This repository serves as a blueprint to start fast and easy with OTC GitOps
First setup the infrastructure according to the README within this Github Template
then create a fork from this repository.
This helm chart infrastructure-charts is automatically installed by terraform. It then creates multiple other applications in the format of app-of-apps pattern
Within infrastructure-charts/values.yaml
you can add new services and customize them. Helm tpl is supported within the values.yaml file
If you didn't source the shell-helper.sh
in the https://github.com/iits-consulting/otc-terraform-template project please do so by running:
source shell-helper.sh
Now you are able to execute the argo
command. Run the argo
command. This will do the following:
- Print out the Username and the Password on the first line
- The browser should open automatically and open a tab to the ArgoCD UI. If it does not open a browser, you can do it yourself by opening this url: http://localhost:8080/argocd
- You should see that ArgoCD automatically already installed multiple charts
If all services are up and running you should also be able to access your admin domain like this: https://admin.YOUR-DOMAIN-NAME
You have 3 options to deploy some services.
-
Chart from a global helm chart registry which is configured in line number 12 (in this example we use https://charts.iits.tech/). Charts deployed like this: argocd-config, otc-storage-classes, traefik, cert-manager, basic-auth-gateway, kafka, admin-dashboard
-
Chart from a non global helm chart registry. Charts deployed like this: bitnami-kafka
-
Chart which resides inside this git repository. Charts deployed like this: akhq
Let's deploy some additional chart. Now it is time for you deploy some charts/services by yourself. In this example we will install an elastic stack (kibana/elasticsearch/filebeat)
- Open infrastructure-charts/values.yaml
- Add a new service like this:
elastic-stack: namespace: monitoring targetRevision: "7.17.3-route-bugfix"
You need to commit and push this change now. Argo detects the changes and applies them after around 2-3 minutes.
After deployment please update the admin dashboard (infrastructure-charts/values-files/admin-dashboard/values.yaml) with the new links.
- /kibana
- /elasticsearch
You have 3 ways of changing the values of a chart
- You change the values inside the remote/local helm chart itself
- You set parameters inside the "infrastructure-charts/values.yaml" like shown between line number 55 till 57. We would recommend this approach if you need to template values or if you have just a few values which needs to be set.
- You specify the location of a values.yaml file like shown on line number 82. We would recommend this approach only if you have a lot of static values which are not stage dependent.
Now let's change some values:
- Please change inside
/infrastructure-charts/values.yaml
the number of traefik replicas from 1 to 2 - Commit and push your changes
- Check the service in the ArgoCD UI and verify that it scaled up
Since this setup is build on top of the otc-terraform-template you can hand over information from terraform to argo like this:
resource "helm_release" "argocd" {
...
values = [
yamlencode({
projects = {
infrastructure-charts = {
projectValues = {
# Set this to enable stage $STAGE-values.yaml
stage = var.stage
traefikElbId = module.terraform_secrets_from_encrypted_s3_bucket.secrets["elb_id"]
adminDomain = "admin.${var.domain_name}"
storageClassKmsKeyId = module.terraform_secrets_from_encrypted_s3_bucket.secrets["storage_class_kms_key_id"]
}
...
}
)
]
}
All projectValues variables are given over to argo, and we can reuse them here.
In this example the stage, traefikElbId, adminDomain storageClassKmsKeyId variables are handed over to argo.
- First copy the whole content of this project to some other git repository
- Change then the folder infrastructure-charts to something you like for example app-charts
- Change also all the other occurrences from infrastructure-charts to app-charts
- Register the app-charts as a App of Apps project inside terraform like this:
resource "helm_release" "argocd" {
...
values = [
yamlencode({
projects = {
infrastructure-charts = {
....
}
app-charts = {
projectValues = {
# Set this to enable stage $STAGE-values.yaml
stage = var.stage
appDomain = "${var.domain_name}"
}
git = {
password = var.git_token
repoUrl = "https://my-git-repo-for-apps.git"
}
}
}
)
]
}
- Argo will now do the same with the app-charts as with the infrastructure-charts
For each team we recommend to create a own git repo and AppProject. Then you will be able to fully make use of RBAC.
Try to deploy your own services like nextcloud, prometheus-stack, keycloak or zitadel