🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com 👉 How to Set Up ArgoCD for Production?: ua-cam.com/video/_G_RY5trQao/v-deo.html 👉 [Playlist] Argo CD Tutorials: ua-cam.com/play/PLiMWaCMwGJXkktZoHhmL6sbg7ELNjv9Xw.html
I can't really express in words how helpful your tutorials are. Your EKS-Terraform tutorial had saved me a client in my early Fiverr days and this one too is a life-saver. Thanks very much Anton.
@@DevOpsEd - Name: YAML Id: redhat.vscode-yaml Description: YAML Language Support by Red Hat, with built-in Kubernetes syntax support Version: 1.12.2 Publisher: Red Hat VS Marketplace Link: marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml
Thank you, Anton. Your tutorials are very informative, and I would appreciate it if you could create more videos like these in the future. The length of these videos allows us to gain a lot of valuable knowledge. Once again, thank you.
@@AntonPutra Great to hear that I'm looking forward to seeing your next video. Could you suggest any helpful resources for someone who is new to GitOps and DevOps ?
I am a huge fan of using terraform to deploy with helm as well. It's very nice to have a single module to deploy every applicable resource in a declarative way. It's nice to see someone else using this pattern as well.
@@AntonPutra Im using Terraform to layer down the foundations for continuous deployment. I am using it to deploy kube(proxmox + kubespray in a single tf module), layer down metallb to carve out a small ip space block and configure NFS. Along with little one offs like my Minecraft server and ArgoCD it's self. I plan on using ArgoCD in my homelab to become more familiar with GitOps. Your tutorial has been very helpful so far.
Hi, your tutorials helped me land a great job and made me a lot better in Aws, Kubernetes, Terraform and everything else you show on your channel ! Great stuff !! I currently use argo to deploy some apps, but my containers go into loopback, do you have any idea how to troubleshoot them ?
It depends, if you get context deadline while creating a resource, you can override default and increase the timeline. If you get deadline while destroying infra try to rerun, if it fails most likelly there is a dependency and terraform cannot delete the object. It happens a lot when destroy, you can enable debug log or just remove components manually fro the UI.
Hopefully you will add section how to use it via terraform or via the same argocd approach - for the argocd itself. They (argocd) have something called Autopilot for bootstrapping argocd in the kubernetes cluster. And moreover - to have that possible video with the AWS EKS cluster. I already built one using you EKS Cluster creation video using terraform (but without cluster autoscaling part). And possibly with the information how to expose argocd via ingress, but without using custom domains. I can not find proper guide, how to quickly expose your Kubernetes application (like argoCd) outside, without having your own domain. Or maybe with domain - it is even more important. We all can purchase private domain in case we need it =) by the way - great content as always.
Thanks for the video!. How do you handle the notification for the deployment failures, let say for a migration job that happens at beginning of every deployments ?
Good question. I'm about to create a video about it. In short, you can use Prometheus metrics, which you can obtain from here argo-cd.readthedocs.io/en/stable/operator-manual/metrics/
This looks good, in surface is amazing at local, but it scares me on production to manage these things in HA, does it have storage to manage, caches? can you make a video about general best practices when moving things production
I've been running ArgoCD and Flux in prod for 4 years now. It's very straightforward. The only thing you need to pay attention to is garbage collection (when you delete a YAML from Git, the agent removes it from the cluster). If you're just getting started, I would suggest disabling it.
Hey.. Anton... Do you have some experience using jsonnet? ( data templating language) in kubernetes... If yes Can do a video about it..? I heard it could be a good alternativ to kustomize or helm
Hey Anton, thank you for this great tutorial series. At 28:20 you mention that at the end of this tutorial you will go over the approach used for AWS. I cannot seem to find that part. Would you mind pointing me in the right direction?
@@viswaviswa8616 No, I mean, I've been doing a lot of Okta integration at my work. A few months ago, I was trying to get an Okta account that I could use for a tutorial, but they refused to give it to me, and it's quite expensive for me to buy for personal/educational use. So, I can't do Okta integrations yet.
Hello, Anton. First of all, thank you for the amazing guides you provide. One thing I'm interested in in this video is how you stored a private ssh key in k8s cluster. Is it a common practice to store the key in Secret? I read a k8s doc and it says it's not secure. I would prefer to use some sort of key-vault. I understand that this is only a guide, and I just want to ask if this is a good practice.
