A Platform Template with ArgoCD and Crossplane in a multi-cloud environment
The architecture for the Platform can be found below:
Before we dive into the installation steps and get our hands dirty, we need to understand what is the motivation behind using ArgoCD? What actually is ArgoCD? What is Crossplane?
ArgoCD is a GitOps tool which manages infrastructure on committing changes to GitHub repository. It is always connected to GitHub Repository and based on the branch that it is told to make changes to infrastructure, it will only manage when committing changes to that branch.
But why GitOps? Why not use any other CI/CD tool like Azure DevOps, GitHub Actions or Gitlab CI/CD? The motivation of GitOps is mostly for any infrastructure changes. Unlike the traditional CI/CD tool, we rarely make changes to Infrastructure in any environment. Additionally, GitOps have a quicker update than a traditional CI/CD tool.
Secondly, Crossplane is an IaC tool which utilizes a Kubernetes cluster to store the state instead of a container (z. B. S3 for AWS, Azure Blob Storage for Azure). It is beneficial for cloud native environment because as a DevOps engineer, when any changes to infrastructure is made unintentionally, it messes up the entire state unlike Pulumi and Terraform, which are good tools as well.
Henceforth, Combining Crossplane and ArgoCD, you can make changes to infrastructure by using PRs to review changes and merging changes to the branch you would want to manage infrastructure as you want.
Note: This installation only covers installation of ArgoCD and Crossplane
You can run the following script to install cluster with ArgoCD and Crossplane:
./scripts/initialize_argocd.shIf you would like to follow the traditional approach, you can follow this page
In this project, we are following the ArgoCD App of App and sync waves approach
Note: Please replace <cloudprovider> with the cloud you use. z.B. if you use aws, you would use provider-aws in the following steps
Steps:
- Create a
provider-<cloudprovider>.yamlfile ingitops/applicationsdirectory - Copy the contents of
argo-config.yamlfile within thegitops/applicationsdirectory - Create a directory under
gitops/manifestsfor the cloud provider (z.B.provider-awsfor aws ) - Replace the
pathfromgitops/manifests/argo-configto the newly created path - Update the
metadata.nametoprovider-<cloudprovider> - Change
argocd.argoproj.io/sync-wave: "-1"toargocd.argoproj.io/sync-wave: "2" - Create a Provider yaml file in the newly created directory (you can find the provider from here) depending on which resource is expected
apiVersion: pkg.crossplane.io/v1 kind: Provider metadata: name: provider-aws spec: package: xpkg.upbound.io/crossplane-contrib/provider-aws:v0.44.2
- Commit and push the changes
- Check the changes in ArgoCD console (http://argocd.127.0.0.1.nip.io)
- After the changes are synchronized and applied, create a credentials file in your local directory (reference: aws credentials)
- You can create the secret using the following command (please change the name
aws-secretandaws-credentials.txtbased on the secret you want and the credentials fle you created):kubectl create secret generic aws-secret \ -n crossplane-system \ --from-file=creds=./aws-credentials.txt - Create a
provider-config-<cloudprovider>file ingitops/applicationsdirectory - Follow the steps 2-5
- Change
argocd.argoproj.io/sync-wave: "-1"toargocd.argoproj.io/sync-wave: "3" - Create the Provider config file in the newly created directory (a sample for AWS is found below, Please remember to change the
<cloudprovider>):apiVersion: aws.crossplane.io/v1beta1 kind: ProviderConfig metadata: name: config-<cloudprovider> spec: credentials: source: Secret secretRef: namespace: crossplane-system name: aws-secret key: creds
- Repeat steps 8-9
- After it is synchronized, you are ready to create cloud resources.
- Please follow the steps 1-9 for the cloud resource (remember to change the
argocd.argoproj.io/sync-waveto 4 or more depending on the order)
Now you can see the changes in your cloud resources and Viola!