728x90
현재 블로그 이전으로 아래 내용에서 더 자세히 확인 할 수 있을거 같다.
https://huntedhappy.github.io/argo/
The Documentation Argo-CD
Argo Install Guide
huntedhappy.github.io
// 설치
VERSION=$(curl --silent "https://api.github.com/repos/argoproj/argo-cd/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/')
curl -sSL -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/download/$VERSION/argocd-linux-amd64
sudo chmod +x /usr/local/bin/argocd
//argocd-cli login
## 패스워드 확인
argopw=`kubectl -n argo get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d`
argocd login localhost:8080 --username admin --password $argopw --paintext
// User 확인
argocd account list
// User 추가
kubectl edit cm argocd-cm -n argo
apiVersion: v1
data:
# add an additional local user with apiKey and login capabilities
# apiKey - allows generating API keys
# login - allows to login using UI
accounts.my1208: login # new user
## user 추가후 패스워드 변경
argocd account update-password --account my1208 --new-password 'Passw0rd'
RABC 적용
// RBAC 적용
kubectl edit cm argocd-rbac-cm -n argo
apiVersion: v1
data:
policy.csv: |
p, role:my1208, applications, *, my1208/*, allow
p, role:my1208, projects, get, my1208, allow
p, role:my1208, repositories, get, *, allow
p, role:my1208, clusters, get, *, allow
g, my1208, role:admin
p, role:none, *, *, */*, deny
g, tkg, role:readonly
g, my1208, role:admin
policy.default: role:none
scopes: '[groups,email]'
kind: ConfigMap
metadata:
annotations:
meta.helm.sh/release-name: argocd
meta.helm.sh/release-namespace: argo
labels:
app.kubernetes.io/component: server
app.kubernetes.io/instance: argocd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: argocd-rbac-cm
app.kubernetes.io/part-of: argocd
helm.sh/chart: argo-cd-3.29.4
name: argocd-rbac-cm
namespace: argo반응형
'DEVOPS > ARGO' 카테고리의 다른 글
| (DK) ARGO SLACK Integration (0) | 2021.12.27 |
|---|---|
| (DK) TKG에 HELM을 통한 ARGO 배포 (0) | 2021.12.25 |