Thanks, there are so many different integrations harshi corp vault, aws secrets manager etc. The easiest way is to use sealed secrets - ua-cam.com/video/ShGHCpUMdOg/v-deo.html
Fantastic video! Can you make a video about your background, how you came into tech and why you wanted to be in DevOps? Thank you for everything that you do.
Do you recommend adding everything inside an argocd app like databases(statefulsets) ? or should we create them separately and just deply our app image with argocd?
First of all, I would never recommend deploying databases in Kubernetes. However, for other stateful applications, such as Kafka or RabbitMQ, you should add them as ArgoCD apps and use the app-of-apps pattern.
@AntonPutra thanks for extremely useful manual! Could you please help me - I've got an error: ComparisonError groupVersion shouldn't be empty, after using kubectl apply command? It looks like wrong version of Helm charts.
Hey, I only watched the intro part, but why constant polling/syncing is better than just running `kubectl apply` code in GitHub Actions Code when a PR is merged? If the answer is somewhere later in the video, just let me know.
Generally, this approach, "GitOps" discourages any manual changes made in the cluster, and you can treat Git as a single source of truth. It's not something new, it was described long ago in the Google SRE book.
How do you guys go about failed ArgoCD application syncs and you need to rollback. What automation logic do you put in? With HELM atomic deployments it is fool proof and release would get rolled back. With ArgoCD we reckon to put stages in the pipelines that will be checking the sync status and trigger last known good release deployment if prolonged failures observed.
We use Flux v2 in production, which in my opinion is more mature, especially in terms of auto-deployment and committing back to Git. For failures, there is a Prometheus metric and alert.
@@AntonPutratx! A slightly on a tangent question. What toolkit/approch you'd recommend to combine CSP resources provisioning that would be a part/dependency of the deployed Kubernetes microservice app, where Devs don't have to stitch/reference all resources manually. This would only be used for standardised app deployments. This would have to work with Flux deployment model. At the moment I'm thinking of two options. 1. Use custom Helm Library Charts (which is a good practice anyway) that will deploy an app and create manifests for e.g. Azure Service Operator, which will manage Azure resources. Since we host many apps on a single subscription, I've heard there are scalability issues with service operators as they can hit rate limiting pretty quickly, or if supported configure a dedicated account per tenant operator. 2. At one of the pipeline stages either through Helm Library Chart templating or some other method generate Terraform resources and plan/review/approve/apply. Following with the triggered app sync/deploy. I'd think we'll have some write-back tags on commits to identify last successful running app release numbers and commits. This will allow for auto sync on e.g. kubernetes cluster redeploy/app recovery, whereby we don't have to run a pipeline for deployments. Or would you keep CSP resource provisioning independent of the app?
To be honest, I don't remember, but I would suggest using the latest Helm chart and ArgoCD version. Here's an example: they have a new way to configure the "insecure" parameter via settings. Link - github.com/antonputra/tutorials/blob/main/lessons/179/terraform/1-argocd.tf
Yes I have few videos ua-cam.com/video/lD0t-UgKfEo/v-deo.html ua-cam.com/video/jwdG6D-AB1k/v-deo.html ua-cam.com/video/6dLHcnlPi_U/v-deo.html ua-cam.com/video/Hv5UcBYseus/v-deo.html
@@AntonPutra yes i have a eks cluster i have deployed argocd on it service is working fine with port-forward but it is not working with ingress i am using ingress-nginx controller everything is deployed using terraform modules and argocd as helm release even ingress i created from values.yaml only still not able to get the webui of argocd with my host name I wanted to access my argocd web ui on /argocd But unable to get it
@@pseudozackxn i have plenty of other tutorials that focus on ingress, for example nginx ingress - ua-cam.com/video/xwiRjimKW9c/v-deo.html you just need to create ingress object and target argocd service or just use helm chart and you can configure ingress by supplying few variables
@@AntonPutra yes i have done that there was some issur from comfigmap side i was trying to access the application on some path and for that some extra configuration was required in config maps so that is why it was frustrating the documentation is also not very clear for argocd
@@thrinadhvenkata2315 well it's outside of the argocd scope. You need to do it on the application level, maybe you have 2 loggers, one writes to the console and another one to file..
