Chapter 6. Automating application management with the GitOps controller
GitOps with Argo CD for MicroShift is a lightweight, optional add-on controller derived from the Red Hat OpenShift GitOps Operator. GitOps for MicroShift uses the command-line interface (CLI) of Argo CD to interact with the GitOps controller that acts as the declarative GitOps engine. You can consistently configure and deploy Kubernetes-based infrastructure and applications across clusters and development lifecycles.
6.1. What you can do with the GitOps agent
By using the GitOps with Argo CD agent with MicroShift, you can utilize the following principles:
Implement application lifecycle management.
- Create and manage your clusters and application configuration files using the core principles of developing and maintaining software in a Git repository.
- You can update the single repository and GitOps automates the deployment of new applications or updates to existing ones.
- For example, if you have 1,000 edge devices, each using MicroShift and a local GitOps agent, you can easily add or update an application on all 1,000 devices with just one change in your central Git repository.
- The Git repository contains a declarative description of the infrastructure you need in your specified environment and contains an automated process to make your environment match the described state.
- You can also use the Git repository as an audit trail of changes so that you can create processes based on Git flows such as review and approval for merging pull requests that implement configuration changes.
6.2. Creating GitOps applications on MicroShift
You can create a custom YAML configuration to deploy and manage applications in your MicroShift service. To install the necessary packages to run GitOps applications, follow the documentation in "Installing the GitOps Argo CD manifests from an RPM package".
Prerequisites
-
You installed the
microshift-gitopspackages and the Argo CD pods are running in theopenshift-gitopsnamespace.
Procedure
Create a YAML file and add your customized configurations for the application:
Example YAML for a
cert-managerapplicationkind: AppProject apiVersion: argoproj.io/v1alpha1 metadata: name: default namespace: openshift-gitops spec: clusterResourceWhitelist: - group: '*' kind: '*' destinations: - namespace: '*' server: '*' sourceRepos: - '*' --- apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: cert-manager namespace: openshift-gitops spec: destination: namespace: cert-manager server: https://kubernetes.default.svc project: default source: path: cert-manager repoURL: https://github.com/anandf/microshift-install syncPolicy: automated: {} syncOptions: - CreateNamespace=true - ServerSideApply=trueExample YAML for a
spring-petclinicapplicationkind: AppProject apiVersion: argoproj.io/v1alpha1 metadata: name: default namespace: openshift-gitops spec: clusterResourceWhitelist: - group: '*' kind: '*' destinations: - namespace: '*' server: '*' sourceRepos: - '*' --- kind: Application apiVersion: argoproj.io/v1alpha1 metadata: name: spring-petclinic namespace: openshift-gitops spec: destination: namespace: spring-petclinic server: https://kubernetes.default.svc project: default source: directory: recurse: true path: app repoURL: https://github.com/siamaksade/openshift-gitops-getting-started syncPolicy: automated: {} syncOptions: - CreateNamespace=true - ServerSideApply=trueTo deploy the applications defined in the YAML file, run the following command:
$ oc apply -f <filename>.yaml
Verification
To verify your application is deployed and synced, run the following command:
$ oc get applications -A
It might take a few minutes for the application to show the
Healthystatus.Example output
NAMESPACE NAME SYNC STATUS HEALTH STATUS openshift-gitops cert-manager Synced Healthy openshift-gitops spring-petclinic Synced Healthy
Additional resources
6.3. Limitations of using the GitOps agent with MicroShift
GitOps with Argo CD for MicroShift has the following differences from the Red Hat OpenShift GitOps Operator:
-
The
gitops-operatorcomponent is not used with MicroShift. - To maintain the small resource use of MicroShift, the Argo CD web console is not available. You can use the Argo CD CLI or use a pull-based approach.
- Because MicroShift is single-node, there is no multi-cluster support. Each instance of MicroShift is paired with a local GitOps agent.
-
The
oc adm must-gathercommand is not available in MicroShift.
6.4. Troubleshooting GitOps
If you have problems with your GitOps controller, you can use either the OpenShift CLI (oc) tool or run an sos report.
6.4.1. Debugging GitOps with oc adm inspect
You can debug GitOps by using the OpenShift CLI (oc).
Prerequisites
-
The
occommand line tool is installed.
Procedure
Run the
oc adm inspectcommand when in the GitOps namespace:$ oc adm inspect ns/openshift-gitops
Example output
Gathering data for ns/openshift-gitops... W0501 20:34:35.978508 57625 util.go:118] the server doesn't have a resource type egressfirewalls, skipping the inspection W0501 20:34:35.980881 57625 util.go:118] the server doesn't have a resource type egressqoses, skipping the inspection W0501 20:34:36.040664 57625 util.go:118] the server doesn't have a resource type servicemonitors, skipping the inspection Wrote inspect data to inspect.local.2673575938140296280.
Next steps
-
If
oc adm inspectdid not provide the information you need, you can run an sos report.
6.4.2. Gathering data from an sos report
Prerequisites
-
You must have the
sospackage installed.
Procedure
- Log into the failing host as a root user.
Perform the debug report creation procedure by running the following command:
$ microshift-sos-report
Example output
sosreport (version 4.5.1) This command will collect diagnostic and configuration information from this Red Hat Enterprise Linux system and installed applications. An archive containing the collected information will be generated in /var/tmp/sos.o0sznf_8 and may be provided to a Red Hat support representative. Any information provided to Red Hat will be treated in accordance with the published support policies at: Distribution Website : https://www.redhat.com/ Commercial Support : https://www.access.redhat.com/ The generated archive may contain data considered sensitive and its content should be reviewed by the originating organization before being passed to any third party. No changes will be made to system configuration. Setting up archive ... Setting up plugins ... Running plugins. Please wait ... Starting 1/2 microshift [Running: microshift] Starting 2/2 microshift_ovn [Running: microshift microshift_ovn] Finishing plugins [Running: microshift] Finished running plugins Found 1 total reports to obfuscate, processing up to 4 concurrently sosreport-microshift-rhel9-2023-03-31-axjbyxw : Beginning obfuscation... sosreport-microshift-rhel9-2023-03-31-axjbyxw : Obfuscation completed Successfully obfuscated 1 report(s) Creating compressed archive... A mapping of obfuscated elements is available at /var/tmp/sosreport-microshift-rhel9-2023-03-31-axjbyxw-private_map Your sosreport has been generated and saved in: /var/tmp/sosreport-microshift-rhel9-2023-03-31-axjbyxw-obfuscated.tar.xz Size 444.14KiB Owner root sha256 922e5ff2db25014585b7c6c749d2c44c8492756d619df5e9838ce863f83d4269 Please send this file to your support representative.
6.5. Additional resources
- Using sos reports
- Red Hat OpenShift GitOps
- Generating an sos report for technical support (Red Hat Enterprise Linux)
