adding Argo CD

README.md

@@ -108,6 +108,7 @@ Hashiqube can be visualized with the diagrams below.
 * [Visual-Studio-Code](visual-studio-code/#visual-studio-code) - Visual Studio Code is a code editor redefined and optimized for building and debugging modern web and cloud applications `vagrant up --provision-with basetools,docker,vscode-server`
 * [Portainer](portainer/#portainer) - A lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. It is designed to be as simple to deploy as it is to use `vagrant up --provision-with basetools,docker,docsify,portainer`
 * [Gitlab](gitlab/#gitlab) - GitLab is a complete DevOps platform, delivered as a single application `vagrant up --provision-with basetools,docker,docsify,minikube,gitlab`
+* [Argocd](argocd/#argocd) - Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. `vagrant up --provision-with basetools,docker,docsify,minikube,argocd`
 
 Once the stack is up you will have a large number of services running and available on `localhost` <br />
 For Documentation please open http://localhost:3333 in your browser

SUMMARY.md

@@ -3,6 +3,7 @@
   * [Ansible](ansible/README.md)
   * [Ansible-tower](ansible-tower/README.md)
   * [Apache-airflow](apache-airflow/README.md)
+  * [Argocd](argocd/README.md)
   * [Boundary](boundary/README.md)
   * [Code-server](code-server/README.md)
   * [Consul](consul/README.md)

Vagrantfile

@@ -130,6 +130,7 @@ Vagrant::configure("2") do |config|
         config.vm.network "forwarded_port", guest: 8000, host: 8000 # markdown-quiz-generator
         config.vm.network "forwarded_port", guest: 3001, host: 3001 # uptime-kuma
         config.vm.network "forwarded_port", guest: 6001, host: 6001 # trex
+        config.vm.network "forwarded_port", guest: 18043, host: 18043 # argocd
       end
 
       config.vm.hostname = "#{machine[:name]}"
@@ -355,6 +356,10 @@ Vagrant::configure("2") do |config|
       # vagrant up --provision-with basetools,docker,trex to only run this on vagrant up
       config.vm.provision "trex", run: "never", type: "shell", preserve_order: false, privileged: true, path: "trex/trex.sh"
 
+      # argocd
+      # vagrant up --provision-with basetools,docker,minikube,argocd to only run this on vagrant up
+      config.vm.provision "argocd", run: "never", type: "shell", preserve_order: false, privileged: true, path: "argocd/argocd.sh"
+
       # vagrant up --provision-with welcome to only run this on vagrant up
       config.vm.provision "welcome", preserve_order: true, type: "shell", privileged: true, inline: <<-SHELL
         echo -e '\e[38;5;198m'"HashiQube has now been provisioned, and your services should be running."

