1、安装

1.1 Argo CD CLI

mac安装：

brew install argocd

通用安装：

# 查看os
go env GOOS
# 查看架构
go env GOARCH

argoCdName="argocd-darwin-arm64"
# 此步骤也可以手动下载
wget https://github.com/argoproj/argo-cd/releases/latest/download/$argoCdName -O $argoCdName 
sudo install -m 555 $argoCdName /usr/local/bin/argocd && rm $argoCdName

1.2 argo CD安装

需要在 Kubernetes 集群中安装 Argo CD：

kubectl create namespace argocd
wget https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml -O argocd.yaml
kubectl apply -n argocd -f argocd.yaml

结果：

$ kubectl apply -n argocd -f argocd.yaml
customresourcedefinition.apiextensions.k8s.io/applications.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/applicationsets.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
serviceaccount/argocd-application-controller created
serviceaccount/argocd-applicationset-controller created
serviceaccount/argocd-dex-server created
serviceaccount/argocd-notifications-controller created
serviceaccount/argocd-redis created
serviceaccount/argocd-repo-server created
serviceaccount/argocd-server created
role.rbac.authorization.k8s.io/argocd-application-controller created
role.rbac.authorization.k8s.io/argocd-applicationset-controller created
role.rbac.authorization.k8s.io/argocd-dex-server created
role.rbac.authorization.k8s.io/argocd-notifications-controller created
role.rbac.authorization.k8s.io/argocd-redis created
role.rbac.authorization.k8s.io/argocd-server created
clusterrole.rbac.authorization.k8s.io/argocd-application-controller created
clusterrole.rbac.authorization.k8s.io/argocd-applicationset-controller created
clusterrole.rbac.authorization.k8s.io/argocd-server created
rolebinding.rbac.authorization.k8s.io/argocd-application-controller created
rolebinding.rbac.authorization.k8s.io/argocd-applicationset-controller created
rolebinding.rbac.authorization.k8s.io/argocd-dex-server created
rolebinding.rbac.authorization.k8s.io/argocd-notifications-controller created
rolebinding.rbac.authorization.k8s.io/argocd-redis created
rolebinding.rbac.authorization.k8s.io/argocd-server created
clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller created
clusterrolebinding.rbac.authorization.k8s.io/argocd-applicationset-controller created
clusterrolebinding.rbac.authorization.k8s.io/argocd-server created
configmap/argocd-cm created
configmap/argocd-cmd-params-cm created
configmap/argocd-gpg-keys-cm created
configmap/argocd-notifications-cm created
configmap/argocd-rbac-cm created
configmap/argocd-ssh-known-hosts-cm created
configmap/argocd-tls-certs-cm created
secret/argocd-notifications-secret created
secret/argocd-secret created
service/argocd-applicationset-controller created
service/argocd-dex-server created
service/argocd-metrics created
service/argocd-notifications-controller-metrics created
service/argocd-redis created
service/argocd-repo-server created
service/argocd-server created
service/argocd-server-metrics created
deployment.apps/argocd-applicationset-controller created
deployment.apps/argocd-dex-server created
deployment.apps/argocd-notifications-controller created
deployment.apps/argocd-redis created
deployment.apps/argocd-repo-server created
deployment.apps/argocd-server created
statefulset.apps/argocd-application-controller created
networkpolicy.networking.k8s.io/argocd-application-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-applicationset-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-dex-server-network-policy created
networkpolicy.networking.k8s.io/argocd-notifications-controller-network-policy created
networkpolicy.networking.k8s.io/argocd-redis-network-policy created
networkpolicy.networking.k8s.io/argocd-repo-server-network-policy created
networkpolicy.networking.k8s.io/argocd-server-network-policy created

看下运行状态：

$ kubectl get pods -n argocd -owide
NAME                                                READY   STATUS             RESTARTS   AGE     IP           NODE                    NOMINATED NODE   READINESS GATES
argocd-application-controller-0                     1/1     Running            0          8m13s   10.244.3.4   myk8s-test-04-worker2   <none>           <none>
argocd-applicationset-controller-5b866bf4f7-rn9dw   1/1     Running            0          8m14s   10.244.3.3   myk8s-test-04-worker2   <none>           <none>
argocd-dex-server-7b6987df7-w9w7d                   0/1     PodInitializing    0          8m14s   10.244.5.3   myk8s-test-04-worker    <none>           <none>
argocd-notifications-controller-5ddc4fdfb9-ds96w    1/1     Running            0          8m14s   10.244.5.4   myk8s-test-04-worker    <none>           <none>
argocd-redis-ffccd77b9-qbg8p                        0/1     ImagePullBackOff   0          8m14s   10.244.4.3   myk8s-test-04-worker3   <none>           <none>
argocd-repo-server-55bb7b784-st9p2                  0/1     PodInitializing    0          8m14s   10.244.5.2   myk8s-test-04-worker    <none>           <none>
argocd-server-7c746df554-l22gn                      1/1     Running            0          8m14s   10.244.4.4   myk8s-test-04-worker3   <none>           <none>

发现redis的pod拉取镜像失败(ImagePullBackOff)：

$ kubectl describe pod/argocd-redis-ffccd77b9-qbg8p  -n argocd
...Warning  Failed     3m38s                  kubelet            Failed to pull image "redis:7.0.15-alpine": rpc error: code = DeadlineExceeded desc = failed to pull and unpack image "docker.io/library/redis:7.0.15-alpine": failed to resolve reference "docker.io/library/redis:7.0.15-alpine": failed to do request: Head "https://registry-1.docker.io/v2/library/redis/manifests/7.0.15-alpine": dial tcp 69.63.176.59:443: i/o timeout

