Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Argo CD instance

Red Hat OpenShift GitOps 1.8

Installing and deploying Argo CD instances

Red Hat OpenShift Documentation Team

Abstract

This document provides instructions for installing and deploying Argo CD instances to manage cluster configurations or deploy applications.

Chapter 1. Setting up an Argo CD instance
Copy link

By default, the Red Hat OpenShift GitOps installs an instance of Argo CD in the openshift-gitops namespace with additional permissions for managing certain cluster-scoped resources. To manage cluster configurations or deploy applications, you can install and deploy a new Argo CD instance. By default, any new instance has permissions to manage resources only in the namespace where it is deployed.

1.1. Installing an Argo CD instance
Copy link

To manage cluster configurations or deploy applications, you can install and deploy a new Argo CD instance.

Procedure

  1. Log in to the OpenShift Container Platform web console.
  2. Click OperatorsInstalled Operators.
  3. Create or select the project where you want to install the Argo CD instance from the Project drop-down menu.
  4. Select OpenShift GitOps Operator from the installed operators list and click the Argo CD tab.

  5. Click Create ArgoCD to configure the parameters:

    1. Enter the Name of the instance. By default, the Name is set to example.
    2. Create an external OS Route to access Argo CD server. Click ServerRoute and check Enabled.
  6. To open the Argo CD web UI, click the route by navigating to Networking → Routes → <instance name>-server in the project where the Argo CD instance is installed.

Argo CD-server and Argo CD-repo-server workloads are stateless. To better distribute your workloads among pods, you can increase the number of Argo CD-server and Argo CD-repo-server replicas. However, if a horizontal autoscaler is enabled on the Argo CD-server, it overrides the number of replicas you set.

Procedure

  • Set the replicas parameters for the repo and server spec to the number of replicas you want to run:

    Example Argo CD custom resource

    apiVersion: argoproj.io/v1alpha1
kind: ArgoCD
metadata:
  name: example-argocd
  labels:
    example: repo
spec:
  repo:
    replicas: <number_of_replicas>
  server:
    replicas: <number_of_replicas>
    route:
      enabled: true
      path: /
      tls:
        insecureEdgeTerminationPolicy: Redirect
        termination: passthrough
      wildcardPolicy: None
    Copy to Clipboard Toggle word wrap

1.3. Deploying resources to a different namespace
Copy link

To allow Argo CD to manage resources in other namespaces apart from where it is installed, configure the target namespace with a argocd.argoproj.io/managed-by label.

Procedure

  • Configure the namespace: 

    $ oc label namespace <namespace> \
argocd.argoproj.io/managed-by=<namespace>
    1
    Copy to Clipboard Toggle word wrap
    1
    The namespace where Argo CD is installed.

The ArgoCD custom resource is a Kubernetes Custom Resource (CRD) that describes the desired state for a given Argo CD cluster that allows you to configure the components which make up an Argo CD cluster.

2.1. Argo CD CLI tool
Copy link

The Argo CD CLI tool is a tool used to configure Argo CD through the command line. Red Hat OpenShift GitOps does not support this binary. Use the OpenShift Console to configure the Argo CD.

2.2. Argo CD custom resource properties
Copy link

The Argo CD Custom Resource consists of the following properties:

Expand

Name

Description

Default

Properties

ApplicationInstanceLabelKey

The metadata.label key name where Argo CD injects the app name as a tracking label.

app.kubernetes.io/instance

 

ApplicationSet

ApplicationSet controller configuration options.

<Object>

  • <Image> - The container image for the ApplicationSet controller. This overrides the ARGOCD_APPLICATIONSET_IMAGE environment variable.
  • <Version> - The tag to use with the ApplicationSet container image.
  • <Resources> - The container compute resources.
  • <LogLevel> - The log level used by the Argo CD Application Controller component. Valid options are debug, info, error, and warn.
  • <LogFormat> - The log format used by the Argo CD Application Controller component. Valid options are text or json.
  • <PrallelismLimit> - The kubectl parallelism limit to set for the controller (--kubectl-parallelism-limit flag).

ConfigManagementPlugins

Add a configuration management plugin.

<empty>

 

Controller

Argo CD Application Controller options.

