By Liusheng
This article focuses only on the migration of applications that use Git as the source in the Application Center. For migrating applications that use orchestration templates as the source, please refer to the Q&A section.
(1) An ACK One multi-cluster management instance is created. For more information, see Enable multi-cluster Management.
(2) A sub-cluster is connected to the ACK One multi-cluster management instance. For more information, see Manage Associated Clusters.
(3) GitOps is enabled for the ACK One multi-cluster instance. For more information, see Quick Start of GitOps.
(1) Visit the ArgoCD to download and install the latest ArgoCD CLI.
(2) Use the ArgoCD CLI to access the master instance in the Application Center.
Import environment variables:
$ export ARGOCD_OPTS='--port-forward-namespace appcenter --plaintext'View the application list. The example is as follows:
$ argocd app list
NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET
appcenter/gitops-demo https://192.168.0.244:6443 gitops default Synced Healthy <none> <none> git@github.com:haoshuwei/gitops-demo-private.git helm mainThe name of the application to be migrated is gitops-demo. The repo used is git@github.com:haoshuwei/gitops-demo-private.git. The application is deployed in the target cluster https://192.168.0.244:6443
(1) Export Application CR Manifests. The following is an example:
$ kubectl -n appcenter get application gitops-demo -oyaml > gitops-demo.yaml(2) Export the repo secret used by the application. The following is an example:
View the list of repo secret:
$ kubectl -n appcenter get secret -l argocd.argoproj.io/secret-type=repository
NAME TYPE DATA AGE
repo-3914117193 Opaque 5 50mAccording to the fact that repo url used by the application gitops-demo in step 1 is git@github.com:haoshuwei/gitops-demo-private.git, confirm the name of the repo secret to be exported and view the repo secret information as follows:
$ kubectl -n appcenter get secret repo-3914117193 -o jsonpath="{.data.url}" | base64 -d
git@github.com:haoshuwei/gitops-demo-private.gitConfirm and export the repo secret named repo-3914117193:
$ kubectl -n appcenter get secret repo-3914117193 -oyaml > repo-3914117193.yaml(1) For more information, see Use the ArgoCD CLI to Access the ACK One GitOps.
(2) View the sub-cluster information. The following is an example:
$ argocd cluster list
SERVER NAME VERSION STATUS MESSAGE PROJECT
https://<apiserver>:6443 <clusterid>-ack-production-oversea 1.24+ Successful
https://kubernetes.default.svc in-cluster Unknown Cluster has no applications and is not being monitored.(1) Modify the gitops-demo.yaml and repo-3914117193.yaml files exported in step 2:
Check whether the {.spec.destination.server} server address in the gitops-demo.yaml is the same as the server address of the destination cluster listed in step 3 (whether they are the public network addresses or internal network addresses). If they are different, run the following shell command to modify them:
Replace $sed -i "s/192.168.0.244/< with the IP address of the cluster server in the ACK One instance >/g" gitops-demo.yamlChange the namespace in the gitops-demo.yaml to argocd. The following is an example:
$ sed -i "s/namespace: appcenter/namespace: argocd/g" gitops-demo.yamlChange the namespace in the repo-3914117193.yaml to argocd. The following is an example:
$ sed -i "s/namespace: appcenter/namespace: argocd/g" repo-3914117193.yaml(2) Import repo Manifests to the master instance of ACK One
Import repo-3914117193.yaml
$ kubectl apply -f repo-3914117193.yamlCheck whether the repo has been imported and confirm that the STATUS is Successful (indicating that the repo is connected):
$ argocd repo list
TYPE NAME REPO INSECURE OCI LFS CREDS STATUS MESSAGE PROJECT
git gitops-demo-private git@github.com:haoshuwei/gitops-demo-private.git true false false false Successful(3) Import application Manifests to the master instance of ACK One
Import gitops-demo.yaml
$ kubectl apply -f gitops-demo.yamlView the application list and check whether the application status is consistent with the Application Center:
$ argocd app list
NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET
gitops-demo https://<apiserver>:6443 gitops default Synced Healthy <none> <none> git@github.com:haoshuwei/gitops-demo-private.git helm mainIn the master instance of the Application Center, run the following command to remove the application:
$ argocd app delete gitops-demo --cascade=falseNote: You must use the --cascade=false parameter. Otherwise, the Kubernetes resources that run in the target cluster will be deleted along with the application.
Now, you have successfully migrated the application from the Application Center to ACK One GitOps.
ACK One GitOps iterates on features with the Argocd open source community and only supports the creation and management of applications sourced from Git. For applications in the Application Center sourced from an orchestration template, you must manually migrate the template to a Git source, use that source to publish the application in the ACK One GitOps system, and then follow step 5 to remove the application from the Application Center.
Application Center triggers only support applications sourced from orchestration templates. In ACK One GitOps systems, applications using Git as the source automatically update application images using image-updater. For instructions on using image-updater to automatically update application images, refer to: https://www.alibabacloud.com/blog/practices-for-building-gitops-delivery-based-on-ack-one-and-acr_600067
After completing the previous five steps, you need to configure credentials for accessing ACR and Git repositories in the master instance of ACK One:
Configure credentials for accessing ACR:
$ kubectl -n argocd apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: acr
type: Opaque
stringData:
acr: <your_username>:<your_password> Replace <your_username>:<your_password> with the credentials of your image repository.
EOFConfigure credentials for accessing the Git repository:
$ kubectl -n argocd create secret generic git-creds \
--from-literal=username=<your_username> \
--from-literal=password=<your_password>Update the annotation argocd-image-updater.argoproj.io/write-back-method in the application as follows:
metadata:
annotations:
argocd-image-updater.argoproj.io/write-back-method: git:secret:argocd/git-credsThat is, update the namespace appcenter in the git:secret:<modify from appcenter to argocd>/git-creds to argocd.
Event-driven Practice of Knative: Trigger Events Through EventBridge
164 posts | 29 followers
FollowAlibaba Container Service - April 12, 2024
Alibaba Container Service - April 17, 2024
Alibaba Cloud Native - October 8, 2022
Alibaba Container Service - July 16, 2024
Alibaba Container Service - November 7, 2024
Alibaba Container Service - May 16, 2024
164 posts | 29 followers
Follow
ACK One
Provides a control plane to allow users to manage Kubernetes clusters that run based on different infrastructure resources
Learn More
Container Service for Kubernetes
Alibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.
Learn More
Cloud-Native Applications Management Solution
Accelerate and secure the development, deployment, and management of containerized applications cost-effectively.
Learn MoreMore Posts by Alibaba Container Service