我们要将argocd.yaml里面redis的镜像处理下，目前使用的镜像为：redis:7.0.15-alpine
替换为：m.daocloud.io/docker.io/library/redis:7.0.15-alpine

重新执行apply触发更新，两个pod依然处于PodInitializing状态：

$ kubectl get pods -n argocd -owide
NAME                                                READY   STATUS            RESTARTS   AGE     IP           NODE                    NOMINATED NODE   READINESS GATES
argocd-application-controller-0                     1/1     Running           0          18m     10.244.3.4   myk8s-test-04-worker2   <none>           <none>
argocd-applicationset-controller-5b866bf4f7-rn9dw   1/1     Running           0          18m     10.244.3.3   myk8s-test-04-worker2   <none>           <none>
argocd-dex-server-7b6987df7-w9w7d                   0/1     PodInitializing   0          18m     10.244.5.3   myk8s-test-04-worker    <none>           <none>
argocd-notifications-controller-5ddc4fdfb9-ds96w    1/1     Running           0          18m     10.244.5.4   myk8s-test-04-worker    <none>           <none>
argocd-redis-6cf75846cf-n7xc8                       1/1     Running           0          2m33s   10.244.3.5   myk8s-test-04-worker2   <none>           <none>
argocd-repo-server-55bb7b784-st9p2                  0/1     PodInitializing   0          18m     10.244.5.2   myk8s-test-04-worker    <none>           <none>
argocd-server-7c746df554-l22gn                      1/1     Running           0          18m     10.244.4.4   myk8s-test-04-worker3   <none>           <none>

看下具体情况：

$ kubectl describe pod/argocd-dex-server-7b6987df7-w9w7d -n argocd
Events:Type    Reason     Age   From               Message----    ------     ----  ----               -------Normal  Scheduled  18m   default-scheduler  Successfully assigned argocd/argocd-dex-server-7b6987df7-w9w7d to myk8s-test-04-workerNormal  Pulling    18m   kubelet            Pulling image "quay.io/argoproj/argocd:v2.12.3"Normal  Pulled     15m   kubelet            Successfully pulled image "quay.io/argoproj/argocd:v2.12.3" in 2m44.389s (2m44.389s including waiting). Image size: 164423443 bytes.Normal  Created    15m   kubelet            Created container copyutilNormal  Started    15m   kubelet            Started container copyutilNormal  Pulling    15m   kubelet            Pulling image "ghcr.io/dexidp/dex:v2.38.0"kubectl describe pod/argocd-repo-server-55bb7b784-st9p2 -n argocd
Events:Type    Reason     Age   From               Message----    ------     ----  ----               -------Normal  Scheduled  19m   default-scheduler  Successfully assigned argocd/argocd-repo-server-55bb7b784-st9p2 to myk8s-test-04-workerNormal  Pulling    19m   kubelet            Pulling image "quay.io/argoproj/argocd:v2.12.3"Normal  Pulled     16m   kubelet            Successfully pulled image "quay.io/argoproj/argocd:v2.12.3" in 1.274s (2m45.655s including waiting). Image size: 164423443 bytes.Normal  Created    16m   kubelet            Created container copyutilNormal  Started    16m   kubelet            Started container copyutilNormal  Pulling    16m   kubelet            Pulling image "quay.io/argoproj/argocd:v2.12.3"

看样子都是拉取镜像存在问题，这个是预期内的，我们来修改下涉及到的几个镜像：

• quay.io/argoproj/argocd:v2.12.3 -> m.daocloud.io/quay.io/argoproj/argocd:v2.12.3
• ghcr.io/dexidp/dex:v2.38.0 -> m.daocloud.io/ghcr.io/dexidp/dex:v2.38.0

重新执行apply触发更新，查看状态：

$ kubectl get pods -n argocd -owide
argocd-application-controller-0                     1/1     Running   0          3m21s   10.244.3.8    myk8s-test-04-worker2   <none>           <none>
argocd-applicationset-controller-6b4b8d7f46-dk5rh   1/1     Running   0          3m22s   10.244.5.9    myk8s-test-04-worker    <none>           <none>
argocd-dex-server-5dfd9d87f9-6c6mr                  1/1     Running   0          3m22s   10.244.4.8    myk8s-test-04-worker3   <none>           <none>
argocd-notifications-controller-74776f498-fgft4     1/1     Running   0          3m22s   10.244.5.8    myk8s-test-04-worker    <none>           <none>
argocd-redis-6df74cbc6b-jkl27                       1/1     Running   0          3m22s   10.244.3.7    myk8s-test-04-worker2   <none>           <none>
argocd-repo-server-76797b784b-tfgvl                 1/1     Running   0          3m22s   10.244.5.10   myk8s-test-04-worker    <none>           <none>
argocd-server-8457c864bf-qk22l                      1/1     Running   0          3m21s   10.244.4.9    myk8s-test-04-worker3   <none>           <none>

2、访问Argo CD

2.1 转发端口

我们这里通过port-forward 访问 Argo CD 的 Web 界面：

kubectl port-forward svc/argocd-server -n argocd 8080:443

结果：

$ kubectl port-forward svc/argocd-server -n argocd 8080:443
Forwarding from 127.0.0.1:8080 -> 8080
Forwarding from [::1]:8080 -> 8080

然后在浏览器中访问 https://localhost:8080。默认的用户名是 admin，可以通过以下命令获取初始密码：

kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 -d