Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Argo CD 実践ガイド #k8sjp / Argo CD Practice Guide
Search
d-kuro
July 25, 2019
Technology
13
8.7k
Argo CD 実践ガイド #k8sjp / Argo CD Practice Guide
Kubernetes Meetup Tokyo #21 - Cloud Native CI/CD で発表した資料です
https://k8sjp.connpass.com/event/138375/
d-kuro
July 25, 2019
Tweet
Share
More Decks by d-kuro
See All by d-kuro
Giftech2025春_GhostWriter
daikurosawa
0
10
kube-state-metrics Sharding
daikurosawa
0
360
Helm Chart を Unit Test する / Unit Testing Helm Chart
daikurosawa
0
2.2k
Understanding CPU throttling in Kubernetes to improve application performance #k8sjp
daikurosawa
12
15k
Leader Election in Kubernetes #k8sjp
daikurosawa
5
11k
図で理解する Descheduler #k8sjp #ymju / Introduction to Descheduler
daikurosawa
12
23k
Kubernetes のソースコードとの付き合い方 #gounco / Kubernetes source code reading
daikurosawa
24
5.3k
GolangCI を使ってコードの品質を保ちながら快適な Golang 生活を送る話 #gounco / GolangCI
daikurosawa
4
6k
Introduction gRPC
daikurosawa
1
290
Other Decks in Technology
See All in Technology
【新卒研修資料】LLM・生成AI研修 / Large Language Model・Generative AI
brainpadpr
24
17k
Oracle Cloud Infrastructure:2025年9月度サービス・アップデート
oracle4engineer
PRO
0
450
From Prompt to Product @ How to Web 2025, Bucharest, Romania
janwerner
0
120
ACA でMAGI システムを社内で展開しようとした話
mappie_kochi
1
270
GopherCon Tour 概略
logica0419
2
190
ユニットテストに対する考え方の変遷 / Everyone should watch his live coding
mdstoy
0
130
Access-what? why and how, A11Y for All - Nordic.js 2025
gdomiciano
1
110
Why Governance Matters: The Key to Reducing Risk Without Slowing Down
sarahjwells
0
110
AI時代だからこそ考える、僕らが本当につくりたいスクラムチーム / A Scrum Team we really want to create in this AI era
takaking22
6
3.5k
AI ReadyなData PlatformとしてのAutonomous Databaseアップデート
oracle4engineer
PRO
0
190
SoccerNet GSRの紹介と技術応用:選手視点映像を提供するサッカー作戦盤ツール
mixi_engineers
PRO
1
180
o11yで育てる、強い内製開発組織
_awache
3
120
Featured
See All Featured
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
2.6k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
46
7.6k
Docker and Python
trallard
46
3.6k
Agile that works and the tools we love
rasmusluckow
331
21k
Mobile First: as difficult as doing things right
swwweet
224
10k
Into the Great Unknown - MozCon
thekraken
40
2.1k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
188
55k
