Argo CD is an open-source GitOps tool designed for Kubernetes, automating application deployments by ensuring infrastructure aligns with Git repositories. This streamlines the deployment process and maintains consistency, making it essential for modern DevOps practices.
At its very simplest, Argo CD is an open-source GitOps deployment tool. It monitors your cluster and your declaratively-defined infrastructure stored in a Git repository and resolves differences between the two — effectively automating an application deployment.
You may have also heard of it as a Kubernetes controller. Kubernetes helped change how infrastructure is managed, but it also added complexity for developers and system administrators by introducing new concepts like Kubernetes manifests, Kubernetes resources, and other various Kuberentes specific concepts. As the GitOps movement starts to walk back some of that complexity and abstract it under a layer of automation, Argo CD (“CD” of course being shorthand for “continuous delivery”) is one of the primary tools that makes this automation possible.
Without Argo CD, GitOps remains “ClickOps.” Your CI/CD tool may be able to roll out infrastructure changes, but it can’t monitor diffs, and thus infrastructure remains mostly manual.
In this article, we explain what Argo CD does, how it works, and an example of how to get started with it.
What Does Argo CD Do?
Argo CD is a declarative, GitOps continuous delivery tool built by the team at the financial software giant Intuit. After moving to the public cloud, having to manage containerization tools and infrastructure interfered with Intuit’s goal to realize the maximum benefits of the cloud. The Intuit team developed Argo CD to achieve maximum release speed and velocity gains. They wanted to apply a pane of automation that would eliminate some of that manual work, so they created the controller — Argo CD — and they open-sourced it.
Argo CD is now maintained by the community as a part of the Argo Project, and embedded in lots of GitOps tools that you’re probably familiar with as a delivery tool for Kubernetes native continuous deployment. (Harness’ own GitOps solution can leverage Argo.)
What Does Argo CD NOT Do?
Argo is primarily focused on reconciling the declared versions in Git with the state of a Kubernetes cluster. It's good for deploying to Kubernetes. For a full continuous delivery solution, teams need connect deployment to quality checks in the form of automated tests and security scans. Argo does provide some event hooks through which teams may write scripts to invoke tests, but this approach can be difficult and feel disconnected. Further, deciding whether to further promote should account for the results of those quality checks, and reviewing developers will need to do that work manually. At it's worst, Argo can move the ClickOps challenges from initiating deployments to checking quality and managing pull requests.
Argo is also limited in its post-deployment verification that the application is healthy in the environment. Teams using Argo will need to implement observability tooling and determine how they will be connect alerts to recent deployments and initiate rollbacks. This may mean ensuring deployments are only run when two engineers are available to create a rollback PR and approve it.
Why Argo CD?
As a GitOps deployment tool, Argo CD continuously monitors your running infrastructure (the actual state) to compare it to declaratively-defined code (the desired state or target state) to determine whether they are out of sync, which helps to remediate configuration drift.
Argo CD automatically deploys new configurations and new version code to the target environment. Depending on how you’ve configured Argo CD to work, it’ll either notify you that things are out of sync after a new git commit, or take action. If you’ve set it up to automatically enforce changes, it’ll overwrite the production configuration with what’s stored in your immutable, versioned Git repository. The tool is great for complex application rollouts.
Furthermore, Argo CD is essential when your developer team is working in version-controlled environments. By automating lifecycle management and application deployment, Argo CD proactively monitors your application configuration for any potential syncing issues before it reaches your production environment.
Argo CD Core Concepts
To set up and begin using Argo CD and Kubernetes, you’ll need a working familiarity with:
- Containers, virtual machines, and probably, the containerization tool Docker
- A container orchestration system like Kubernetes (though there are alternatives)
- Continuous deployment and integration tools like Harness
- (Possibly) Managing Kubernetes clusters and manifests in YAML, Helm Charts, or Kustomize
If you’re familiar with the items above, you know that to reduce the amount of manual effort needed to provision infrastructure, it’s helpful to deploy in containers, orchestrate those deployments, and abstract those deployments into code. That’s the core premise of GitOps being declarative and version controlled — moving everything into a Git repo where you can bring the full force of source control and automation to bear.
