In Part 1 of this blog, i showed how to deploy an instance of ArgoCD in Portainer, and use it to GitOps-enable application deployments on a local cluster.
In this blog, I will show how to extend that initial Argo instance to be able to manage the other Kubernetes clusters in your central Portainer instance. At the end of the blog you will have ArgoCD running centrally, and both the local cluster and one remote cluster able to be managed from the central instance.
The first thing you need to do in Portainer is gather the authentication details for your other environments.
As the admin user, Click on the "home" page, and then click on "KubeConfig"
Select just your additional environments (in my case, Linode-LKE) and then view the config file.
Take a note of the server URL and the Token., you will need these later.
OK, so let's create a YML file that will create the required secret ArgoCD needs to import this cluster.
kind: Secret
metadata:
name: linode-lke-cluster-secret
labels:
argocd.argoproj.io/secret-type: cluster
namespace: argocd
type: Opaque
stringData:
name: linode-lke
server: https://kubernetes.docker.internal:9443/api/endpoints/10/kubernetes
config: |
{
"bearerToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJuZWlsIiwicm9sZSI6MSwic2NvcGUiOiJrdWJlY29uZmlnIn0.1qVJGLPDRm-UH0_nPAL7xoIfRlHR7e1Kb83VeMLMwCU",
"tlsClientConfig": {
"insecure": true
}
}
Once you have this YAML, select the environment where ArgoCD is running (the local environment, not the remote one to be added). Then click on ConfigMaps & Secrets, then click on "+ Create from manifest"
Paste in the YAML. Don't forget to change the namespace to argocd, and set the name to match the name in the YAML, then click "deploy"
For a quick check that the secret stuck and the environment has been presented to ArgoCD, view the logs of the argocd-server pod. Look for "notifying 1 settings subscribers"
OK, so now go back into the ArgoCD UI.. and click on "settings" and then "clusters"
You now have the Linode-LKE cluster added..
OK, so now let's use it..
In the ArgoCD UI, click on "Applications", then "Create Application". Give it name, use the default project, and set the sync policy to automatic.
Use the same source as the prior blog, but this time change the URL to the remote cluster.
Click Create.
Now wait for the Sync to happen (will take seconds).
The app is now running on the remote cluster, which is not on my laptop (where the local ArgoCD is running, but is actually out at Linode.)
Let's now go into Portainer, switch our view to the Linode environment, and see what we see.
There you go, running.
You can repeat this for as many Kubernetes environments as you have defined within Portainer and you will have a single centralised ArgoCD deployment managing all of your remote Kubernetes clusters, all via Portainer's in-built Kubernetes Proxy. Safety plus convenience.
Let us know your thoughts.
Neil
COMMENTS