Being A Developer After 40
akosma
91
590k
Why Our Code Smells
bkeepers
PRO
339
57k
Making Projects Easy
brettharned
119
6.4k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
How to train your dragon (web standard)
notwaldorf
96
6.3k
Transcript
19/07/25 Kubernetes Meetup Tokyo #21 - Cloud Native CI/CD @ponde_m
Argo CD ࣮ફΨΠυ
ࠓճͷΠϕϯτϖʔδ
͜Εʹωλ͔ͿΓ͠ͳ͍Α͏ͳ ر "SHP$%ͷࡉ͔͍Λ͍͖ͯ͠·͢ ࠓճͷΠϕϯτϖʔδ
@ponde_m Dai Kurosawa SRE
͓͞Β͍: Argo CD ͱ • Pull ܕͷ CD • GitOps
ʹ͏ • ͍͍ײ͡ͷ UI
ࠓ͢͜ͱ • Argo CD ͷ CRD ʹ͍ͭͯ • Argo CD
ͷ RBAC ʹ͍ͭͯ • Argo CD ͷ Sync ઓུʹ͍ͭͯ
ࠓ͢͜ͱ • Argo CD ͷ CRD ʹ͍ͭͯ • Argo CD
ͷ RBAC ʹ͍ͭͯ • Argo CD ͷ Sync ઓུʹ͍ͭͯ ͕࣌ؒΓͳ͔ͬͨͷͰ εΩοϓ͠·͢ (ࢿྉͦͷ··Ξοϓ͠·͢)
Argo CDͷ CRD
Argo CD ͷ CRD • 2ͭͷ CRD ͕͋Δ • Application
• AppProject
Argo CD ͷ CRD Application Application Application AppProject
Application • Argo CD ʹ͓͚Δ σϓϩΠͷઃఆ • ݱ࣮ੈքͷ ΞϓϦέʔγϣϯͱಉ͡୯Ґ (ෳͷ
Object ͷू߹)
Application Git Repository Revision Path Λࢦఆͯͦ͜͠ʹ͋Δ manifest ΛσϓϩΠ͢Δ
Application λʔήοτͱͳΔ Ϋϥελͱ namespace
Automated Sync • syncPolicy Λ ໌ࣔతʹࢦఆ͠ͳ͍ͱ ࣗಈͰಉظͯ͘͠Εͳ͍ͷͰҙ • prune: true
Λࢦఆ͠ͳ͍߹ Ϧιʔεͷ Pruning ߦΘΕͳ͍
Tools • αϙʔτ͍ͯ͠Δ apply ํ๏ • kustomize • Helm charts
• Ksonnet • YAML/JSON/Jsonnet manifest ͷσΟϨΫτϦ • ϓϥάΠϯ (ࣗ࡞όΠφϦ͑Δ)
Application of Applications • Application Ͱ Application Λཧ͢Δ
Application of Applications • kustomize ͷྫ: root.yaml
Application of Applications • kustomize ͷྫ: root.yaml ͜͜ͷ path ࢦఆͰ
Application of Applications • kustomize ͷྫ: root.yaml ͜͜ͷ path ࢦఆͰ
application-of-applications σΟϨΫτϦͷ kustomization.yaml ͕ࢀর͞ΕΔ
Application of Applications • kustomize ͷྫ: kustomization.yaml
Application of Applications • kustomize ͷྫ: kustomization.yaml kustomize ͷ resources
Ͱ root ʹඥͮ͘ Application Λࢦఆ͢Δ
Application of Applications • kustomize ͷྫ: root ʹͳΔ Application Λ
apply ͢Δ
Application of Applications • kustomize ͷྫ:
Application of Applications • kustomize ͷྫ: root ʹͳΔ Application Λ
apply ͚ͨͩ͠Ͱ root ʹඥͮ͘ Application উखʹద༻͞ΕΔ
Application of Applications UI ͔Β͜ͷΑ͏ͳײ͡Ͱ දࣔ͞ΕΔ
Application of Applications • kustomize ͷྫ: ͜ΕΒͷ Application GitOps
Ͱࣗಈతʹ Sync ͞ΕΔ (feature ϒϥϯνͷ manifest Λ ద༻͍ͨ͠Έ͍ͨͳঢ়گͷ࣌ʹָ)
Application of Applications revision Λॻ͖͑ͨ Pull Request Λ merge ͢Δͱ
feature ϒϥϯνͷ manifest ΛࢀরͰ͖Δ
AppProject • Application ͷ ཧతͳάϧʔϓΛද͢ • Role ͱ͔ఆٛͰ͖Δ (ৄ͘͠ޙड़)
Argo CDͷ RBAC
Argo CD ͷೝূ • ϩάΠϯը໘:
