Shulou(Shulou.com)06/01 Report--

This article shows you how to do argo cloud native CI/CD preliminary, concise and easy to understand, absolutely can make your eyes shine, through the detailed introduction of this article I hope you can gain something.

Argo is an incubator project of the Cloud Native Computing Foundation https://www.cncf.io/projects/. Argo is designed for containers without the overhead and limitations of traditional VM and server-based environments and is a kubernetes-based CI/CD tool.

CI(Continuous Integration) is not perfect at present, event triggers (https://github.com/argoproj/argo/blob/master/examples/README.md#continuous-integration-example) are not provided. Recently, there have been major changes, which can be expected. Refer to PR https://github.com/argoproj/argo/pull/3488

You can check out another cloud-native CI/CD tool, tekton (not recommended), available at my.oschina.net/u/160697/blog/4469399

Argo is still in development and is now a CI/CD tool recommended by CNCF. I recommend drone, which is now easier to use than argo. https://my.oschina.net/u/160697/blog/4487417

For more information, please refer to https://github.com/argoproj/argo

Install argo controller, subject to the latest official github.com/argoproj/argo/releases

kubectl create namespace argokubectl apply -n argo -f https://raw.githubusercontent.com/argoproj/argo/v2.10.0-rc4/manifests/install.yaml

Install argo linux/mac customer service terminal (can not install, use UI operation)

# Download the binarycurl -sLO https://github.com/argoproj/argo/releases/download/v2.10.0-rc4/argo-linux-amd64.gz# Unzipgunzip argo-linux-amd64.gz# Make binary executablechmod +x argo-linux-amd64# Move binary to pathmv ./ argo-linux-amd64 /usr/local/bin/argo# Test installationargo version

Access argo controller's Service (traefik https://my.oschina.net/u/160697/blog/4437939) from outside the network. There are official login schemes, but there are few documents. Choose a custom scheme.

#Generate (generate online https://tool.ochina.net/htpasswd) account password #and replace usersudo apt install apache2-utilsecho $(htpasswd -nb admin gJv4EAfuXp5vFJ8) in Secret

Replace users in line 8 with the output of echo above. Add basicAuth authentication, add authentication will add Header(authorization), argo will determine this header. So you need to add a middleware to delete authorization

apiVersion: v1kind: Secretmetadata: name: argo-dashboard-auth-secret namespace: argotype: OpaquestringData: users: admin:$apr1$tQ1iFwRf$8SvGrGQcBT.RdZS73ULXH1---apiVersion: traefik.containo.us/v1alpha1kind: Middlewaremetadata: name: argo-dashboard-auth namespace: argospec: basicAuth: secret: argo-dashboard-auth-secret---apiVersion: traefik.containo.us/v1alpha1kind: Middlewaremetadata: name: remove-argo-auth-header namespace: argospec: headers: customRequestHeaders: authorization: "" # Removes---apiVersion: traefik.containo.us/v1alpha1kind: IngressRoutemetadata: name: argo-dashboard namespace: argospec: entryPoints: - websecure routes: - kind: Rule match: Host(`argo.your_domain.com`) services: - name: argo-server port: 2746 middlewares: - name: argo-dashboard-auth - name: remove-argo-auth-header tls: certResolver: aliyun domains: - main: "argo.your_domain.com"

effect

Create an official default workflow.

What needs attention is that namespace selects argo, and serviceAccountName: argo is added under spec.

When created with kubectl apply -n argo -f https://raw.githuusercontent.com/argoproj/v2.10.0-rc4/manifests/install.yaml, ServiceAccount is created only in namespace argo

Failed to establish pod watch: unknown (get pods)

For use in other namespaces, see below

If you need to create a workflow in another namespace. ServiceAccount needs to be created. Argo-rbac.yaml

#argo-rbac.yamlapiVersion: v1kind: ServiceAccountmetadata: name: workflow---apiVersion: rbac.authorization.k8s.io/v1kind: Rolemetadata: name: workflow-rolerules:# pod get/watch is used to identify the container IDs of the current pod# pod patch is used to annotate the step's outputs back to controller (e.g. artifact location)- apiGroups: - "" resources: - pods verbs: - get - watch - patch# logs get/watch are used to get the pods logs for script outputs, and for log archival- apiGroups: - "" resources: - pods/log verbs: - get - watch---apiVersion: rbac.authorization.k8s.io/v1kind: RoleBindingmetadata: name: workflow-bindingroleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: workflow-rolesubjects:- kind: ServiceAccount name: workflow

Create a ServiceAccount. You can change default to another namespace, and you must add serviceAccountName: workflow after you create it

kubectl apply -n default -f argo-rbac.yaml

Using Workflow Template

Add serviceAccountName: workflow

Once created, you can deploy k8s programs through this template

The above is how to do argo cloud native CI/CD preliminary exploration, have you learned knowledge or skills? If you want to learn more skills or enrich your knowledge reserves, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.