Argo CD

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD aligns with the GitOps principles, ensuring that the deployment of groundcover is always in sync with the predefined configurations in your Git repository. This means that any changes made to the deployment configurations are automatically applied to the cluster, streamlining updates and ensuring that all instances of groundcover are consistent across different environments.

Argo CD’s multi-environment support ensures that groundcover can be deployed consistently across various Kubernetes clusters, whether they are designated for development, testing, or production.

To deploy groundcover through Argo CD, use the following steps.

Create the groundcover namespace

groundcover requires setting up several secrets in the installation namespace prior to creating the ArgoCD application. For that reason we will start by creating the groundcover namespace:

kubectl create namespace groundcover

Create secrets

In the following steps you will create the follow Kubernetes secrets objects:

1. Ingestion Key secret

2. ClickHouse password secret

Create the API Key secret

Step 1 - Fetch the Ingestion key

Follow the step related to the groundcover Backend setup:

1. BYOC:

   1. Create an Ingestion Key of type Sensor (via API or Settings -> Access -> Ingestion Keys) *It's recommended to generate a unique Ingestion key per Sensor deployment

2. Self-Managed:

   1. Start by fetching the key associated with your workspace using the following CLI command:

      Copy

      groundcover auth print-api-key

Step 2 - Create the spec file

Create the spec file for the secret in the groundcover namespace using the following snippet:

cat << EOF > groundcover_ingestionkey_secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: groundcover-ingestion-key
  namespace: groundcover
stringData:
  INGESTION_KEY: <ingestion-key>
type: Opaque
EOF

Step 3 - Create the secret

Apply the spec file from above:

kubectl apply -f groundcover_ingestionkey_secret.yaml

Create the ClickHouse password secret

Step 1 - Create a random password

Start by generating a random password for ClickHouse. For example using openssl rand:

openssl rand -hex 16 

Step 2 - Create the spec file

Create the spec file using the following snippet:

cat << EOF > groundcover_clickhouse_secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: groundcover-clickhouse
  namespace: groundcover
type: Opaque
stringData:
  admin-password: <password>
EOF

Step 3 - Create the secret

Apply the spec file from above:

kubectl apply -f groundcover_clickhouse_secret.yaml

Create the Argo CD Application Manifest

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: groundcover
  namespace: argocd
spec:
  project: <project-name>
  source:
    chart: groundcover
    repoURL: https://helm.groundcover.com
    targetRevision: <groundcover-version>
    helm:
      releaseName: groundcover
      values: |
        clusterId: <cluster-name>
        global:
          groundcoverPredefinedTokenSecret:
            secretKey: INGESTION_KEY
            secretName: groundcover-ingestion-key
          clickhouse:
            auth:
              existingSecretKey: admin-password
              existingSecret: groundcover-clickhouse
  destination:
    server: "https://kubernetes.default.svc"
    namespace: groundcover
  # avoid OutOfSync state on secrets with random-data.
  # https://argo-cd.readthedocs.io/en/stable/user-guide/helm/#random-data
  syncPolicy:
    syncOptions:
    - CreateNamespace=true
    - RespectIgnoreDifferences=true
  ignoreDifferences:
  - kind: Secret
    jsonPointers:
    - /data
    - /stringData
  - group: apps
    kind: '*'
    jsonPointers:
    - /spec/template/metadata/annotations/checksum~1secret

Inspect the groundcover namespace

After creating the manifest above the groundcover deployments will start spinning up in the namespace. When all pods are running you can access the platform at app.groundcover.comto access new data from the environment.