argocd/README.md

@@ -0,0 +1,166 @@
+# Argocd
+
+![Argocd Logo](images/argocd-logo.png?raw=true "Argocd Logo")
+
+Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
+
+## Why Argo CD?
+
+Application definitions, configurations, and environments should be declarative and version controlled. Application deployment and lifecycle management should be automated, auditable, and easy to understand.
+
+![Argocd UI](images/argocd-ui.webp?raw=true "Argocd UI")
+
+## How it works? 
+
+Argo CD follows the GitOps pattern of using Git repositories as the source of truth for defining the desired application state. Kubernetes manifests can be specified in several ways:
+
+- kustomize applications
+- helm charts
+- jsonnet files
+- Plain directory of YAML/json manifests
+- Any custom config management tool configured as a config management plugin
+
+Argo CD automates the deployment of the desired application states in the specified target environments. Application deployments can track updates to branches, tags, or pinned to a specific version of manifests at a Git commit. See tracking strategies for additional details about the different tracking strategies available.
+
+## Get started
+
+`vagrant up --provision-with basetools,docsify,docker,minikube,argocd`
+
+```log
+...
+==> hashiqube0: Running provisioner: argocd (shell)...
+    hashiqube0: Running: /var/folders/_6/ryd81jzj43n40qjtl4s293cm0000gn/T/vagrant-shell20240516-87542-6d58v.sh
+    hashiqube0: CPU is arm64
+    hashiqube0: ++++
+    hashiqube0: ++++ Ensure Docker Daemon is running (Dependency)
+    hashiqube0: ++++
+    hashiqube0: ++++ Docker is running
+    hashiqube0: ++++
+    hashiqube0: ++++ Ensure Minikube is running (Dependency)
+    hashiqube0: ++++
+    hashiqube0: Minikube is running
+    hashiqube0: ++++
+    hashiqube0: ++++ Create Argocd Namespace
+    hashiqube0: ++++
+    hashiqube0: namespace/argocd created
+    hashiqube0: ++++
+    hashiqube0: ++++ Install Argocd using kubectl
+    hashiqube0: ++++
+    hashiqube0: customresourcedefinition.apiextensions.k8s.io/applications.argoproj.io created
+    hashiqube0: customresourcedefinition.apiextensions.k8s.io/applicationsets.argoproj.io created
+    hashiqube0: customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
+    hashiqube0: serviceaccount/argocd-application-controller created
+    hashiqube0: serviceaccount/argocd-applicationset-controller created
+    hashiqube0: serviceaccount/argocd-dex-server created
+    hashiqube0: serviceaccount/argocd-notifications-controller created
+    hashiqube0: serviceaccount/argocd-redis created
+    hashiqube0: serviceaccount/argocd-repo-server created
+    hashiqube0: serviceaccount/argocd-server created
+    hashiqube0: role.rbac.authorization.k8s.io/argocd-application-controller created
+    hashiqube0: role.rbac.authorization.k8s.io/argocd-applicationset-controller created
+    hashiqube0: role.rbac.authorization.k8s.io/argocd-dex-server created
+    hashiqube0: role.rbac.authorization.k8s.io/argocd-notifications-controller created
+    hashiqube0: role.rbac.authorization.k8s.io/argocd-server created
+    hashiqube0: clusterrole.rbac.authorization.k8s.io/argocd-application-controller created
+    hashiqube0: clusterrole.rbac.authorization.k8s.io/argocd-applicationset-controller created
+    hashiqube0: clusterrole.rbac.authorization.k8s.io/argocd-server created
+    hashiqube0: rolebinding.rbac.authorization.k8s.io/argocd-application-controller created
+    hashiqube0: rolebinding.rbac.authorization.k8s.io/argocd-applicationset-controller created
+    hashiqube0: rolebinding.rbac.authorization.k8s.io/argocd-dex-server created
+    hashiqube0: rolebinding.rbac.authorization.k8s.io/argocd-notifications-controller created
+    hashiqube0: rolebinding.rbac.authorization.k8s.io/argocd-server created
+    hashiqube0: clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller created
+    hashiqube0: clusterrolebinding.rbac.authorization.k8s.io/argocd-applicationset-controller created
+    hashiqube0: clusterrolebinding.rbac.authorization.k8s.io/argocd-server created
+    hashiqube0: configmap/argocd-cm created
+    hashiqube0: configmap/argocd-cmd-params-cm created
+    hashiqube0: configmap/argocd-gpg-keys-cm created
+    hashiqube0: configmap/argocd-notifications-cm created
+    hashiqube0: configmap/argocd-rbac-cm created
+    hashiqube0: configmap/argocd-ssh-known-hosts-cm created
+    hashiqube0: configmap/argocd-tls-certs-cm created
+    hashiqube0: secret/argocd-notifications-secret created
+    hashiqube0: secret/argocd-secret created
+    hashiqube0: service/argocd-applicationset-controller created
+    hashiqube0: service/argocd-dex-server created
+    hashiqube0: service/argocd-metrics created
+    hashiqube0: service/argocd-notifications-controller-metrics created
+    hashiqube0: service/argocd-redis created
+    hashiqube0: service/argocd-repo-server created
+    hashiqube0: service/argocd-server created
+    hashiqube0: service/argocd-server-metrics created
+    hashiqube0: deployment.apps/argocd-applicationset-controller created
