Architecture for a marriage between GitOps and CD

Introduction

This is a description of how myself and other members of the team implemented ArgoCD for Kubernetes. The difference being, we did this in a world of small teams with no capacity to manage files in git manually and with Kubernetes knowledge limited to just the DevOps team.

The Rise of GitOps

GitOps has become really popular over the last couple of years. Keeping your cluster state in lock-step with a git repository can have some great benefits:

  • A more consistent understanding of what’s in your cluster
  • Remove deviations because of manual operations not being committed…


I recently moved my nas implementation to Unraid after living with Rockstor for a few years. After a few years of never pulling the trigger on building a gaming PC that I’d never use, I saw Unraid has VFIO functionality that I could exploit. Given my nas hardware resources are typically underused, I went on a journey to see if I could test this and see if I can get a cheap gaming PC without taking up much space or funds. …


I previously wrote a post about my Mac setup. I’ve made a few updates and wanted to cover them in a new, smaller post. Here are the changes I’ve made.

Conqueror of Completions

I used to use Ale, vim-go and deoplete, supertab for my dev env but I found it a little cumbersome and I found myself fighting it. Especially when getting go references and auto-completion up and running. Had to use a modified LSP for that.

So I switched to Conqueror of Completions which kind of does everything I need including references, auto-completions and even example code. I like the way their…


Introduction

GitOps is a great way to define the state of your cluster in a versioned controlled environment and have a controller keep everything in sync. This all sounds great, but what if you have secrets you want to keep in sync too?

Kubernetes and Secrets

There are various options for having secrets available to your pods in Kubernetes:

  1. Native secrets object
  2. A hosted secrets service like Google’s Secret Manager
  3. A self hosted service like Hashicorp Vault

Option 1 is nice and easy, your secrets are injected as env vars or files depending on the manifest. A tried and true…


Introduction

ArgoCD is a great tool for syncing resources to Kubernetes from Git. With these deployments, we want to receive notifications on how this process goes. We learnt a few lessons about using ArgoCD Notifications to accomplish this and wanted to share them with the community as it could help others.

What is ArgoCD Notifications and how does it work?

ArgoCD Notifications is a tool written by the ArgoCD folks to make notifying various channels about the status of syncs. …


Intro

My good friend and colleague, Ricardo Abreu, were working together one day and he was intrigued by my workflow and what customisations I’ve made to my terminal/shell to do what I do. I asked how he wanted more info and so here we are.

Before I delve into it, this is in no way a statement on how to do things. It’s more how I solve the issues that slow me down or I find frustrating. It’s up to you as to what concessions you want to make and what matters fit with how you work. Most of the…

Harry Panayiotou

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store