Yeah i know, sorry =) I have bunch of example with ingresses pls take a look - github.com/antonputra/tutorials/tree/main/lessons/082 it's really easy if you go through this tutorial
🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
👉 How to Set Up ArgoCD for Production?: ua-cam.com/video/_G_RY5trQao/v-deo.html
👉 [Playlist] Argo CD Tutorials: ua-cam.com/play/PLiMWaCMwGJXkktZoHhmL6sbg7ELNjv9Xw.html
I can't really express in words how helpful your tutorials are. Your EKS-Terraform tutorial had saved me a client in my early Fiverr days and this one too is a life-saver. Thanks very much Anton.
Thanks Raza!
@@AntonPutra By the way Anton, which yaml formatting extension are you using here for VSCode? Thanks.
@@DevOpsEd
- Name: YAML
Id: redhat.vscode-yaml
Description: YAML Language Support by Red Hat, with built-in Kubernetes syntax support
Version: 1.12.2
Publisher: Red Hat
VS Marketplace Link: marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml
Hey Anton thank you please make more tutorials like these
Long videos like theses gives us lot of information. Thank you.
Thanks for the feedback. Yes from now on only long format!
Can't believe you don't have more subscribers. You are the go-to guy for me now. Thank you.
Get Full-Length High-Quality DevOps Tutorials for Free - Subscribe Now! - ua-cam.com/users/AntonPutra
Mlops and machine learning engineer are different?
Perfect timing. I need it for my new project
It is basically just perfect! Thank you for your contribution, Anton!
Thanks Jaguar Paw!
golden channel, simple explanation with hand expiriense
Hi Anton, your contents are GOLD, thanks for the effort you put into these quality videos
Thanks!
Thank you, Anton.
Your tutorials are very informative, and I would appreciate it if you could create more videos like these in the future.
The length of these videos allows us to gain a lot of valuable knowledge.
Once again, thank you.
THanks one more is coming soon
@@AntonPutra Great to hear that
I'm looking forward to seeing your next video.
Could you suggest any helpful resources for someone who is new to GitOps and DevOps ?
@@yassinekhouaja1257 kubernetes.io/ for sure
Great video! Most creators assume some basic details that you just covered as part as your step-by-step procedure. Thanks for sharing knowledge man!
my pleasure!
Thank you so much again Anton! It was a very helpful video. I'm sure I learned more than some courses!
Thanks Jeckson!
I was looking for this tutorial Sir. Thank you ❤
It took me a while =)
I always put like then watching your videos
Very informative videos ☝🏼👍🏼
Thanks Roman!
I am a huge fan of using terraform to deploy with helm as well. It's very nice to have a single module to deploy every applicable resource in a declarative way. It's nice to see someone else using this pattern as well.
It's great for deployments but terraform is not great for managing and keeping the state sync with the source code...
@@AntonPutra Im using Terraform to layer down the foundations for continuous deployment. I am using it to deploy kube(proxmox + kubespray in a single tf module), layer down metallb to carve out a small ip space block and configure NFS. Along with little one offs like my Minecraft server and ArgoCD it's self.
I plan on using ArgoCD in my homelab to become more familiar with GitOps. Your tutorial has been very helpful so far.
Great Tutorial ❤ love it, You are awesome 👌 teacher, thanks a lot.
Thank you! 😃
Thanks for the tutorial.
You're welcome!
Great tutorial
Thank you!
You are a Gem. Excellent detailed explanation.
thank you!
Hi, your tutorials helped me land a great job and made me a lot better in Aws, Kubernetes, Terraform and everything else you show on your channel ! Great stuff !! I currently use argo to deploy some apps, but my containers go into loopback, do you have any idea how to troubleshoot them ?
Thanks! Crashloop? Check logs before it crashes with kubectl logs -p pod. Or check if it crashes with OOM memory. Kubectl describe pod
Seem great, how to deal with context deadline exceeded error from terraform? In Git there are lots of "solutions" can't tell what will work
It depends, if you get context deadline while creating a resource, you can override default and increase the timeline. If you get deadline while destroying infra try to rerun, if it fails most likelly there is a dependency and terraform cannot delete the object. It happens a lot when destroy, you can enable debug log or just remove components manually fro the UI.
Hopefully you will add section how to use it via terraform or via the same argocd approach - for the argocd itself. They (argocd) have something called Autopilot for bootstrapping argocd in the kubernetes cluster.
And moreover - to have that possible video with the AWS EKS cluster. I already built one using you EKS Cluster creation video using terraform (but without cluster autoscaling part).