+    hashiqube0: deployment.apps/argocd-dex-server created
+    hashiqube0: deployment.apps/argocd-notifications-controller created
+    hashiqube0: deployment.apps/argocd-redis created
+    hashiqube0: deployment.apps/argocd-repo-server created
+    hashiqube0: deployment.apps/argocd-server created
+    hashiqube0: statefulset.apps/argocd-application-controller created
+    hashiqube0: networkpolicy.networking.k8s.io/argocd-application-controller-network-policy created
+    hashiqube0: networkpolicy.networking.k8s.io/argocd-applicationset-controller-network-policy created
+    hashiqube0: networkpolicy.networking.k8s.io/argocd-dex-server-network-policy created
+    hashiqube0: networkpolicy.networking.k8s.io/argocd-notifications-controller-network-policy created
+    hashiqube0: networkpolicy.networking.k8s.io/argocd-redis-network-policy created
+    hashiqube0: networkpolicy.networking.k8s.io/argocd-repo-server-network-policy created
+    hashiqube0: networkpolicy.networking.k8s.io/argocd-server-network-policy created
+    hashiqube0: ++++
+    hashiqube0: ++++ Waiting for Argocd Server to become available, (1/20) sleep 60s
+    hashiqube0: ++++
+    hashiqube0: NAME                                                   READY   STATUS            RESTARTS   AGE
+    hashiqube0: pod/argocd-application-controller-0                    1/1     Running           0          61s
+    hashiqube0: pod/argocd-applicationset-controller-c4fd6dcdb-vcj58   1/1     Running           0          62s
+    hashiqube0: pod/argocd-dex-server-869bdc7dcb-h2c4l                 0/1     PodInitializing   0          62s
+    hashiqube0: pod/argocd-notifications-controller-6bbd5dd8d-7trfr    1/1     Running           0          62s
+    hashiqube0: pod/argocd-redis-79c9bd545b-2rntm                      1/1     Running           0          62s
+    hashiqube0: pod/argocd-repo-server-f965fdfcf-r2hc4                 1/1     Running           0          62s
+    hashiqube0: pod/argocd-server-94c995fcb-p5r8s                      1/1     Running           0          62s
+    hashiqube0: 
+    hashiqube0: NAME                                              TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
+    hashiqube0: service/argocd-applicationset-controller          ClusterIP   10.110.147.174   <none>        7000/TCP,8080/TCP            62s
+    hashiqube0: service/argocd-dex-server                         ClusterIP   10.103.19.31     <none>        5556/TCP,5557/TCP,5558/TCP   62s
+    hashiqube0: service/argocd-metrics                            ClusterIP   10.110.160.2     <none>        8082/TCP                     62s
+    hashiqube0: service/argocd-notifications-controller-metrics   ClusterIP   10.103.106.161   <none>        9001/TCP                     62s
+    hashiqube0: service/argocd-redis                              ClusterIP   10.98.131.184    <none>        6379/TCP                     62s
+    hashiqube0: service/argocd-repo-server                        ClusterIP   10.105.48.221    <none>        8081/TCP,8084/TCP            62s
+    hashiqube0: service/argocd-server                             ClusterIP   10.111.209.124   <none>        80/TCP,443/TCP               62s
+    hashiqube0: service/argocd-server-metrics                     ClusterIP   10.106.168.193   <none>        8083/TCP                     62s
+    hashiqube0: 7m21s       Normal   NodeHasSufficientMemory   node/minikube                          Node minikube status is now: NodeHasSufficientMemory
+    hashiqube0: Running
+    hashiqube0: ++++
+    hashiqube0: ++++ Change the argocd-server service type to NodePort
+    hashiqube0: ++++
+    hashiqube0: service/argocd-server patched
+    hashiqube0: ++++
+    hashiqube0: ++++ Get argocd-initial-admin-secret
+    hashiqube0: ++++
+    hashiqube0: ++++ Argocd Admin Password: -FSZUP98JO50x5re
+    hashiqube0: ++++
+    hashiqube0: ++++ kubectl port-forward -n argocd service/argocd-server 18043:80 --address="0.0.0.0"
+    hashiqube0: ++++
+    hashiqube0: ++++
+    hashiqube0: ++++ kubectl port-forward -n argocd service/argocd-server 18043:80 --address="0.0.0.0", (1/20) sleep 60s
+    hashiqube0: ++++
+    hashiqube0: ++++
+    hashiqube0: ++++ kubectl port-forward -n argocd service/argocd-server 18043:80 --address="0.0.0.0", (2/20) sleep 60s
+    hashiqube0: ++++
+    hashiqube0: tcp        0      0 0.0.0.0:18043           0.0.0.0:*               LISTEN      22218/kubectl
+    hashiqube0: ++++
+    hashiqube0: ++++ Access Argocd
+    hashiqube0: ++++
+    hashiqube0: ++++ Argocd Server started at http://localhost:18043
+    hashiqube0: ++++ Login with admin:-FSZUP98JO50x5re
+    hashiqube0: ++++ Argocd Documentation http://localhost:3333/#/argocd/README?id=argocd
+```
+
+## Links 
+
+- https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/
+- https://devopscube.com/setup-argo-cd-using-helm/
+
+## Argocd Vagrant Provisioner
+
+`argocd.sh`
+
+[filename](argocd.sh ':include :type=code')
+
+[google ads](../googleads.html ':include :type=iframe width=100% height=300px')