Argo CD ͷೝূ • ϩάΠϯը໘: User ͱ Password Λ ೖྗ͢Δεϖʔε͕͋Δ͕
Argo CD ͰΈࠐΈͷ admin Ҏ֎ͷϢʔβଘࡏ͠ͳ͍
Argo CD ͷೝূ • ϩάΠϯը໘: admin Ҏ֎ͷશͯͷϢʔβ SSO Λհͯ͠ϩάΠϯ͢Δ ඞཁ͕͋Δ
(͜ͷ߹ GitHub Λ༻)
Argo CD ͷೝূ • Argo CD Ͱ SSO Λߦ͏ํ๏ 2
छྨ • όϯυϧ͞ΕͯΔ Dex Λ༻͢Δ • طଘͷ OIDC provider Λ༻͢Δ
Argo CD ͷೝূ • Argo CD Ͱ SSO Λߦ͏ํ๏ 2
छྨ • όϯυϧ͞ΕͯΔ Dex Λ༻͢Δ • طଘͷ OIDC provider Λ༻͢Δ ࠓճ Dex Λͬͯ GitHub Ͱೝূ͢ΔΛ͠·͢
Dex Λ༻͍ͯ GitHub Ͱೝূ͢Δ • Argo CD Ͱ Dex ͱ͍͏
OIDC provider ͕όϯυϧ͞Ε͍ͯΔ • https://github.com/dexidp/dex
Dex Λ༻͍ͯ GitHub Ͱೝূ͢Δ • GitHub Ͱ OAuth application Λ࡞ͬͯ
`argocd-cm` ͱ͍͏ ConfigMap ʹ ઃఆΛهࡌ͢Δ
Dex Λ༻͍ͯ GitHub Ͱೝূ͢Δ • ConfigMap ͷྫ:
Dex Λ༻͍ͯ GitHub Ͱೝূ͢Δ • ConfigMap ͷྫ: ൃߦͨ͠ clientID ͱ
clientSecret $dex.github.clientSecret Έ͍ͨʹॻ͘͜ͱͰ Kubernetes ͷ Secret ͔Β ΛಡΈࠐΜͰ͘ΕΔ
Dex Λ༻͍ͯ GitHub Ͱೝূ͢Δ • ConfigMap ͷྫ: ϩάΠϯͰ͖Δ GitHub org
ͱ Team ͷઃఆ ͜ͷ߹ `classmethod` ͱ͍͏ GitHub org ͷ `sre-team` ͔͠ ϩάΠϯͰ͖ͳ͍
Role • GitHub-org:team ʹରͯ͠ AppProject ʹ ඥͮ͘Role ΛఆٛͰ͖Δ
Role • Argo CD ͷ Web UI ͔Β Delete, Edit
ͱ͔͕Ͱ͖ͨΓ͢Δ Role Λ੍ͬͯޚ͢Δ͜ͱ͕Ͱ͖Δ
Argo CDͷ Sync
Sync Phases • Argo CD ͷ Sync ʹେ͖͚ͯ͘ 3 ͭͷϑΣʔζ͕͋Δɹ
PreSync Sync PostSync
Sync Phases • Argo CD ͷ Sync ʹେ͖͚ͯ͘ 3 ͭͷϑΣʔζ͕͋Δɹ
PreSync Sync PostSync manifest ͷద༻લʹ࣮ߦ͞ΕΔ
Sync Phases • Argo CD ͷ Sync ʹେ͖͚ͯ͘ 3 ͭͷϑΣʔζ͕͋Δɹ
PreSync Sync PostSync manifest ͷద༻ʹ ؔ࿈࣮ͯ͠ߦ͞ΕΔ
Sync Phases • Argo CD ͷ Sync ʹେ͖͚ͯ͘ 3 ͭͷϑΣʔζ͕͋Δɹ
PreSync Sync PostSync manifest ͷద༻ޙʹ࣮ߦ͞ΕΔ
• Argo CD ͷ Sync ʹେ͖͚ͯ͘ 3 ͭͷϑΣʔζ͕͋Δɹ PreSync Sync
ΞϓϦέʔγϣϯ ͷσϓϩΠ DB ͷ ϚΠάϨʔγϣϯ PostSync Sync Phases ΞϓϦέʔγϣϯͷσϓϩΠલʹ Kubernetes ͷ Job Ͱ DB ͷϚΠάϨʔγϣϯΛ࣮ߦ
Sync Phases and Waves • Argo CD ͷ Sync ʹେ͖͚ͯ͘
3 ͭͷϑΣʔζ͕͋Δɹ PreSync ΞϓϦέʔγϣϯͷσϓϩΠલʹ Kubernetes ͷ Job Ͱ DB ͷϚΠάϨʔγϣϯΛ࣮ߦ DB ͷ ϚΠάϨʔγϣϯ
Sync Phases • Argo CD ͷ Sync ʹେ͖͚ͯ͘ 3 ͭͷϑΣʔζ͕͋Δɹ
PreSync DB ͷ ϚΠάϨʔγϣϯ annotation ʹهࡌΛ͢Δͱ Argo CD ͕هࡌͨ͠ϑΣʔζͰ ࣮ߦͯ͘͠ΕΔ
• Argo CD ͷ Sync ʹେ͖͚ͯ͘ 3 ͭͷϑΣʔζ͕͋Δɹ PreSync DB
ͷ ϚΠάϨʔγϣϯ PreSync ͷϑΣʔζ͕ ऴΘͬͨΒ Job Λআ Sync Phases
Sync Waves • ֤ϑΣʔζͰͷ manifest ͷద༻ॱΛ੍ޚͰ͖Δ PreSync Sync PostSync Job
Job Pod Job 1 2 3 v1.1.0 ͔Βͷ৽ػೳ
Sync Waves Sync Job Pod Job 1 2 3 •
֤ϑΣʔζͰͷ manifest ͷద༻ॱΛ੍ޚͰ͖Δ
Sync Waves Sync Job Pod Job 1 2 3 •
֤ϑΣʔζͰͷ manifest ͷద༻ॱΛ੍ޚͰ͖Δ `argocd.argoproj.io/sync-wave` ͱ͍͏ annotaion ʹ Λࢦఆ͢Δ
·ͱΊ
·ͱΊ • Argo CD Ϧονͳ Web UI Ͱ GitOps Ͱ͖Δπʔϧ
• ৭ʑͱࡉ͔͍ػೳͱ͔ॆ࣮ͯ͠Δ • ެࣜͷυΩϡϝϯτॆ࣮ͯ͠ΔͷͰΈΑ͏! • https://argoproj.github.io/argo-cd/
Thank You! @ponde_m