×

By default, the Red Hat OpenShift GitOps installs an instance of Argo CD in the openshift-gitops namespace with additional permissions for managing certain cluster-scoped resources. To manage cluster configurations or deploy applications, you can install and deploy a new Argo CD instance. By default, any new instance has permissions to manage resources only in the namespace where it is deployed.

Installing an Argo CD instance

To manage cluster configurations or deploy applications, you can install and deploy a new Argo CD instance.

Prerequisites
  • You have access to the cluster with cluster-admin privileges.

  • You have installed the Red Hat OpenShift GitOps Operator in your cluster.

Procedure
  1. Log in to the OpenShift Container Platform web console.

  2. In the Administrator perspective of the web console, click OperatorsInstalled Operators.

  3. Create or select the project where you want to install the Argo CD instance from the Project drop-down menu.

  4. Select OpenShift GitOps Operator from the installed operators list and click the Argo CD tab.

  5. Click Create ArgoCD to configure the parameters:

    1. Enter the Name of the instance. By default, the Name is set to example.

    2. Create an external OS Route to access Argo CD server. Click ServerRoute and check Enabled.

    3. Optional: You can also configure YAML for creating an external OS Route by adding the following configuration:

      Example Argo CD with external OS route created
      apiVersion: argoproj.io/v1beta1
      kind: ArgoCD
      metadata:
        name: example
        namespace: openshift-gitops
      spec:
        server:
          route:
            enabled: true
  6. Go to NetworkingRoutes<instance_name>-server in the project where the Argo CD instance is installed.

  7. On the Details tab, click the Argo CD web UI link under Route detailsLocation. The Argo CD web UI opens in a separate browser window.

  8. Optional: To log in with your OpenShift Container Platform credentials, ensure you are a user of the cluster-admins group and then select the LOG IN VIA OPENSHIFT option in the Argo CD user interface.

    To be a user of the cluster-admins group, use the oc adm groups new cluster-admins <user> command, where <user> is the default cluster role that you can bind to users and groups cluster-wide or locally.

  9. Obtain the password for the Argo CD instance:

    1. Use the navigation panel to go to the WorkloadsSecrets page.

    2. Use the Project drop-down list and select the namespace where the Argo CD instance is created.

    3. Select the <argo_CD_instance_name>-cluster instance to display the password.

    4. On the Details tab, copy the password under Dataadmin.password.

  10. Use admin as the Username and the copied password as the Password to log in to the Argo CD UI in the new window.

Enabling replicas for Argo CD server and repo server

Argo CD-server and Argo CD-repo-server workloads are stateless. To better distribute your workloads among pods, you can increase the number of Argo CD-server and Argo CD-repo-server replicas. However, if a horizontal autoscaler is enabled on the Argo CD-server, it overrides the number of replicas you set.

Procedure
  • Set the replicas parameters for the repo and server spec to the number of replicas you want to run:

    Example Argo CD custom resource
    apiVersion: argoproj.io/v1beta1
    kind: ArgoCD
    metadata:
      name: example-argocd
      labels:
        example: repo
    spec:
      repo:
        replicas: <number_of_replicas>
      server:
        replicas: <number_of_replicas>
        route:
          enabled: true
          path: /
          tls:
            insecureEdgeTerminationPolicy: Redirect
            termination: passthrough
          wildcardPolicy: None

Deploying resources to a different namespace

To allow Argo CD to manage resources in other namespaces apart from where it is installed, configure the target namespace with a argocd.argoproj.io/managed-by label.

Procedure
  • Configure the namespace:

    $ oc label namespace <namespace> \
    argocd.argoproj.io/managed-by=<namespace> (1)
    1 The namespace where Argo CD is installed.

In a multi-tenant cluster, users might have to deal with multiple instances of Argo CD. For example, after installing an Argo CD instance in your namespace, you might find a different Argo CD instance attached to the Argo CD console link, instead of your own Argo CD instance, in the Console Application Launcher.

You can customize the Argo CD console link by setting the DISABLE_DEFAULT_ARGOCD_CONSOLELINK environment variable:

  • When you set DISABLE_DEFAULT_ARGOCD_CONSOLELINK to true, the Argo CD console link is permanently deleted.

  • When you set DISABLE_DEFAULT_ARGOCD_CONSOLELINK to false or use the default value, the Argo CD console link is temporarily deleted and visible again when the Argo CD route is reconciled.

Prerequisites
  • You have logged in to the OpenShift Container Platform cluster as an administrator.

  • You have installed the Red Hat OpenShift GitOps Operator.

Procedure
  1. In the Administrator perspective, navigate to AdministrationCustomResourceDefinitions.

  2. Find the Subscription CRD and click to open it.

  3. Select the Instances tab and click the openshift-gitops-operator subscription.

  4. Select the YAML tab and make your customization:

    • To enable or disable the Argo CD console link, edit the value of DISABLE_DEFAULT_ARGOCD_CONSOLELINK as needed:

      apiVersion: operators.coreos.com/v1alpha1
      kind: Subscription
      metadata:
        name: openshift-gitops-operator
      spec:
        config:
          env:
          - name: DISABLE_DEFAULT_ARGOCD_CONSOLELINK
            value: 'true'