argocd/argocd.sh

@@ -0,0 +1,90 @@
+#!/bin/bash
+# https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/
+# https://devopscube.com/setup-argo-cd-using-helm/
+
+arch=$(lscpu | grep "Architecture" | awk '{print $NF}')
+if [[ $arch == x86_64* ]]; then
+  ARCH="amd64"
+elif  [[ $arch == aarch64 ]]; then
+  ARCH="arm64"
+fi
+echo -e '\e[38;5;198m'"CPU is $ARCH"
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Ensure Docker Daemon is running (Dependency)"
+echo -e '\e[38;5;198m'"++++ "
+if pgrep -x "dockerd" >/dev/null
+then
+  echo -e '\e[38;5;198m'"++++ Docker is running"
+else
+  echo -e '\e[38;5;198m'"++++ Ensure Docker is running.."
+  sudo bash /vagrant/docker/docker.sh
+fi
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Ensure Minikube is running (Dependency)"
+echo -e '\e[38;5;198m'"++++ "
+if pgrep -x "minikube" >/dev/null
+then
+  echo "Minikube is running"
+else
+  echo -e '\e[38;5;198m'"Minikube is not running, launching"
+  sudo bash /vagrant/minikube/minikube.sh
+fi
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Create Argocd Namespace"
+echo -e '\e[38;5;198m'"++++ "
+sudo --preserve-env=PATH -u vagrant kubectl create namespace argocd
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Install Argocd using kubectl"
+echo -e '\e[38;5;198m'"++++ "
+sudo --preserve-env=PATH -u vagrant kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
+
+attempts=0
+max_attempts=20
+while ! ( sudo --preserve-env=PATH -u vagrant kubectl get pods --namespace argocd | grep argocd-server | tr -s " " | cut -d " " -f3 | grep Running ) && (( $attempts < $max_attempts )); do
+  attempts=$((attempts+1))
+  sleep 60;
+  echo -e '\e[38;5;198m'"++++ "
+  echo -e '\e[38;5;198m'"++++ Waiting for Argocd Server to become available, (${attempts}/${max_attempts}) sleep 60s"
+  echo -e '\e[38;5;198m'"++++ "
+  sudo --preserve-env=PATH -u vagrant kubectl get po,svc --namespace argocd
+  sudo --preserve-env=PATH -u vagrant kubectl get events | grep -e Memory -e OOM
+done
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Change the argocd-server service type to NodePort"
+echo -e '\e[38;5;198m'"++++ "
+sudo --preserve-env=PATH -u vagrant kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}'
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Get argocd-initial-admin-secret"
+echo -e '\e[38;5;198m'"++++ "
+export ARGOCD_PASSWORD=$(sudo --preserve-env=PATH -u vagrant kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath='{.data.password}' | base64 -d)
+echo -e '\e[38;5;198m'"++++ Argocd Admin Password: $ARGOCD_PASSWORD"
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ kubectl port-forward -n argocd service/argocd-server 18043:80 --address=\"0.0.0.0\""
+echo -e '\e[38;5;198m'"++++ "
+attempts=0
+max_attempts=20
+while ! ( sudo netstat -nlp | grep "0.0.0.0:18043" ) && (( $attempts < $max_attempts )); do
+  attempts=$((attempts+1))
+  sleep 60;
+  echo -e '\e[38;5;198m'"++++ "
+  echo -e '\e[38;5;198m'"++++ kubectl port-forward -n argocd service/argocd-server 18043:80 --address=\"0.0.0.0\", (${attempts}/${max_attempts}) sleep 60s"
+  echo -e '\e[38;5;198m'"++++ "
+  sudo --preserve-env=PATH -u vagrant kubectl port-forward -n argocd service/argocd-server 18043:80 --address="0.0.0.0" > /dev/null 2>&1 &
+done
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Access Argocd"
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Argocd Server started at http://localhost:18043"
+echo -e '\e[38;5;198m'"++++ Login with admin:$ARGOCD_PASSWORD"
+echo -e '\e[38;5;198m'"++++ Argocd Documentation http://localhost:3333/#/argocd/README?id=argocd"
+
+# TODO: read token and test login
+# boundary authenticate password -login-name=admin -password password -auth-method-id=ampw_1234567890 -addr=http://127.0.0.1:19200

