By Liusheng
This article focuses only on the migration of applications that use Git as the source in the Application Center. For migrating applications that use orchestration templates as the source, please refer to the Q&A section.
(1) An ACK One multi-cluster management instance is created. For more information, see Enable multi-cluster Management.
(2) A sub-cluster is connected to the ACK One multi-cluster management instance. For more information, see Manage Associated Clusters.
(3) GitOps is enabled for the ACK One multi-cluster instance. For more information, see Quick Start of GitOps.
(1) Visit the ArgoCD to download and install the latest ArgoCD CLI.
(2) Use the ArgoCD CLI to access the master instance in the Application Center.
Import environment variables:
$ export ARGOCD_OPTS='--port-forward-namespace appcenter --plaintext'
View the application list. The example is as follows:
$ argocd app list
NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET
appcenter/gitops-demo https://192.168.0.244:6443 gitops default Synced Healthy <none> <none> git@github.com:haoshuwei/gitops-demo-private.git helm main
The name of the application to be migrated is gitops-demo. The repo used is git@github.com:haoshuwei/gitops-demo-private.git
. The application is deployed in the target cluster https://192.168.0.244:6443
(1) Export Application CR Manifests. The following is an example:
$ kubectl -n appcenter get application gitops-demo -oyaml > gitops-demo.yaml
(2) Export the repo secret used by the application. The following is an example:
View the list of repo secret:
$ kubectl -n appcenter get secret -l argocd.argoproj.io/secret-type=repository
NAME TYPE DATA AGE
repo-3914117193 Opaque 5 50m
According to the fact that repo url used by the application gitops-demo in step 1 is git@github.com:haoshuwei/gitops-demo-private.git
, confirm the name of the repo secret to be exported and view the repo secret information as follows:
$ kubectl -n appcenter get secret repo-3914117193 -o jsonpath="{.data.url}" | base64 -d
git@github.com:haoshuwei/gitops-demo-private.git
Confirm and export the repo secret named repo-3914117193:
$ kubectl -n appcenter get secret repo-3914117193 -oyaml > repo-3914117193.yaml
(1) For more information, see Use the ArgoCD CLI to Access the ACK One GitOps.
(2) View the sub-cluster information. The following is an example:
$ argocd cluster list
SERVER NAME VERSION STATUS MESSAGE PROJECT
https://<apiserver>:6443 <clusterid>-ack-production-oversea 1.24+ Successful
https://kubernetes.default.svc in-cluster Unknown Cluster has no applications and is not being monitored.
(1) Modify the gitops-demo.yaml and repo-3914117193.yaml files exported in step 2:
Check whether the {.spec.destination.server} server address in the gitops-demo.yaml is the same as the server address of the destination cluster listed in step 3 (whether they are the public network addresses or internal network addresses). If they are different, run the following shell command to modify them:
Replace $sed -i "s/192.168.0.244/< with the IP address of the cluster server in the ACK One instance >/g" gitops-demo.yaml
Change the namespace in the gitops-demo.yaml to argocd. The following is an example:
$ sed -i "s/namespace: appcenter/namespace: argocd/g" gitops-demo.yaml
Change the namespace in the repo-3914117193.yaml to argocd. The following is an example:
$ sed -i "s/namespace: appcenter/namespace: argocd/g" repo-3914117193.yaml
(2) Import repo Manifests to the master instance of ACK One
Import repo-3914117193.yaml
$ kubectl apply -f repo-3914117193.yaml
Check whether the repo has been imported and confirm that the STATUS is Successful (indicating that the repo is connected):
$ argocd repo list
TYPE NAME REPO INSECURE OCI LFS CREDS STATUS MESSAGE PROJECT
git gitops-demo-private git@github.com:haoshuwei/gitops-demo-private.git true false false false Successful
(3) Import application Manifests to the master instance of ACK One
Import gitops-demo.yaml
$ kubectl apply -f gitops-demo.yaml
View the application list and check whether the application status is consistent with the Application Center:
$ argocd app list
NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET
gitops-demo https://<apiserver>:6443 gitops default Synced Healthy <none> <none> git@github.com:haoshuwei/gitops-demo-private.git helm main
In the master instance of the Application Center, run the following command to remove the application:
$ argocd app delete gitops-demo --cascade=false
Note: You must use the --cascade=false
parameter. Otherwise, the Kubernetes resources that run in the target cluster will be deleted along with the application.
Now, you have successfully migrated the application from the Application Center to ACK One GitOps.
ACK One GitOps iterates on features with the Argocd open source community and only supports the creation and management of applications sourced from Git. For applications in the Application Center sourced from an orchestration template, you must manually migrate the template to a Git source, use that source to publish the application in the ACK One GitOps system, and then follow step 5 to remove the application from the Application Center.
Application Center triggers only support applications sourced from orchestration templates. In ACK One GitOps systems, applications using Git as the source automatically update application images using image-updater. For instructions on using image-updater to automatically update application images, refer to: https://www.alibabacloud.com/blog/practices-for-building-gitops-delivery-based-on-ack-one-and-acr_600067
After completing the previous five steps, you need to configure credentials for accessing ACR and Git repositories in the master instance of ACK One:
Configure credentials for accessing ACR:
$ kubectl -n argocd apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: acr
type: Opaque
stringData:
acr: <your_username>:<your_password> Replace <your_username>:<your_password> with the credentials of your image repository.
EOF
Configure credentials for accessing the Git repository:
$ kubectl -n argocd create secret generic git-creds \
--from-literal=username=<your_username> \
--from-literal=password=<your_password>
Update the annotation argocd-image-updater.argoproj.io/write-back-method
in the application as follows:
metadata:
annotations:
argocd-image-updater.argoproj.io/write-back-method: git:secret:argocd/git-creds
That is, update the namespace appcenter in the git:secret:<modify from appcenter to argocd>/git-creds
to argocd.
Event-driven Practice of Knative: Trigger Events Through EventBridge
173 posts | 31 followers
FollowAlibaba Container Service - April 12, 2024
Alibaba Container Service - April 17, 2024
Alibaba Container Service - November 21, 2024
Alibaba Cloud Native - October 8, 2022
Alibaba Container Service - July 16, 2024
Alibaba Container Service - November 7, 2024
173 posts | 31 followers
FollowProvides a control plane to allow users to manage Kubernetes clusters that run based on different infrastructure resources
Learn MoreAlibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.
Learn MoreAccelerate and secure the development, deployment, and management of containerized applications cost-effectively.
Learn MoreMore Posts by Alibaba Container Service