bikramgupta/gist:9c24c14f0177b9862f7b628a880f7568

## gistfile1.txt
# Install argo CD
[centos@ip-172-31-8-215 argocd]$ kubectl create namespace argocd
namespace/argocd created
[centos@ip-172-31-8-215 argocd]$ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
customresourcedefinition.apiextensions.k8s.io/applications.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
serviceaccount/argocd-application-controller created
serviceaccount/argocd-dex-server created
serviceaccount/argocd-server created
role.rbac.authorization.k8s.io/argocd-application-controller created
role.rbac.authorization.k8s.io/argocd-dex-server created
role.rbac.authorization.k8s.io/argocd-server created
clusterrole.rbac.authorization.k8s.io/argocd-application-controller created
clusterrole.rbac.authorization.k8s.io/argocd-server created
rolebinding.rbac.authorization.k8s.io/argocd-application-controller created
rolebinding.rbac.authorization.k8s.io/argocd-dex-server created
rolebinding.rbac.authorization.k8s.io/argocd-server created
clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller created
clusterrolebinding.rbac.authorization.k8s.io/argocd-server created
configmap/argocd-cm created
configmap/argocd-rbac-cm created
configmap/argocd-ssh-known-hosts-cm created
configmap/argocd-tls-certs-cm created
secret/argocd-secret created
service/argocd-dex-server created
service/argocd-metrics created
service/argocd-redis created
service/argocd-repo-server created
service/argocd-server-metrics created
service/argocd-server created
deployment.apps/argocd-application-controller created
deployment.apps/argocd-dex-server created
deployment.apps/argocd-redis created
deployment.apps/argocd-repo-server created
deployment.apps/argocd-server created
[centos@ip-172-31-8-215 argocd]$

# There are 2 CRDs - applications and appprojects.
# Configmaps, RBAC permissions
# We need to expose argocd-server outside the cluster

[centos@ip-172-31-8-215 argocd]$ kubectl get all -n argocd
NAME                                                 READY   STATUS    RESTARTS   AGE
pod/argocd-application-controller-68f8bf79d8-rrtwb   1/1     Running   0          19m
pod/argocd-dex-server-5994988c7f-jk42n               1/1     Running   0          19m
pod/argocd-redis-78c9595d44-pkgpp                    1/1     Running   0          19m
pod/argocd-repo-server-775496b8dd-wr7dx              1/1     Running   0          19m
pod/argocd-server-56db6f6cb6-rl9ks                   1/1     Running   0          19m


NAME                            TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)             AGE
service/argocd-dex-server       ClusterIP   10.110.249.95    <none>        5556/TCP,5557/TCP   19m
service/argocd-metrics          ClusterIP   10.110.6.191     <none>        8082/TCP            19m
service/argocd-redis            ClusterIP   10.108.93.90     <none>        6379/TCP            19m
service/argocd-repo-server      ClusterIP   10.111.133.223   <none>        8081/TCP,8084/TCP   19m
service/argocd-server           ClusterIP   10.96.199.175    <none>        80/TCP,443/TCP      19m
service/argocd-server-metrics   ClusterIP   10.102.185.137   <none>        8083/TCP            19m


NAME                                            READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/argocd-application-controller   1/1     1            1           19m
deployment.apps/argocd-dex-server               1/1     1            1           19m
deployment.apps/argocd-redis                    1/1     1            1           19m
deployment.apps/argocd-repo-server              1/1     1            1           19m
deployment.apps/argocd-server                   1/1     1            1           19m

NAME                                                       DESIRED   CURRENT   READY   AGE
replicaset.apps/argocd-application-controller-68f8bf79d8   1         1         1       19m
replicaset.apps/argocd-dex-server-5994988c7f               1         1         1       19m
replicaset.apps/argocd-redis-78c9595d44                    1         1         1       19m
replicaset.apps/argocd-repo-server-775496b8dd              1         1         1       19m
replicaset.apps/argocd-server-56db6f6cb6                   1         1         1       19m


[centos@ip-172-31-8-215 argocd]$

# Let us expose argocd server using a NodePort for this tutorial
[centos@ip-172-31-8-215 argocd]$ kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}'
service/argocd-server patched
[centos@ip-172-31-8-215 argocd]$ kubectl get svc -n argocd argocd-server
NAME            TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
argocd-server   NodePort   10.96.199.175   <none>        80:32623/TCP,443:30058/TCP   23m
[centos@ip-172-31-8-215 argocd]$

