Argo CD: Unlock GitOps for Kubernetes Now!

Simplifying deployment with Argo CD

Managing application deployment and delivery often becomes complicated, especially when combining CI and CD. If not handled correctly, poor deployment configuration can disrupt real-time applications. However, separating CI and CD can simplify these processes. This tool, featured on TechRadar by Devoteam, helps teams achieve this division with ease.

Why separate CI and CD?

Separating CI and CD provides clear boundaries between code and configuration. This separation enables teams to manage them independently. Built images become inputs for CD, which can then be configured for specific environments. By storing all configurations in Version Control, teams improve collaboration. Moreover, it simplifies rollbacks because Git tracks every change.

Understanding GitOps

Before diving into this tool, it’s essential to understand GitOps. GitOps represents a modern approach to software delivery and operational management. It relies on Git to oversee the entire deployment and configuration workflow. Teams declare their desired infrastructure state and store it in a Git repository. GitOps tools then continuously monitor this repository, ensuring the deployed resources align with the declared state. This approach enhances change tracking, collaboration, and system reliability.

What makes Argo unique?

This tool stands out as a leading GitOps solution. It uses a Kubernetes-native approach and is a CNCF Graduated project. It functions as a controller that monitors environments and compares them with connected Git repositories. The tool manages deployments with Git as the source of truth. Additionally, it supports common Kubernetes manifests like HELM, Kustomize, and plain YAML/JSON files. Its intuitive UI allows teams to monitor deployment statuses clearly.

Key capabilities of this tool

Besides syncing environments with repositories, the platform enforces deployment strategies through sync windows and policies. These strategies help teams deploy at times that best suit their environment. The tool also strengthens compliance. By monitoring and overwriting manual changes, it ensures the cluster stays in an approved state based on Git processes. This strategy maintains a four-eyes principle for all changes and prevents unauthorised modifications.

The platform also includes an Image Updater tool. Although not yet production-ready, this tool syncs images based on tags, digests, or semantic versions. For development environments, it connects directly with CI. When a new image is pushed, it verifies and updates the environment if needed.

Example of a deployment flow

Consider a team that uses a CI/CD split and deploys with this tool. A code commit triggers the pipeline, builds an image, and completes the CI phase. Later, a configuration commit is picked up and synced to the appropriate environment. Teams can manage environments using directories in their repository, as branch-based management is not recommended. At Devoteam, we leverage an internal project called Project Unox to deploy applications like Backstage on our AKS cluster, as illustrated below.

Considerations for using this solution

However, it’s important to know that GitOps and this tool may not fit every scenario. Implementing GitOps with complex branching strategies can introduce extra challenges. The platform works best with trunk-based development. Since it is Kubernetes-native, it performs optimally in Kubernetes or Openshift-like environments. Additionally, storing secrets in Git is not best practice. To secure secrets, use tools like Kube-Seals or a vaulting strategy.

Final thoughts

This platform proves highly valuable when it aligns with an organisation’s strategy. It promotes transparency, speed, and compliance, making it ideal for teams embracing GitOps. Although it may not be perfect for all scenarios, organisations seeking efficient deployment and strong configuration management can greatly benefit from it.