Argo CD offers the actual monitoring and syncing between the Git-defined infrastructure and your container orchestration tools. It has five primary components:
1. The Argo CD user interface (UI)
Within the web UI, you can create applications, though advanced folks interested in automation will want more control and will do this declaratively in Git. You can also manage connected Git repositories, certificates for access to those repositories, your clusters, and projects directly in the web UI. (Projects let you structure your applications to create useful silos around each team’s work.)
One of the more useful components of the Argo CD interface is you can view a visual pipeline of your infrastructure deployments, and your various applications’ services and clusters. If an application is in a crash loop, this lets you see all the events, as well as the manifest and configuration values, so you can visualize deployment issues and debug. (It will also hide your secrets.)
2. Both API and command line interface (CLI)
Users need not touch the Argocd login page because you can either manage Argo CD through APIs or create YAML resource definitions (or use Kustomize or Helm Charts to help manage Kubernetes resources). Once set up, developers don’t need to understand all the intricacies of the infrastructure they’re deploying. They just need the application definitions to include in their pull requests or merge requests.
3. Custom resource definitions (CRD)
Argo CD creates its own namespace within your Kubernetes (or similar) cluster (kubectl create namespace argocd). There, it stores the Argo CD CRDs.
4. Repository service
Argo CD caches your Git repo locally and stores application manifest files.
5. Application controller
Once you download the Argo CD application controller onto your repository server, it can invoke hooks defined by software development lifecycle events. (E.g. PreSync, Sync, PostSync.)
To download Argo CD, visit the project’s “Getting started” page.
An Example of Deploying Infrastructure Updates Using Argo CD
Once you’ve installed Argo CD and have configured your certificates and clusters, you can set it to automatically “deploy” infrastructure by enforcing the Git-defined version.
For example, the following becomes possible:
- A developer pushes resource changes to a single Git repository
- The continuous integration tool is triggered and saves new container image to the registry
- The pull request (PR) changes the Kubernetes manifest, which is merged and triggers Argo CD
- Argo CD clones the repository. It compares desired configuration, or desired state, with current state on the cluster
- Argo CD reconciles those differences automatically
- Argo CD reports when sync is complete
This also works in reverse, and that’s the real advantage of a Kubernetes controller. If the Kubernetes cluster resources fall out of sync, Argo CD will detect that, and reconcile the changes by applying what’s in Git. If you were simply using a CD tool or Jenkins, the sync issue would go undetected and unremediated.
Things to Consider Before Adopting Argo CD
Argo CD is an intuitive solution to deploy Kubernetes applications. But before you go all in on the open source project, you should be aware of some of its shortcomings. Governance is not a strong suite of ArgoCD. There is limited role based access control and there is virtually no audit trails. If you have a strict deployment process and you need to make sure applications are correctly deployed, GitOps and ArgoCD may not be able to help you enforce stringent rules. Advanced deployment strategies like blue green or canary will be difficult to implement if you’re just using ArgoCD. Multi cluster management can also present challenges at scale.
Harness offers ArgoCD-as-a-Service to address these gaps and make ArgoCD scalable for enterprise organizations.
Argo CD: Turning “ClickOps” into GitOps
Argo CD is the controller (among other things) that makes GitOps go. Developed by Intuit and maintained by the community, it’s increasingly the standard for reconciling changes between declaratively-defined infrastructure and production clusters.
In this article, we’ve reviewed why Argo CD is important, what it can do, core concepts, and an example of application deployments with it.
If you’re looking to make good on your investment in CI/CD, and want infrastructure to mostly manage itself, this is a great place to start to support complex application rollouts.
Are you looking to choose Argo CD? Request a demo of Harness GitOps.