And possibly with the information how to expose argocd via ingress, but without using custom domains. I can not find proper guide, how to quickly expose your Kubernetes application (like argoCd) outside, without having your own domain. Or maybe with domain - it is even more important. We all can purchase private domain in case we need it =)
by the way - great content as always.
Thanks for the feedback! private domain would require vpn, which i don't want to setup for this tutorial
We think the same. I'm thinking how to deploy argo cd on EKS using terraform and how to access it securely.
Thanks for the video!.
How do you handle the notification for the deployment failures, let say for a migration job that happens at beginning of every deployments ?
Good question. I'm about to create a video about it. In short, you can use Prometheus metrics, which you can obtain from here argo-cd.readthedocs.io/en/stable/operator-manual/metrics/
Bedankt
Thanks for the support @webspooky!
Hey Anton great video, would love to see maybe fluxCD V2 comparison
Will do
can we use this approach in production i want to deploy this on EKS.
Sure, I would say you must use the GitOps approach in production, and ArgoCD and FluxCD are the most widely used tools for that job.
This looks good, in surface is amazing at local, but it scares me on production to manage these things in HA, does it have storage to manage, caches? can you make a video about general best practices when moving things production
I've been running ArgoCD and Flux in prod for 4 years now. It's very straightforward. The only thing you need to pay attention to is garbage collection (when you delete a YAML from Git, the agent removes it from the cluster). If you're just getting started, I would suggest disabling it.
Please make a video on Istio ambient mesh which runs without sidecars with the help of eBPF.
will do
Hey.. Anton... Do you have some experience using jsonnet? ( data templating language) in kubernetes... If yes Can do a video about it..? I heard it could be a good alternativ to kustomize or helm
Yes, will do!
Hey Anton, thank you for this great tutorial series. At 28:20 you mention that at the end of this tutorial you will go over the approach used for AWS. I cannot seem to find that part. Would you mind pointing me in the right direction?
Welcome! It's not ready yet, but I plan to refresh these services and include production deployment to AWS, Azure, and GCP soon...
Hi Anton, thanks for the more effort, just having doubt about argo cd login, do you have video for okat integration for Argocd?
Thanks, no I can't really cover all integrations in the video, however i've done it many times
@@AntonPutra you mean you have already covered the topics using Argo cd or someother video in your UA-cam channel?
@@viswaviswa8616 No, I mean, I've been doing a lot of Okta integration at my work. A few months ago, I was trying to get an Okta account that I could use for a tutorial, but they refused to give it to me, and it's quite expensive for me to buy for personal/educational use. So, I can't do Okta integrations yet.
@@AntonPutra true it's expensive, thanks for your help
Thank you so much for your efforts ✌
Very helpfull video, Thank you
Hello, Anton. First of all, thank you for the amazing guides you provide. One thing I'm interested in in this video is how you stored a private ssh key in k8s cluster. Is it a common practice to store the key in Secret? I read a k8s doc and it says it's not secure. I would prefer to use some sort of key-vault. I understand that this is only a guide, and I just want to ask if this is a good practice.
Thanks, there are so many different integrations harshi corp vault, aws secrets manager etc. The easiest way is to use sealed secrets - ua-cam.com/video/ShGHCpUMdOg/v-deo.html
how to connect to private repo was just what I needed
i hope you found the answer
Can you please make video on Argocd application set, why we need it? Thanks
sure in the future
Fantastic video! Can you make a video about your background, how you came into tech and why you wanted to be in DevOps? Thank you for everything that you do.
Thanks! Maybe in the future
Valeu!
Thanks Ricardo!
Do you recommend adding everything inside an argocd app like databases(statefulsets) ? or should we create them separately and just deply our app image with argocd?
First of all, I would never recommend deploying databases in Kubernetes. However, for other stateful applications, such as Kafka or RabbitMQ, you should add them as ArgoCD apps and use the app-of-apps pattern.
@AntonPutra thanks for extremely useful manual! Could you please help me - I've got an error: ComparisonError groupVersion shouldn't be empty, after using kubectl apply command? It looks like wrong version of Helm charts.
Thanks, already fixed, delete and apply again helped)
Hey, I only watched the intro part, but why constant polling/syncing is better than just running `kubectl apply` code in GitHub Actions Code when a PR is merged? If the answer is somewhere later in the video, just let me know.
Generally, this approach, "GitOps" discourages any manual changes made in the cluster, and you can treat Git as a single source of truth. It's not something new, it was described long ago in the Google SRE book.