# So now we can access argocd server on nodeport 30058

# Let us first change the default password (name of argocd-server pod) for admin user.
[centos@ip-172-31-8-215 argocd]$ kubectl get pods -n argocd -l app.kubernetes.io/name=argocd-server -o name | cut -d'/' -f 2
argocd-server-56db6f6cb6-rl9ks
[centos@ip-172-31-8-215 argocd]$ argocd login 10.96.199.175
WARNING: server certificate had error: x509: cannot validate certificate for 10.96.199.175 because it doesn't contain any IP SANs. Proceed insecurely (y/n)? y
Username: admin
Password:
'admin' logged in successfully
Context '10.96.199.175' updated
[centos@ip-172-31-8-215 argocd]$ argocd account update-password
*** Enter current password:
*** Enter new password:
*** Confirm new password:
Password updated
Context '10.96.199.175' updated
[centos@ip-172-31-8-215 argocd]$


# Argo CD ui is very intuitive. Follow through the ui to add your github repo and add your policy folder to sync.


# Let us sync via CLI

[centos@ip-172-31-8-215 argocd]$ argocd
argocd controls a Argo CD server

Usage:
  argocd [flags]
  argocd [command]

Available Commands:
  account     Manage account settings
  app         Manage applications
  cert        Manage repository certificates and SSH known hosts entries
  cluster     Manage cluster credentials
  completion  output shell completion code for the specified shell (bash or zsh)
  context     Switch between contexts
  help        Help about any command
  login       Log in to Argo CD
  logout      Log out from Argo CD
  proj        Manage projects
  relogin     Refresh an expired authenticate token
  repo        Manage git repository connection parameters
  version     Print version information

Flags:
      --auth-token string   Authentication token
      --config string       Path to Argo CD config (default "/home/centos/.argocd/config")
      --grpc-web            Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2.
  -h, --help                help for argocd
      --insecure            Skip server certificate and domain verification
      --loglevel string     Set the logging level. One of: debug|info|warn|error (default "info")
      --plaintext           Disable TLS
      --server string       Argo CD server address
      --server-crt string   Server certificate file

Use "argocd [command] --help" for more information about a command.

[centos@ip-172-31-8-215 hep]$ argocd app list
NAME    CLUSTER                         NAMESPACE  PROJECT  STATUS     HEALTH   SYNCPOLICY  CONDITIONS  REPO                                   PATH    TARGET
secops  https://kubernetes.default.svc  default    default  OutOfSync  Missing  <none>      <none>      https://github.com/bikram20/k8sconfig  secops  HEAD
[centos@ip-172-31-8-215 hep]$
	# Install argo CD
	[centos@ip-172-31-8-215 argocd]$ kubectl create namespace argocd
	namespace/argocd created
	[centos@ip-172-31-8-215 argocd]$ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
	customresourcedefinition.apiextensions.k8s.io/applications.argoproj.io created
	customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
	serviceaccount/argocd-application-controller created
	serviceaccount/argocd-dex-server created
	serviceaccount/argocd-server created
	role.rbac.authorization.k8s.io/argocd-application-controller created
	role.rbac.authorization.k8s.io/argocd-dex-server created
	role.rbac.authorization.k8s.io/argocd-server created
	clusterrole.rbac.authorization.k8s.io/argocd-application-controller created
	clusterrole.rbac.authorization.k8s.io/argocd-server created
	rolebinding.rbac.authorization.k8s.io/argocd-application-controller created
	rolebinding.rbac.authorization.k8s.io/argocd-dex-server created
	rolebinding.rbac.authorization.k8s.io/argocd-server created
	clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller created
	clusterrolebinding.rbac.authorization.k8s.io/argocd-server created
	configmap/argocd-cm created
	configmap/argocd-rbac-cm created
	configmap/argocd-ssh-known-hosts-cm created
	configmap/argocd-tls-certs-cm created
	secret/argocd-secret created
	service/argocd-dex-server created
	service/argocd-metrics created
	service/argocd-redis created
	service/argocd-repo-server created
	service/argocd-server-metrics created
	service/argocd-server created
	deployment.apps/argocd-application-controller created
	deployment.apps/argocd-dex-server created
	deployment.apps/argocd-redis created
	deployment.apps/argocd-repo-server created
	deployment.apps/argocd-server created
	[centos@ip-172-31-8-215 argocd]$

	# There are 2 CRDs - applications and appprojects.
	# Configmaps, RBAC permissions
	# We need to expose argocd-server outside the cluster

	[centos@ip-172-31-8-215 argocd]$ kubectl get all -n argocd
	NAME READY STATUS RESTARTS AGE
	pod/argocd-application-controller-68f8bf79d8-rrtwb 1/1 Running 0 19m
	pod/argocd-dex-server-5994988c7f-jk42n 1/1 Running 0 19m
	pod/argocd-redis-78c9595d44-pkgpp 1/1 Running 0 19m
	pod/argocd-repo-server-775496b8dd-wr7dx 1/1 Running 0 19m
	pod/argocd-server-56db6f6cb6-rl9ks 1/1 Running 0 19m


	NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
	service/argocd-dex-server ClusterIP 10.110.249.95 <none> 5556/TCP,5557/TCP 19m
	service/argocd-metrics ClusterIP 10.110.6.191 <none> 8082/TCP 19m
	service/argocd-redis ClusterIP 10.108.93.90 <none> 6379/TCP 19m
	service/argocd-repo-server ClusterIP 10.111.133.223 <none> 8081/TCP,8084/TCP 19m
	service/argocd-server ClusterIP 10.96.199.175 <none> 80/TCP,443/TCP 19m
	service/argocd-server-metrics ClusterIP 10.102.185.137 <none> 8083/TCP 19m


	NAME READY UP-TO-DATE AVAILABLE AGE
	deployment.apps/argocd-application-controller 1/1 1 1 19m
	deployment.apps/argocd-dex-server 1/1 1 1 19m
	deployment.apps/argocd-redis 1/1 1 1 19m
	deployment.apps/argocd-repo-server 1/1 1 1 19m
	deployment.apps/argocd-server 1/1 1 1 19m

	NAME DESIRED CURRENT READY AGE
	replicaset.apps/argocd-application-controller-68f8bf79d8 1 1 1 19m
	replicaset.apps/argocd-dex-server-5994988c7f 1 1 1 19m
	replicaset.apps/argocd-redis-78c9595d44 1 1 1 19m
	replicaset.apps/argocd-repo-server-775496b8dd 1 1 1 19m
	replicaset.apps/argocd-server-56db6f6cb6 1 1 1 19m


	[centos@ip-172-31-8-215 argocd]$

	# Let us expose argocd server using a NodePort for this tutorial
	[centos@ip-172-31-8-215 argocd]$ kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}'
	service/argocd-server patched
	[centos@ip-172-31-8-215 argocd]$ kubectl get svc -n argocd argocd-server
	NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
	argocd-server NodePort 10.96.199.175 <none> 80:32623/TCP,443:30058/TCP 23m
	[centos@ip-172-31-8-215 argocd]$

	# So now we can access argocd server on nodeport 30058

	# Let us first change the default password (name of argocd-server pod) for admin user.
	[centos@ip-172-31-8-215 argocd]$ kubectl get pods -n argocd -l app.kubernetes.io/name=argocd-server -o name \| cut -d'/' -f 2
	argocd-server-56db6f6cb6-rl9ks
	[centos@ip-172-31-8-215 argocd]$ argocd login 10.96.199.175
	WARNING: server certificate had error: x509: cannot validate certificate for 10.96.199.175 because it doesn't contain any IP SANs. Proceed insecurely (y/n)? y
	Username: admin
	Password:
	'admin' logged in successfully
	Context '10.96.199.175' updated
	[centos@ip-172-31-8-215 argocd]$ argocd account update-password
	*** Enter current password:
	*** Enter new password:
	*** Confirm new password:
	Password updated
	Context '10.96.199.175' updated
	[centos@ip-172-31-8-215 argocd]$


	# Argo CD ui is very intuitive. Follow through the ui to add your github repo and add your policy folder to sync.



	# Let us sync via CLI

	[centos@ip-172-31-8-215 argocd]$ argocd
	argocd controls a Argo CD server

	Usage:
	argocd [flags]
	argocd [command]

	Available Commands:
	account Manage account settings
	app Manage applications
	cert Manage repository certificates and SSH known hosts entries
	cluster Manage cluster credentials
	completion output shell completion code for the specified shell (bash or zsh)
	context Switch between contexts
	help Help about any command
	login Log in to Argo CD
	logout Log out from Argo CD
	proj Manage projects
	relogin Refresh an expired authenticate token
	repo Manage git repository connection parameters
	version Print version information

	Flags:
	--auth-token string Authentication token
	--config string Path to Argo CD config (default "/home/centos/.argocd/config")
	--grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2.
	-h, --help help for argocd
	--insecure Skip server certificate and domain verification
	--loglevel string Set the logging level. One of: debug\|info\|warn\|error (default "info")
	--plaintext Disable TLS
	--server string Argo CD server address
	--server-crt string Server certificate file

	Use "argocd [command] --help" for more information about a command.

	[centos@ip-172-31-8-215 hep]$ argocd app list
	NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET
	secops https://kubernetes.default.svc default default OutOfSync Missing <none> <none> https://github.com/bikram20/k8sconfig secops HEAD
	[centos@ip-172-31-8-215 hep]$