<Object>

  • <Processors.Operation> - The number of operation processors.
  • <Processors.Status> - The number of status processors.
  • <Resources> - The container compute resources.
  • <LogLevel> - The log level used by the Argo CD Application Controller component. Valid options are debug, info, error, and warn.
  • <AppSync> - AppSync is used to control the sync frequency of Argo CD applications
  • <Sharding.enabled> - Enable sharding on the Argo CD Application Controller component. This property is used to manage a large number of clusters to relieve memory pressure on the controller component.
  • <Sharding.replicas> - The number of replicas that will be used to support sharding of the Argo CD Application Controller.
  • <Env> - Environment to set for the application controller workloads.

DisableAdmin

Disables the built-in admin user.

false

 

GATrackingID

Use a Google Analytics tracking ID.

<empty>

 

GAAnonymizeusers

Enable hashed usernames sent to google analytics.

false

 

HA

High availablity options.

<Object>

  • <Enabled> - Toggle high availability support globally for Argo CD.
  • <RedisProxyImage> - The Redis HAProxy container image. This overrides the ARGOCD_REDIS_HA_PROXY_IMAGE environment variable.
  • <RedisProxyVersion> - The tag to use for the Redis HAProxy container image.

HelpChatURL

URL for getting chat help (this will typically be your Slack channel for support).

https://mycorp.slack.com/argo-cd

 

HelpChatText

The text that appears in a text box for getting chat help.

Chat now!

 

Image

The container image for all Argo CD components. This overrides the ARGOCD_IMAGE environment variable.

argoproj/argocd

 

Ingress

Ingress configuration options.

<Object>

 

InitialRepositories

Initial Git repositories to configure Argo CD to use upon creation of the cluster.

<empty>

 

Notifications

Notifications controller configuration options.

<Object>

  • <Enabled> - The toggle to start the notifications-controller.
  • <Image> - The container image for all Argo CD components. This overrides the ARGOCD_IMAGE environment variable.
  • <Version> - The tag to use with the Notifications container image.
  • <Resources> - The container compute resources.
  • <LogLevel> - The log level used by the Argo CD Application Controller component. Valid options are debug, info, error, and warn.

RepositoryCredentials

Git repository credential templates to configure Argo CD to use upon creation of the cluster.

<empty>

 

InitialSSHKnownHosts

Initial SSH Known Hosts for Argo CD to use upon creation of the cluster.

<default_Argo_CD_Known_Hosts>

 

KustomizeBuildOptions

The build options and parameters to use with kustomize build.

<empty>

 

OIDCConfig

The OIDC configuration as an alternative to Dex.

<empty>

 

NodePlacement

Add the nodeSelector and the tolerations.

<empty>

 

Prometheus

Prometheus configuration options.

<Object>

  • <Enabled> - Toggle Prometheus support globally for Argo CD.
  • <Host> - The hostname to use for Ingress or Route resources.
  • <Ingress> - Toggles Ingress for Prometheus.
  • <Route> - Route configuration options.
  • <Size> - The replica count for the Prometheus StatefulSet.

RBAC

RBAC configuration options.

<Object>

  • <DefaultPolicy> - The policy.default property in the argocd-rbac-cm config map. The name of the default role which Argo CD will fall back to, when authorizing API requests.
  • <Policy> - The policy.csv property in the argocd-rbac-cm config map. CSV data containing user-defined RBAC policies and role definitions.
  • <Scopes> - The scopes property in the argocd-rbac-cm config map. Controls which OIDC scopes to examine during RBAC enforcement (in addition to sub scope).

Redis

Redis configuration options.

<Object>

  • <AutoTLS> - Use the provider to create the Redis server’s TLS certificate (one of: openshift). Currently only available for OpenShift Container Platform.
  • <DisableTLSVerification> - Define whether the Redis server should be accessed using strict TLS validation.
  • <Image> - The container image for Redis. This overrides the ARGOCD_REDIS_IMAGE environment variable.
  • <Resources> - The container compute resources.
  • <Version> - The tag to use with the Redis container image.

ResourceCustomizations

Customize resource behavior.

<empty>

 

ResourceExclusions

Completely ignore entire classes of resource group.

<empty>

 

ResourceInclusions

The configuration to configure which resource group/kinds are applied.