How do you guys go about failed ArgoCD application syncs and you need to rollback. What automation logic do you put in?
With HELM atomic deployments it is fool proof and release would get rolled back. With ArgoCD we reckon to put stages in the pipelines that will be checking the sync status and trigger last known good release deployment if prolonged failures observed.
We use Flux v2 in production, which in my opinion is more mature, especially in terms of auto-deployment and committing back to Git. For failures, there is a Prometheus metric and alert.
@@AntonPutratx!
A slightly on a tangent question.
What toolkit/approch you'd recommend to combine CSP resources provisioning that would be a part/dependency of the deployed Kubernetes microservice app, where Devs don't have to stitch/reference all resources manually. This would only be used for standardised app deployments. This would have to work with Flux deployment model.
At the moment I'm thinking of two options.
1. Use custom Helm Library Charts (which is a good practice anyway) that will deploy an app and create manifests for e.g. Azure Service Operator, which will manage Azure resources.
Since we host many apps on a single subscription, I've heard there are scalability issues with service operators as they can hit rate limiting pretty quickly, or if supported configure a dedicated account per tenant operator.
2. At one of the pipeline stages either through Helm Library Chart templating or some other method generate Terraform resources and plan/review/approve/apply. Following with the triggered app sync/deploy.
I'd think we'll have some write-back tags on commits to identify last successful running app release numbers and commits. This will allow for auto sync on e.g. kubernetes cluster redeploy/app recovery, whereby we don't have to run a pipeline for deployments.
Or would you keep CSP resource provisioning independent of the app?
Why are there two different versions of Argo CD throughout your video, mostly 3.35.4 and 2.6.6 at 09:24?
To be honest, I don't remember, but I would suggest using the latest Helm chart and ArgoCD version. Here's an example: they have a new way to configure the "insecure" parameter via settings.
Link - github.com/antonputra/tutorials/blob/main/lessons/179/terraform/1-argocd.tf
how do you learn all these things? any tips to share?
read docs =)
Can u explain how to create pipelines 😂
do you have any tutorial with github actions ci/cd ?
Yes I have few videos
ua-cam.com/video/lD0t-UgKfEo/v-deo.html
ua-cam.com/video/jwdG6D-AB1k/v-deo.html
ua-cam.com/video/6dLHcnlPi_U/v-deo.html
ua-cam.com/video/Hv5UcBYseus/v-deo.html
Would be nice to see how to access argocd ui via istio gw & vs.
Well you just need to setup a regular ingress, I have a bunch of examples like that - ua-cam.com/video/9sLHoEyRq8w/v-deo.html
@@AntonPutra Thankyou. Yea I have now Argocd with istiogw & vs up & running.
Off-topic: seems you are still using Lastpass even after their security incidents.
Planing to switch to self hosted Bitwarden soon
plz upload videos in fast pace so that we could learn more in a minimum time
I'll see what i can do =)
@@AntonPutra thnx man for ur rply
Create a tutorial with argocd ingress please
you mean how to create ingress for argocd?
@@AntonPutra yes i have a eks cluster i have deployed argocd on it service is working fine with port-forward but it is not working with ingress i am using ingress-nginx controller everything is deployed using terraform modules and argocd as helm release even ingress i created from values.yaml only still not able to get the webui of argocd with my host name
I wanted to access my argocd web ui on /argocd
But unable to get it
@@AntonPutra yes
@@pseudozackxn i have plenty of other tutorials that focus on ingress, for example nginx ingress - ua-cam.com/video/xwiRjimKW9c/v-deo.html
you just need to create ingress object and target argocd service or just use helm chart and you can configure ingress by supplying few variables
@@AntonPutra yes i have done that there was some issur from comfigmap side i was trying to access the application on some path and for that some extra configuration was required in config maps so that is why it was frustrating the documentation is also not very clear for argocd
How to remove duplicate logs in argocd
Not sure about duplicate logs but you can definitely adjust verbosity
@@AntonPutra need to remove unnecessary logs in my spring boot application
@@thrinadhvenkata2315 well it's outside of the argocd scope. You need to do it on the application level, maybe you have 2 loggers, one writes to the console and another one to file..
9:48 ... and proceeds to never explain how to do that
Yeah i know, sorry =) I have bunch of example with ingresses pls take a look - github.com/antonputra/tutorials/tree/main/lessons/082
it's really easy if you go through this tutorial
ArgoCD tutorial not for beginners I guess
why not? :)