Skip to content

05_install_argocd_apps.md

Latest commit

 

History

History
84 lines (65 loc) · 2.82 KB

05_install_argocd_apps.md

File metadata and controls

84 lines (65 loc) · 2.82 KB
  1. Create argocd-apps repository in devops group of GitLab.
  2. Add your public ssh key to the GitLab account.
  3. Clone the repository to your local machine.
  4. Create and add runner registration token from gitlab to argocd-apps/values/vmkube-2/gitlab-runner.yaml
  5. Copy and push content of argocd-apps folder (values and yamls folders) to gitlab argocd-apps repo.
  6. Then run:
export KUBECONFIG=~/.kube/vmkube
kubectl config use-context admin@vmkube-1
kubectl apply -f argocd-apps/yamls/vmkube-1/root-app.yaml

Observe sync in ArgoCD UI.

  1. DNS settings.

Check EXTERNAL-IP of the coredns (external-dns) service:

export KUBECONFIG=~/.kube/vmkube
kubectl config use-context admin@vmkube-1
kubectl get svc -n external-dns coredns
kubectl config use-context admin@vmkube-2
kubectl get svc -n external-dns coredns

install systemd-resolved:

sudo apt install -y systemd-resolved

Place a script /etc/NetworkManager/dispatcher.d/50-set-vmkube-dns with content:

#!/bin/bash
if [ "$1" = "vmkube-br0" ] && [ "$2" = "up" ]; then
resolvectl dns "$1" <first dns ip> <second dns ip>
resolvectl domain "$1" "~homelab.internal"
fi

Make it executable and restart NetworkManager:

sudo chmod 755 /etc/NetworkManager/dispatcher.d/50-set-vmkube-dns
sudo systemctl restart NetworkManager

Check if DNS resolution works:

nslookup postgres.vmkube-1.homelab.internal
nslookup postgres.vmkube-2.homelab.internal
export KUBECONFIG=~/.kube/vmkube
kubectl config use-context admin@vmkube-1
kubectl run busybox --image=mirror.gcr.io/library/busybox --rm  --attach --restart=Never -- nslookup postgres.vmkube-2.homelab.internal
kubectl config use-context admin@vmkube-2
kubectl run busybox --image=mirror.gcr.io/library/busybox --rm  --attach --restart=Never -- nslookup postgres.vmkube-1.homelab.internal

It should be resolved to ingress LoadBalancer IP.

  1. Unseal OpenBao Use this guide
kubectl -n openbao  exec -it vmkube-1-openbao-0 -- bao operator init
kubectl -n openbao  exec -it vmkube-1-openbao-0 -- bao operator unseal <Unseal Key 1>
kubectl -n openbao  exec -it vmkube-1-openbao-0 -- bao operator unseal <Unseal Key 2>
kubectl -n openbao  exec -it vmkube-1-openbao-0 -- bao operator unseal <Unseal Key 3>
  1. Login to ArgoCD, Grafana, OpenBao etc.
# get grafana password
kubectl get secret -n victoria-metrics-k8s-stack vmkube-1-victoria-metrics-k8s-stack-grafana -o jsonpath='{.data.admin-password}' | base64 -d
# if password does not work, just reset it
kubectl exec -n victoria-metrics-k8s-stack -it $(kubectl get pods -n victoria-metrics-k8s-stack -l "app.kubernetes.io/name=grafana" -o jsonpath="{.items[0].metadata.name}") -- grafana cli admin reset-admin-password 123456

Step completed!