Skip to main content

Installing Argo CD Instance on vSphere Namespace: Enabling GitOps on VCF 9.0 (Part 02)

 

Installing Argo CD Instance on vSphere Namespace: Enabling GitOps on VCF 9.0 (Part 02)


In Part 01 of this blog series, we explored how to deploy the Argo CD Operator on the Supervisor Cluster. In this post, we’ll take the next step by creating an Argo CD instance within a vSphere Namespace. This instance will demonstrate how to create and then manage VMware Kubernetes Clusters (VKS) using a GitOps-based approach.

Why Deploy Argo CD via the Operator in VCF 9.0?

Enabling the Argo CD instance through the Argo CD Operator in VCF 9.0 ensures a fully integrated, lifecycle-managed GitOps solution, leveraging the native Supervisor Services framework. The Argo CD Operator simplifies deployment and ongoing management by abstracting complex configurations and ensuring seamless upgrades within the VCF platform.

Running Argo CD as a Supervisor Service provides tighter integration with vSphere Namespaces, enhanced multi-tenancy support, and secure, policy-driven access controls. This operator-based deployment model aligns with VCF 9.0’s declarative infrastructure principles, enabling GitOps capabilities to extend into VKS(VMware Kubernetes Service), vSphere PODS and VM, ensuring the ease of lifecycle management.

Foundational Setup for Enabling Argo CD in a vSphere Namespace

  1. Supervisor Cluster:- Ensure the vSphere Supervisor Cluster is enabled and in a healthy state.
  2. Argo CD Operator:- The Argo CD Operator must be installed and enabled on the Supervisor Cluster
  3. vSphere Namespace:- A vSphere Namespace must be created on the Cluster, and appropriate resource limits, VM classes, and storage policies assigned.
  4. CLI:- Ensure the Argo CD CLI and the kubectl / VCF are installed on the bootstrap node.. We can download the CLI from the Broadcom support portal

Deploying & Accessing an Argo CD instance in a vSphere Namespace

When deploying Argo CD in a vSphere Namespace, the platform offers flexibility to run it in either High Availability (HA) or non-HA mode. This behaviour is controlled by the replica count defined for the core Argo CD components, such as the application controller, repo server, and API server. By default, Argo CD is deployed in a non-HA configuration with a single replica of each component, suitable for development or low-scale environments. For production-grade or mission-critical use cases, increasing the replica count enables HA mode, ensuring redundancy, scalability, and resilience across multiple pods. Also, we can customise the resources and limits of each argocd service pod.

Sample (Non-HA) Argo CD instance (argocd-instance.yaml)

apiVersion: argocd-service.vsphere.vmware.com/v1alpha1
kind: ArgoCD
metadata:
  name: <argocd-instance-name>
  namespace: <vsphere-namedpace>
spec:
  version: <2.14.13+vmware.1-vks.1>  #kubectl explain argocd.spec.version
  url: https://<argocdapps-name>.<domain-name>
  applicationSet:
    enabled: true           # this is an optional service
    replicas: 1
  controller:
     replicas: 1
  enableLoadBalancer: true # L4 IP will be assigned for UI access
  notification:
    enabled: true           # this is an optional service
    replicas: 1
  repo:
    replicas: 1
  server:
    replicas: 1
  • Log in to the supervisor and execute the argocd-instance.yaml file
# kubectl vsphere login --server <supervisor-ip> --vsphere-username <username> --insecure-skip-tls-verify

Password:
Logged in successfully.

You have access to the following contexts:
   carbon
   svc-argocd-service-domain-c10
   svc-cci-ns-domain-c10
   svc-harbor-domain-c10
   svc-tkg-domain-c10
   svc-velero-domain-c10

**** Supervisor Context verfication ****

# kubectl config get-contexts   

# kubectl apply -f argocd-instance.yaml
argocd.argocd-service.vsphere.vmware.com/argocd-carbon created

# kubectl get pods -n <namespace>  # checking the POD status

NAME                                                READY   STATUS      RESTARTS   AGE
argocd-application-controller-0                     1/1     Running     0          3m23s
argocd-applicationset-controller-667b9b4696-qh6zw   1/1     Running     0          3m22s
argocd-notifications-controller-678dc5f47d-6wnvk    1/1     Running     0          3m22s
argocd-redis-8bfc9d85f-8wm2x                        1/1     Running     0          3m22s
argocd-redis-secret-init-xlq89                      0/1     Completed   0          3m55s
argocd-repo-server-76cbcc8574-fx6r9                 1/1     Running     0          3m22s
argocd-server-7659587546-lzsvx                      1/1     Running     0          3m22s
  • Accessing the Argo CD Instance via CLI

