A GitOps repository for managing AKS cluster addons and platform services using ArgoCD. This repository works in conjunction with 01-aks-tf which deploys the infrastructure (AKS, ArgoCD, Crossplane, Azure Service Operators).
This repository is automatically deployed by ArgoCD once the infrastructure is provisioned:
-
Deploy Infrastructure (from
01-aks-tf)cd ../01-aks-tf make init ENV=dev make apply -
ArgoCD Auto-Deploys This Repo
- ArgoCD automatically syncs
base_chart/from this repository - Enabled addons are deployed based on
base_chart/values.yaml
- ArgoCD automatically syncs
-
Access ArgoCD
# ArgoCD URL http://luciano-argocd.eastus.cloudapp.azure.com # Get admin password kubectl -n devops-system get secret argocd-initial-admin-secret \ -o jsonpath="{.data.password}" | base64 -d
This GitOps repository manages Kubernetes platform addons through ArgoCD Applications. Each addon is:
- Declaratively defined in
base_chart/templates/ - Configured via
base_chart/values.yaml - Automatically deployed by ArgoCD when enabled
- Self-healing with automated sync policies
- GitOps Workflow: All changes through Git
- ArgoCD Applications: Declarative addon management
- Helm-based: Addons use Helm charts with dependencies
- Namespace Isolation: Organized by system component
- Automated Sync: Self-healing and pruning enabled
- Sync Waves: Controlled deployment order
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AKS Cluster (01-aks-tf) β
β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β ArgoCD (devops-system) β β
β β β β
β β Monitors: https://github.com/lurodrisilva/gitops β β
β β Path: base_chart/ β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β ArgoCD Applications (from base_chart) β β
β β β β
β β Each addon in values.yaml (enabled: true) creates: β β
β β β’ ArgoCD Application resource β β
β β β’ Points to: addon_charts/<addon_name>/ β β
β β β’ Deploys: Helm chart with values β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Deployed Addons β β
β β β β
β β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β β
β β β Cert-Manager β β Reloader β βCloudNative-PGβ β β
β β β (enabled) β β (enabled) β β (enabled) β β β
β β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β β
β β β β
β β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β
β β β More Addons (as enabled in values.yaml) β β β
β β β Metrics β’ Observability β’ Karpenter β’ etc. β β β
β β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
-
Infrastructure Deployment (
01-aks-tf):- Terraform deploys AKS cluster
- Installs ArgoCD, Crossplane, Vault
- Configures ArgoCD to watch this repository
-
GitOps Application (this repo):
- ArgoCD deploys the
base_chartHelm chart - Chart reads
values.yamlfor enabled addons - Creates ArgoCD Application for each enabled addon
- ArgoCD deploys the
-
Addon Deployment:
- Each Application points to
addon_charts/<addon_name>/ - Helm chart with dependencies deployed
- Continuous sync and self-healing
- Each Application points to
00-aks-baseline/
βββ README.md # This file
βββ docs/ # Documentation
β βββ README.md # Documentation index
β βββ setup/
β β βββ quickstart.md # Getting started
β βββ guides/
β β βββ adding-addons.md # How to add new addons
β β βββ enabling-addons.md # How to enable/disable addons
β βββ architecture/
β β βββ gitops-workflow.md # GitOps architecture details
β βββ reference/
β βββ addon-list.md # Complete addon reference
β βββ values-schema.md # values.yaml documentation
β
βββ base_chart/ # Main Helm chart (ArgoCD app-of-apps)
β βββ Chart.yaml # Chart metadata
β βββ values.yaml # Addon enable/disable configuration
β βββ templates/ # ArgoCD Application templates
β βββ 00-resources.yaml # Crossplane resources
β βββ 01-karpenter.yaml # Karpenter autoscaler
β βββ 02-metrics-server.yaml # Metrics server
β βββ 03-providers.yaml # Crossplane providers
β βββ 04-kube-state-metrics.yaml # Kube state metrics
β βββ 09-cert-manager.yaml # Certificate manager
β βββ 10-reloader.yaml # Config/Secret reloader
β βββ 14-cloudnative-pg.yaml # PostgreSQL operator
β βββ ... # Other addons
β
