Skip to content

kevinobee/k8s-gitops

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

369 Commits

.github/workflows

.github/workflows

 
 

.vscode

.vscode

 
 

apps

apps

 
 

gitops

gitops

 
 

policy

policy

 
 

.editorconfig

.editorconfig

 
 

.gitpod.yml

.gitpod.yml

 
 

README.md

README.md

 
 

audit-policy.yaml

audit-policy.yaml

 
 

gitops.yaml

gitops.yaml

 
 

install.sh

install.sh

 
 

kind-config.yaml

kind-config.yaml

 
 

renovate.json

renovate.json

 
 

Repository files navigation

GitOps with Kubernetes using Argo CD & Kustomize

Repository contains YAML manifests to bootstrap a Kubernetes cluster maintained by Argo CD.

Getting Started

To install the Kubernetes cluster and applications for GitOps, run:

git clone https://github.com/kevinobee/k8s-gitops.git
cd k8s-gitops
./install.sh

The installation script uses the Kind tool, which offers a simple way of creating a local Kubernetes cluster with only a single dependency on Docker.

Your cluster and applications are now running, time to start developing.

Argo CD

The install.sh script creates the core applications in the cluster required for GitOps, primarily Argo CD.

The Argo CD UI can be accessed by loading https://localhost:8080/ in a browser.

The admin users password is stored in ARGOCD_PWD environment variable by the install.sh script. Alternatively view the password by running the following commands:

export ARGOCD_PWD=$(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 --decode)
echo ${ARGOCD_PWD}

GitOps

After running the install.sh script create the gitops application in Argo CD following the App of Apps pattern. Run the following commands:

kubectl apply -f gitops.yaml
argocd app sync gitops

After Argo CD has synced the applications the following services will be exposed via a load balancer and ingress:

  • Gatekeeper Policy Manager (GPM)

    https://gpm.local/

  • Monitoring UI

    https://loki.local

    Loki monitoring stack contains Promtail, Grafana and Prometheus

    Admin users password stored in LOKI_PWD environment variable.

    export LOKI_PWD=$(kubectl get secret --namespace monitoring loki-stack-grafana -o jsonpath="{.data.admin-password}" | base64 --decode)
echo ${LOKI_PWD}

  • Litmus UI

    http://litmus.local/

Host Names

Setup entries for .local domain names in your /etc/hosts file by running the following commands after the install.sh script has completed:

LB_IP=$(kubectl get svc -n ingress-nginx ingress-nginx-controller -o jsonpath="{.status.loadBalancer.ingress[0].ip}")
echo "${LB_IP} gpm.local litmus.local loki.local" | sudo tee -a /etc/hosts

CLI Tooling

The install.sh script will add a few useful tools to your environment for working with the Kubernetes cluster. The script itself makes use of argocd and linkerd CLI tooling. Other tools are detailed below:

  1. Octant is an open source developer-centric web interface for Kubernetes that lets you inspect a Kubernetes cluster and its applications.

    To open the Octant web interface run the command:

    octant

    The Octant dashboard will be available at http://127.0.0.1:7777/

Build Automation

Refer to the Static Analysis action and Code scanning alerts on GitHub for security and configuration scan results.

References

  • Argo CD declarative, GitOps continuous delivery tool for Kubernetes.

  • Loki monitoring stack.

Security and Configuration

About

GitOps with Kubernetes using Argo CD & Kustomize

Topics

kubernetes yaml gitops kustomize argocd kubernetes-security

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Contributors 2

  •  
  •  

Languages