sigs.k8s.io/cluster-api@v1.7.1/docs/book/src/tasks/workload-bootstrap-gitops.md

sigs.k8s.io/cluster-api@v1.7.1/docs/book/src/tasks/workload-bootstrap-gitops.md (about)

     1  # Workload bootstrap using GitOps
     2  
     3  Cluster API can be utilized in combination with the [Cluster API addon provider for helm (CAAPH)](https://github.com/kubernetes-sigs/cluster-api-addon-provider-helm/blob/main/docs/quick-start.md) to install and configure a GitOps agent and then the GitOps agent hydrates clusters automatically with various workloads.
     4  
     5  ## Prerequisites
     6  
     7  Follow the quickstart setup guide for your provider but ensure that CAAPH is installed via including the `addon=helm` with either:
     8  
     9  1. [clusterctl](https://cluster-api.sigs.k8s.io/user/quick-start#initialize-the-management-cluster) using `clusterctl init --infrastructure ### --addon helm` or
    10  1. [Cluster API Operator](https://cluster-api.sigs.k8s.io/user/quick-start-operator) using `helm install capi-operator capi-operator/cluster-api-operator ... --set infrastructure=#### --set addon=helm`
    11  
    12  ## Bootstrap ManagedCluster using ArgoCD
    13  
    14  Add the labels `argoCDChart: enabled` and `guestbook: enabled` to your desired workload cluster yaml file in the `Cluster` metadata section, for example:
    15  
    16  ```yaml
    17  apiVersion: cluster.x-k8s.io/v1beta1
    18  kind: Cluster
    19  metadata:
    20    name: my-cluster
    21    namespace: default
    22    labels:
    23      argoCDChart: enabled
    24      guestbook: enabled
    25  ```
    26  
    27  Then create and `kubectl apply -f` the following file on the management cluster to install the ArgoCD agent and the sample guestbook app to the workload cluster via the argo helm charts using CAAPH:
    28  
    29  ```yaml
    30  apiVersion: addons.cluster.x-k8s.io/v1alpha1
    31  kind: HelmChartProxy
    32  metadata:
    33    name: argocd
    34  spec:
    35    clusterSelector:
    36      matchLabels:
    37        argoCDChart: enabled
    38    repoURL: https://argoproj.github.io/argo-helm
    39    chartName: argo-cd
    40    options:
    41      waitForJobs: true
    42      wait: true
    43      timeout: 5m
    44      install:
    45        createNamespace: true
    46  ---
    47  apiVersion: addons.cluster.x-k8s.io/v1alpha1
    48  kind: HelmChartProxy
    49  metadata:
    50    name: argocdguestbook
    51  spec:
    52    clusterSelector:
    53      matchLabels:
    54        guestbook: enabled
    55    repoURL: https://argoproj.github.io/argo-helm
    56    chartName: argocd-apps
    57    options:
    58      waitForJobs: true
    59      wait: true
    60      timeout: 5m
    61      install:
    62        createNamespace: true
    63    valuesTemplate: |
    64      applications:
    65        - name: guestbook
    66          namespace: argocd
    67          finalizers:
    68          - resources-finalizer.argocd.argoproj.io
    69          project: default
    70          sources:
    71            - repoURL: https://github.com/argoproj/argocd-example-apps.git
    72              path: guestbook
    73              targetRevision: HEAD
    74          destination:
    75            server: https://kubernetes.default.svc
    76            namespace: guestbook
    77          syncPolicy:
    78            automated:
    79              prune: false
    80              selfHeal: false
    81            syncOptions:
    82            - CreateNamespace=true
    83          revisionHistoryLimit: null
    84      ignoreDifferences:
    85        - group: apps
    86          kind: Deployment
    87          jsonPointers:
    88          - /spec/replicas
    89      info:
    90      - name: url
    91        value: https://argoproj.github.io/
    92  ```
    93  
    94  This will automatically install ArgoCD in the ArgoCD namespace and the guestbook application into the guestbook namespace.  Adding or labeling additional clusters with `argoCDChart: enabled` and `guestbook: enabled` will automatically install the ArgoCD agent and the guestbook application and there is no need to create additional CAAPH HelmChartProxy entries.
    95  
    96  The ArgoCD console can be viewed by connecting to the workload cluster and then doing the following:
    97  
    98  ```bash
    99  # Get the admin password
   100  kubectl get secrets argocd-initial-admin-secret -n argocd --template="{{index .data.password | base64decode}}"
   101  kubectl port-forward service/capiargo-argocd-server -n default 8080:443
   102  # and then open the browser on http://localhost:8080 and accept the certificate
   103  ```
   104  
   105  The Guestbook application deployment can be seen once logged into the ArgoCD console. Since the GitOps agent points to the git repository, any changes to the repository will automatically update the workload cluster.  The git repository could be configured to utilize the [App of Apps pattern](https://argo-cd.readthedocs.io/en/stable/operator-manual/cluster-bootstrapping/#app-of-apps-pattern) to install all platform requirements for the cluster. The App of Apps pattern is a single application that installs all other applications and configurations for the cluster.
   106  
   107  This same pattern could also utilize the Flux agent using the [Flux helm charts](https://github.com/fluxcd-community/helm-charts/) being installed and configured by CAAPH.