The process of deploying a project to AWS EKS is best followed in the following order:
How to organize AWS EKS
Install Argo CD to deploy services on AWS EKS
How to set the AWS secret manager with AWS EKS
Connecting GitHub and ArgoCD and manage service
Managing environment variables in AWS EKS.
Before I wrote the How to organize AWS EKS. Now I’m going to describe how to install Argo CD and Secret Manager.
First of all, we install the ArgoCD on our AWS EKS.
You can refer the document
Let’s execute the following command.
$ kubectl create namespace argocd # create the namespace for argocd
$ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml # adjust argocd manifest
Create the argocd yaml (you can refer to document)
ingress-argocd.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-ingress
namespace: argocd
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/certificate-arn: {your certificate arn}
alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-2016-08
alb.ingress.kubernetes.io/backend-protocol: HTTPS
alb.ingress.kubernetes.io/healthcheck-path: /login
alb.ingress.kubernetes.io/target-type: 'ip'
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80,"HTTPS": 443}]'
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
finalizers:
- ingress.k8s.aws/resources
labels:
app: argocd-ingress
spec:
rules:
- host: argocd.{your domain} # ex: argocd.medium.com
http:
paths:
- path: /
backend:
service:
name: argocd-server
port:
number: 443
pathType: Prefix
Now, apply the ingress-argocd
$ kubectl apply -f ./infra/ingress-argocd.yaml
ingress.networking.k8s.io/argocd-ingress created
After the command completed, you can check the result AWS Console > EC2 > Load Balancer.
Let’s verify if it has been created successfully.
$ kubectl get ingress -n argocd
NAME CLASS HOSTS ADDRESS PORTS AGE
argocd-ingress <none> argocd-ca.remexdev.com k8s-argocd-argocdin-xxx-xxx.us-west-1.elb.amazonaws.com 80 2m35s
ArgoCD Ingress Controller is considered to be installed successfully when there is a valid address in the ADDRESS field. If the ADDRESS field does not have a valid address, you can use the following command to check the error logs and resolve the issue.
$ kubectl logs -f -n kube-system -l app.kubernetes.io/instance=aws-load-balancer-controller
Get admin’s initial-password
% argocd --namespace argocd admin initial-password
XYZXYZXYZXYZXYZ
This password must be only used for first time login. We strongly recommend you update the password using `argocd account update-password`.
Remember or Copy the password.
Let’s connect the argocd-loadbalancer with the domain in Route 53 as provided in the attached details.
Open the browser and type the your connected url.
Tada!!
Login with admin (username) and your password which is copied or remembered above.
Go to user info and change the password.
I’m wrapping up the installation of Argo CD. Since configuring environment variables is often essential when setting up services, I would like to explain how to connect Secret Manager with EKS using the following documentation.