Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD aligns with the GitOps principles, ensuring that the deployment of groundcover is always in sync with the predefined configurations in your Git repository. This means that any changes made to the deployment configurations are automatically applied to the cluster, streamlining updates and ensuring that all instances of groundcover are consistent across different environments.
Argo CD’s multi-environment support ensures that groundcover can be deployed consistently across various Kubernetes clusters, whether they are designated for development, testing, or production.
To deploy groundcover through Argo CD, use the following steps.
Create the groundcover namespace
groundcover requires setting up several secrets in the installation namespace prior to creating the ArgoCD application. For that reason we will start by creating the groundcover namespace:
kubectl create namespace groundcoverCreate secrets
In the following steps you will create the follow Kubernetes secrets objects:
Ingestion Key secret
ClickHouse password secret
Create the API Key secret
Step 1 - Fetch the Ingestion key
Follow the step related to the groundcover Backend setup:
BYOC:
Create an
Ingestion Keyof typeSensor(via API or Settings -> Access -> Ingestion Keys) *It's recommended to generate a unique Ingestion key per Sensor deployment
Self-Managed:
Start by fetching the key associated with your workspace using the following CLI command:
groundcover auth print-api-key
Step 2 - Create the spec file
Create the spec file for the secret in the groundcover namespace using the following snippet:
cat << EOF > groundcover_ingestionkey_secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: groundcover-ingestion-key
namespace: groundcover
stringData:
INGESTION_KEY: <ingestion-key>
type: Opaque
EOFStep 3 - Create the secret
Apply the spec file from above:
kubectl apply -f groundcover_ingestionkey_secret.yamlCreate the ClickHouse password secret
Step 1 - Create a random password
Start by generating a random password for ClickHouse. For example using openssl rand:
opensslis just one way to do it - you can use any random string you wish
openssl rand -hex 16 Step 2 - Create the spec file
Create the spec file using the following snippet:
cat << EOF > groundcover_clickhouse_secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: groundcover-clickhouse
namespace: groundcover
type: Opaque
stringData:
admin-password: <password>
EOFStep 3 - Create the secret
Apply the spec file from above:
kubectl apply -f groundcover_clickhouse_secret.yamlCreate the Argo CD Application Manifest
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: groundcover
namespace: argocd
spec:
project: <project-name>
source:
chart: groundcover
repoURL: https://helm.groundcover.com
targetRevision: <groundcover-version>
helm:
releaseName: groundcover
values: |
clusterId: <cluster-name>
global:
groundcoverPredefinedTokenSecret:
secretKey: INGESTION_KEY
secretName: groundcover-ingestion-key
clickhouse:
auth:
existingSecretKey: admin-password
existingSecret: groundcover-clickhouse
destination:
server: "https://kubernetes.default.svc"
namespace: groundcover
# avoid OutOfSync state on secrets with random-data.
# https://argo-cd.readthedocs.io/en/stable/user-guide/helm/#random-data
syncPolicy:
syncOptions:
- CreateNamespace=true
- RespectIgnoreDifferences=true
ignoreDifferences:
- kind: Secret
jsonPointers:
- /data
- /stringData
- group: apps
kind: '*'
jsonPointers:
- /spec/template/metadata/annotations/checksum~1secret
- group: admissionregistration.k8s.io
kind: ValidatingWebhookConfiguration
jqPathExpressions:
- '.webhooks[]?.clientConfig.caBundle'Inspect the groundcover namespace
After creating the manifest above the groundcover deployments will start spinning up in the namespace. When all pods are running you can access the platform at app.groundcover.comto access new data from the environment.
If you encounter any issues in the installation let us know over Slack.
Last updated