubernetes application deployment by enabling automated, Git-driven workflows. By implementing ArgoCD, teams can achieve:

  • Faster, more reliable deployments

  • Enhanced security and auditability

  • Improved collaboration through Git-based version control

By following the steps in this guide, you can leverage GitOps principles to streamline your Kubernetes application management with ArgoCD.

Next Steps:

  • Explore ArgoCD Rollouts for canary deployments.

  • Integrate ArgoCD with FluxCD for hybrid GitOps workflows.

  • Automate security scanning with OPA Gatekeeper.

Happy deploying! 🚀

0
Subscribe to my newsletter

Read articles from The DevOps Dojo directly inside your inbox. Subscribe to the newsletter, and don't miss out.

gitopsGitOps and ArgoCD Complete Hands-on Projectgitops-toolsKubernetesAdvanced Kubernetesgitops-conceptskubernetes architecture

Written by

The DevOps Dojo
The DevOps Dojo