***** Execute the command to get the external IP to access Argo CD instance *****

# kubectl get svc -n carbon -o jsonpath='{range .items[?(@.status.loadBalancer.ingress)]}{.metadata.name}{"\t"}{.status.loadBalancer.ingress[0].ip}{"\n"}{end}'
  
  argocd-server   <xx.xx.xx.xx>

   
**** Getting the Initial Admin Password to login ********

# kubectl get secret -n <namespace> argocd-initial-admin-secret -o jsonpath='{.data.password}' | base64 -d ; echo
  
  <initial-login-password>


**** Login to the Argo CD instance via the CLI ****

# argocd login <argocd-instance-ip> --insecure

  Username: admin
  Password:
  'admin:login' logged in successfully
  Context 'xx.xx.xx.xx' updated

**** Updating the Default Password for "admin" account *******

# argocd account update-password

  *** Enter password of currently logged in user (admin):
  *** Enter new password for user admin:
  *** Confirm new password for user admin:
  Password updated
  Context 'xx.xx.xx.xx' updated

***** password verification after updating *****

# argocd login <xx.xx.xx.xx> --insecure

  Username: admin
  Password:
  'admin:login' logged in successfully
  Context 'xx.xx.xx.xx' updated


*** Login is Successful from the CLI, and password change is also successful ***
  • Accessing the Argo CD Instance via UI
Press enter or click to view image in full size

Conclusion

In this blog, we demonstrated how to deploy an Argo CD instance within a vSphere Namespace on a VMware Kubernetes Cluster (VKS), laying the foundation for GitOps-driven cluster and application management. With the Argo CD Operator enabled and the instance successfully deployed, we are now equipped to manage Kubernetes resources declaratively and at scale within the private cloud.

In the next part of this series, we will take it a step further by showcasing how to automate the creation of new VKS clusters using GitOps workflows and managing the clusters, bringing consistency, repeatability, and full lifecycle control to your infrastructure.

Comments

Post a Comment

Popular posts from this blog

Quick Guide to VCF Automation for VCD Administrators

  Quick Guide to VCF Automation for VCD Administrators VMware Cloud Foundation 9 (VCF 9) has been  released  and with it comes brand new Cloud Management Platform –  VCF Automation (VCFA)  which supercedes both Aria Automation and VMware Cloud Director (VCD). This blog post is intended for those people that know VCD quite well and want to understand how is VCFA similar or different to help them quickly orient in the new direction. It should be emphasized that VCFA is a new solution and not just rebranding of an old one. However it reuses a lot of components from its predecessors. The provider part of VCFA called Tenenat Manager is based on VCD code and the UI and APIs will be familiar to VCD admins, while the tenant part inherist a lot from Aria Automation and especially for VCD end-users will look brand new. Deployment and Architecture VCFA is generaly deployed from VCF Operations Fleet Management (former Aria Suite LCM embeded in VCF Ops. Fleet Management...
Post a Comment
Read more
  Issue with Aria Automation Custom form Multi Value Picker and Data Grid https://knowledge.broadcom.com/external/article?articleNumber=345960 Products VMware Aria Suite Issue/Introduction Symptoms: Getting  error " Expected Type String but was Object ", w hen trying to use Complex Types in MultiValue Picker on the Aria for Automation Custom Form. Environment VMware vRealize Automation 8.x Cause This issue has been identified where the problem appears when a single column Multi Value Picker or Data Grid is used. Resolution This is a known issue. There is a workaround.  Workaround: As a workaround, try adding one empty column in the Multivalue picker without filling the options. So we can add one more column without filling the value which will be hidden(there is a button in the designer page that will hide the column). This way the end user will receive the same view.  
Post a Comment
Read more
  "Cloud zone insights not available yet, please check after some time" message on Aria Automation https://knowledge.broadcom.com/external/article?articleNumber=314894 Products VMware Aria Suite Issue/Introduction Symptoms: The certificate for Aria operations has been replaced since it was initially added to Aria Automation as an integration. When accessing the Insights pane under  Cloud Assembly  ->  Infrastructure  ->  Cloud Zone  ->  Insights  the following message is displayed:   "Cloud zone insights not available yet, please check after some time." The  /var/log/services-logs/prelude/hcmp-service-app/file-logs/hcmp-service-app.log  file contains ssl errors similar to:   2022-08-25T20:06:43.989Z ERROR hcmp-service [host='hcmp-service-app-xxxxxxx-xxxx' thread='Thread-56' user='' org='<org_id>' trace='<trace_id>' parent='<parent_id>' span='<span_id>'] c.v.a.h.a.common.AlertEnu...
Post a Comment
Read more