GitOps for OpenShift4

Latest test on 4.10.18

Note
You can see an example workflow that uses this repo for GitOps r3dact3d/OCP4-Deploy

Content

Repo Structure

GitOps/
├─ gitops-cluster/
├─ cluster-onboarding/
├─ common-base/
│  ├─ openshift-config
│  ├─ openshift-monitoring
│  ├─ openshift-ingress-operator
│  ├─ openshift-compliance
│  ├─ cert-manager
├─ application-onboarding/
├─ README.adoc

GitOps WorkFlow

GitOps Workflow

Hub Cluster

  1. Install GitOps Operator

oc apply -f https://raw.githubusercontent.com/r3dact3d/gitops/main/gitops-cluster/gitops-operator.yaml -n openshift-operators
oc project openshift-gitops
oc adm policy add-cluster-role-to-user cluster-admin -z openshift-gitops-argocd-application-controller
  1. Optional for running GitOps service on Infra nodes

oc apply -f https://raw.githubusercontent.com/r3dact3d/gitops/main/gitops-cluster/gitopsservice.yaml
RHACM Diagram

Managed Cluster Onboarding

Leverage the Cluster Generator to onboard managed clusters by storing parameters in secrets

  1. Create ArgoCD application to keep kubernetes resources synced that are required for the Cluster generator

oc create -f https://raw.githubusercontent.com/r3dact3d/gitops/main/gitops-cluster/cluster-onboarding-app.yaml
  1. Onboard new cluster by adding kubernetes secret to this repo

Application Onboarding

Applicationsets with cluster generator are used to manage the ArgoCD applications. The strategy here is to apply all applicationsets to hub cluster for the applicationset controller to monitor.

In fact we can treat a git repo with applicationsets as an argoCD application as well.

oc create -f https://raw.githubusercontent.com/r3dact3d/gitops/main/gitops-cluster/application-onboarding-app.yaml

Cluster config manifests logically grouped

Cluster Generator Diagram

Labels

Kubernetes recommended labels.