βββ addon_charts/ # Individual addon Helm charts
βββ cert-manager/ # Certificate management
β βββ Chart.yaml # Chart with upstream dependency
β βββ values.yaml # Custom values
βββ reloader/ # Automatic pod reloader
βββ cloudnative-pg/ # PostgreSQL operator
βββ karpenter/ # Cluster autoscaler
βββ metrics-server/ # Resource metrics
βββ kube-state-metrics/ # Cluster state metrics
βββ observability/ # Monitoring stack
βββ opentelemetry-operator/ # OpenTelemetry
βββ opentelemetry-collector/ # Telemetry collector
βββ providers/ # Crossplane providers
βββ providers-config/ # Provider configurations
βββ resources/ # Crossplane managed resources
βββ ... # Additional addons
| Addon | Purpose | Namespace |
|---|---|---|
| cert-manager | TLS certificate management | control-plane-system |
| reloader | Auto-reload pods on ConfigMap/Secret changes | control-plane-system |
| cloudnative-pg | PostgreSQL operator for databases | resources-system |
| Addon | Purpose | Namespace |
|---|---|---|
| resources | Crossplane managed Azure resources | resources-system |
| providers | Crossplane provider installations | resources-system |
| providers-config | Crossplane provider configurations | resources-system |
| karpenter | Kubernetes cluster autoscaler | karpenter |
| metrics-server | Core resource metrics | control-plane-system |
| kube-state-metrics | Kubernetes object metrics | control-plane-system |
| node-problem-detector | Node health monitoring | control-plane-system |
| opentelemetry-operator | OpenTelemetry operator | control-plane-system |
| opentelemetry-collector | Telemetry collection | control-plane-system |
| datadog-operator | Datadog monitoring | control-plane-system |
| cluster-secret | Secret replication | control-plane-system |
| kubecost | Cost monitoring | control-plane-system |
| observability | Full monitoring stack | control-plane-system |
| backup | Backup solutions | backup-system |
- Quickstart Guide - Deploy and configure addons
- Enabling Addons - How to enable/disable addons
- Adding New Addons - Add custom addons
- GitOps Workflow - Understanding the workflow
- Addon Reference - Complete addon details
- Values Schema - Configuration reference
-
Edit
base_chart/values.yaml:metrics_server: addon_name: metrics-server enabled: true # Change to true namespace: control-plane-system
-
Commit and push:
git add base_chart/values.yaml git commit -m "Enable metrics-server addon" git push -
ArgoCD auto-syncs within ~3 minutes (or sync manually)
# List all ArgoCD applications
kubectl get applications -n control-plane-system
# Check specific addon
kubectl get application cert-manager -n control-plane-system
# View addon resources
kubectl get all -n control-plane-system -l app.kubernetes.io/instance=cert-manager# URL
http://luciano-argocd.eastus.cloudapp.azure.com
# Username
admin
# Password
kubectl -n devops-system get secret argocd-initial-admin-secret \
-o jsonpath="{.data.password}" | base64 -d# Via kubectl
kubectl patch application cert-manager -n control-plane-system \
--type merge -p '{"operation":{"sync":{}}}'
# Via ArgoCD CLI
argocd app sync cert-managerEdit base_chart/values.yaml:
global:
control_plane:
namespace: control-plane-system # ArgoCD namespace
project: addons-project # ArgoCD project
repo: https://github.com/lurodrisilva/gitops # This repo
deployment:
limit: 5 # Retry limit
backoff:
duration: 240s # Initial backoff
factor: 2 # Backoff multiplier
maxDuration: 10m # Max backoff durationEach addon in values.yaml:
addon_name:
addon_name: <name> # Matches directory in addon_charts/
enabled: true/false # Enable/disable addon
namespace: <namespace> # Target namespace- 01-aks-tf - Infrastructure provisioning with Terraform
- Deploys AKS cluster
- Installs ArgoCD, Crossplane, Vault
- Configures Azure infrastructure
- Fork the repository
- Create a feature branch
- Make changes and test locally
- Submit a pull request
Note: This repository is designed to work with the infrastructure deployed by 01-aks-tf. Make sure the infrastructure is deployed first before using this GitOps repository.