ArgoCD Setup Guide for DigitalOcean

by Bala

Complete guide for setting up ArgoCD on DigitalOcean Kubernetes (DOKS)

ArgoCD Setup Guide for DigitalOcean

This guide provides detailed instructions for setting up ArgoCD on DigitalOcean Kubernetes Service (DOKS), including DigitalOcean-specific configurations and integrations.

Video Tutorial

Learn more about setting up ArgoCD on DigitalOcean in this comprehensive video tutorial:

View Source Code

Prerequisites

  • doctl CLI installed and configured
  • kubectl configured for DOKS
  • DigitalOcean account with required permissions
  • Helm (optional)

DOKS Cluster Setup

1. Create DOKS Cluster

doctl kubernetes cluster create argocd-cluster \
  --region nyc1 \
  --size s-2vcpu-4gb \
  --count 3 \
  --version latest

2. Configure Network Policies

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: argocd-network-policy
  namespace: argocd
spec:
  podSelector:
    matchLabels:
      app.kubernetes.io/name: argocd-server
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - from:
    - namespaceSelector:
        matchLabels:
          name: ingress-nginx
    ports:
    - protocol: TCP
      port: 443

ArgoCD Installation

1. Install ArgoCD

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

2. Configure DigitalOcean Load Balancer

apiVersion: v1
kind: Service
metadata:
  name: argocd-server
  namespace: argocd
  annotations:
    service.beta.kubernetes.io/do-loadbalancer-protocol: "https"
    service.beta.kubernetes.io/do-loadbalancer-algorithm: "round_robin"
    service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
    service.beta.kubernetes.io/do-loadbalancer-certificate-id: "your-certificate-id"
spec:
  type: LoadBalancer
  ports:
  - port: 443
    targetPort: 8080
    protocol: TCP
    name: https
  selector:
    app.kubernetes.io/name: argocd-server

DigitalOcean Integration

1. Spaces (Object Storage) Integration

apiVersion: v1
kind: Secret
metadata:
  name: spaces-credentials
  namespace: argocd
type: Opaque
stringData:
  access-key-id: your-access-key
  secret-access-key: your-secret-key
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-cm
  namespace: argocd
data:
  backup.destination: s3://argocd-backup
  backup.schedule: "0 * * * *"
  aws.region: nyc3
  aws.endpoint: nyc3.digitaloceanspaces.com

2. Container Registry Integration

apiVersion: v1
kind: Secret
metadata:
  name: registry-credentials
  namespace: argocd
type: kubernetes.io/dockerconfigjson
stringData:
  .dockerconfigjson: |
    {
      "auths": {
        "registry.digitalocean.com": {
          "auth": "base64-encoded-credentials"
        }
      }
    }

Monitoring Integration

1. DigitalOcean Monitoring

apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-cm
  namespace: argocd
data:
  monitoring.enabled: "true"
  monitoring.endpoint: "https://monitoring.digitalocean.com"

2. Prometheus Integration

apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: argocd-metrics
  namespace: argocd
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: argocd-metrics
  endpoints:
  - port: metrics

Auto Scaling Configuration

1. Horizontal Pod Autoscaling

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: argocd-server
  namespace: argocd
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: argocd-server
  minReplicas: 2
  maxReplicas: 5
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 80

2. Node Pool Autoscaling

doctl kubernetes cluster node-pool update \
  argocd-cluster \
  node-pool-name \
  --auto-scale \
  --min-nodes 3 \
  --max-nodes 6

Backup Configuration

1. Spaces Backup Setup

apiVersion: batch/v1
kind: CronJob
metadata:
  name: argocd-backup
  namespace: argocd
spec:
  schedule: "0 2 * * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: argocd-backup
            image: argoproj/argocd:latest
            command:
            - argocd
            - admin
            - backup
            - --dest
            - s3://argocd-backup/$(date +%Y-%m-%d)/
            env:
            - name: AWS_ACCESS_KEY_ID
              valueFrom:
                secretKeyRef:
                  name: spaces-credentials
                  key: access-key-id
            - name: AWS_SECRET_ACCESS_KEY
              valueFrom:
                secretKeyRef:
                  name: spaces-credentials
                  key: secret-access-key
            - name: AWS_DEFAULT_REGION
              value: nyc3
            - name: AWS_ENDPOINT_URL
              value: https://nyc3.digitaloceanspaces.com
          restartPolicy: OnFailure

Security Configuration

1. Firewall Rules

doctl compute firewall create \
  --name argocd-firewall \
  --inbound-rules "protocol:tcp,ports:80,443,source_addresses:0.0.0.0/0"

2. TLS Configuration

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: argocd-cert
  namespace: argocd
spec:
  secretName: argocd-secret-tls
  issuerRef:
    name: letsencrypt-prod
    kind: ClusterIssuer
  dnsNames:
  - argocd.example.com

Cost Optimization

1. Node Pool Configuration

apiVersion: apps/v1
kind: Deployment
metadata:
  name: argocd-server
spec:
  template:
    spec:
      nodeSelector:
        node.kubernetes.io/instance-type: s-2vcpu-4gb

2. Resource Limits

apiVersion: v1
kind: LimitRange
metadata:
  name: argocd-limits
  namespace: argocd
spec:
  limits:
  - default:
      cpu: 500m
      memory: 512Mi
    defaultRequest:
      cpu: 200m
      memory: 256Mi
    type: Container

Best Practices Checklist

  1. Use managed DOKS cluster
  2. Configure load balancer
  3. Setup Spaces backup
  4. Enable monitoring
  5. Configure auto scaling
  6. Implement backup strategy
  7. Enable encryption
  8. Regular monitoring
  9. Cost management
  10. Security compliance

Performance Optimization

1. Load Balancer Optimization

apiVersion: v1
kind: Service
metadata:
  name: argocd-server
  annotations:
    service.beta.kubernetes.io/do-loadbalancer-size-unit: "1"
    service.beta.kubernetes.io/do-loadbalancer-disable-lets-encrypt-dns-records: "true"

2. Resource Optimization

apiVersion: apps/v1
kind: Deployment
metadata:
  name: argocd-server
spec:
  template:
    spec:
      containers:
      - name: argocd-server
        resources:
          requests:
            cpu: 200m
            memory: 256Mi
          limits:
            cpu: 500m
            memory: 512Mi

Troubleshooting

1. Common Issues

  1. Load Balancer Issues
# Check load balancer status
doctl compute load-balancer list
kubectl describe service argocd-server -n argocd
  1. Node Pool Issues
# Check node pool status
doctl kubernetes cluster node-pool list argocd-cluster
kubectl get nodes

2. Logging

# Get ArgoCD server logs
kubectl logs -n argocd -l app.kubernetes.io/name=argocd-server

# Get application controller logs
kubectl logs -n argocd -l app.kubernetes.io/name=argocd-application-controller

Maintenance

1. Upgrade Procedure

# Update ArgoCD
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.x.x/manifests/install.yaml

# Verify upgrade
kubectl get pods -n argocd
argocd version

2. Backup Verification

# List backups in Spaces
aws s3 ls s3://argocd-backup/ --endpoint=https://nyc3.digitaloceanspaces.com

# Test restore
argocd admin backup restore /path/to/backup.db

Conclusion

This guide provides a comprehensive setup for running ArgoCD on DigitalOcean Kubernetes Service. Regular monitoring and updates are essential for optimal performance.

Additional Resources