docker/docker.sh

@@ -13,12 +13,20 @@ elif  [[ $arch == aarch64 ]]; then
   ARCH="arm64"
 fi
 echo -e '\e[38;5;198m'"CPU is $ARCH"
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"Installing Docker"
+echo -e '\e[38;5;198m'"++++ "
 sudo add-apt-repository "deb [arch=$ARCH] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
 sudo apt-get update -qq < /dev/null > /dev/null
 # BUG: error reopening /dev/null https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1950071 so we pin docker-ce=5:20.10.16~3-0~ubuntu-focal and containerd.io=1.5.11-1
 # BUG: https://github.com/containerd/containerd/issues/6203
 # FIXED: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error reopening /dev/null inside container: open /dev/null: operation not permitted: unknown
 sudo DEBIAN_FRONTEND=noninteractive apt-get install -qq --allow-downgrades --assume-yes docker-ce docker-ce-cli containerd.io docker-compose-plugin < /dev/null > /dev/null
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"Set Docker Configs"
+echo -e '\e[38;5;198m'"++++ "
 sudo usermod -aG docker vagrant
 sudo mkdir -p /etc/docker
 # https://docs.docker.com/config/daemon/prometheus/
@@ -31,14 +39,20 @@ sudo echo '{
 ' >/etc/docker/daemon.json
 sudo service docker restart
 cd /vagrant/docker
+
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"Docker System prune"
+echo -e '\e[38;5;198m'"++++ "
 docker stop registry
 docker rm registry
 docker stop apache2
 docker rm apache2
 yes | sudo docker system prune -a
 yes | sudo docker system prune --volumes
 
-echo "Creating Private Docker Registry"
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"Creating Private Docker Registry"
+echo -e '\e[38;5;198m'"++++ "
 # https://docs.docker.com/registry/deploying/#customize-the-published-port
 docker run -d --restart=always \
   --name registry \
@@ -57,18 +71,28 @@ cat <<EOF | sudo tee /etc/docker/auth.json
 }
 EOF
 
-echo "Docker Login to Registry"
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Docker Login to Registry"
+echo -e '\e[38;5;198m'"++++ "
 sleep 10;
 sudo --preserve-env=PATH -u vagrant docker login -u="admin" -p="password" http://10.9.99.10:5002
 
-echo -e '\e[38;5;198m'"++++ docker build -t apache2 ."
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Docker build -t apache2 ."
+echo -e '\e[38;5;198m'"++++ "
 docker build -t apache2 .
-echo -e '\e[38;5;198m'"++++ docker images --filter reference=apache2"
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Docker images --filter reference=apache2"
+echo -e '\e[38;5;198m'"++++ "
 docker images --filter reference=apache2
-echo -e '\e[38;5;198m'"++++ docker run -t -d -i -p 8889:80 --name apache2 --rm apache2"
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Docker run -t -d -i -p 8889:80 --name apache2 --rm apache2"
+echo -e '\e[38;5;198m'"++++ "
 docker run -t -d -i -p 8889:80 --name apache2 --memory 16M --rm apache2
 docker ps
+echo -e '\e[38;5;198m'"++++ "
 echo -e '\e[38;5;198m'"++++ Docker stats"
+echo -e '\e[38;5;198m'"++++ "
 docker stats --no-stream -a
 echo -e '\e[38;5;198m'"++++ open http://localhost:8889 in your browser"
 echo -e '\e[38;5;198m'"++++ you can also run below to get apache2 version from the docker container"