<empty>

 

Server

Argo CD Server configuration options.

<Object>

  • <Autoscale> - Server autoscale configuration options.
  • <ExtraCommandArgs> - List of arguments added to the existing arguments set by the Operator.
  • <GRPC> - GRPC configuration options.
  • <Host> - The hostname used for Ingress or Route resources.
  • <Ingress> - Ingress configuration for the Argo CD server component.
  • <Insecure> - Toggles the insecure flag for Argo CD server.
  • <Resources> - The container compute resources.
  • <Replicas> - The number of replicas for the Argo CD server. Must be greater than or equal to 0. If Autoscale is enabled, Replicas is ignored.
  • <Route> - Route configuration options.
  • <Service.Type> - The ServiceType used for the service resource.
  • <LogLevel> - The log level to be used by the Argo CD Server component. Valid options are debug, info, error, and warn.
  • <LogFormat> - The log format used by the Argo CD Application Controller component. Valid options are text or json.
  • <Env> - Environment to set for the server workloads.

SSO

Single Sign-on options.

<Object>

  • <Image> - The container image for Keycloak. This overrides the ARGOCD_KEYCLOAK_IMAGE environment variable.
  • <Keycloak> - Configuration options for Keycloak SSO provider.
  • <Dex> - Configuration options for Dex SSO provider.
  • <Provider> - The name of the provider used to configure Single Sign-on. For now the supported options are Dex and Keycloak.
  • <Resources> - The container compute resources.
  • <VerifyTLS> - Whether to enforce strict TLS checking when communicating with Keycloak service.
  • <Version> - The tag to use with the Keycloak container image.

StatusBadgeEnabled

Enable application status badge.

true

 

TLS

TLS configuration options.

<Object>

  • <CA.ConfigMapName> - The name of the ConfigMap which contains the CA certificate.
  • <CA.SecretName> - The name of the secret which contains the CA Certificate and Key.
  • <InitialCerts> - Initial set of certificates in the argocd-tls-certs-cm config map for connecting Git repositories via HTTPS.

UserAnonyousEnabled

Enable anonymous user access.

true

 

Version

The tag to use with the container image for all Argo CD components.

Latest Argo CD version

 

Banner

Add a UI banner message.

<Object>

  • <Banner.Content> - The banner message content (required if a banner is displayed).
  • <Banner.URL.SecretName> - The banner message link URL (optional).

2.3. Repo server properties
Copy link

The following properties are available for configuring the Repo server component:

Expand

Name

Default

Description

Resources

<empty>

The container compute resources.

MountSAToken

false

Whether the ServiceAccount token should be mounted to the repo-server pod.

ServiceAccount

""

The name of the ServiceAccount to use with the repo-server pod.

VerifyTLS

false

Whether to enforce strict TLS checking on all components when communicating with repo server.

AutoTLS

""

Provider to use for setting up TLS the repo-server’s gRPC TLS certificate (one of: openshift). Currently only available for OpenShift.

Image

argoproj/argocd

The container image for Argo CD Repo server. This overrides the ARGOCD_REPOSERVER_IMAGE environment variable.

Version

same as .spec.Version

The tag to use with the Argo CD Repo server.

LogLevel

info

The log level used by the Argo CD Repo server. Valid options are debug, info, error, and warn.

LogFormat

text

The log format to be used by the Argo CD Repo server. Valid options are text or json.

ExecTimeout

180

Execution timeout in seconds for rendering tools (e.g. Helm, Kustomize).

Env

<empty>

Environment to set for the repository server workloads.

Replicas

<empty>

The number of replicas for the Argo CD Repo server. Must be greater than or equal to 0.

2.4. Enabling notifications with Argo CD instance
Copy link

To enable or disable the Argo CD notifications controller, set a parameter in the Argo CD custom resource. By default, notifications are disabled. To enable notifications, set the enabled parameter to true in the .yaml file:

Procedure

  1. Set the enabled parameter to true: 
apiVersion: argoproj.io/v1alpha1
kind: ArgoCD
metadata:
  name: example-argocd
spec:
  notifications:
    enabled: true
Copy to Clipboard Toggle word wrap

Legal Notice
Copy link

Copyright © 2024 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat