RamNode logo
    Sign UpLogin
    Back to Deployment Guides
    GitOps Platform

    ArgoCD

    Deploy declarative GitOps continuous delivery on RamNode VPS. Automate Kubernetes deployments using Git as the single source of truth.

    Ubuntu 22.04 / Debian 12
    K3s Kubernetes
    Auto-Sync

    What is ArgoCD?

    ArgoCD is a declarative, GitOps continuous delivery tool for Kubernetes that automates application deployment and lifecycle management. It uses Git repositories as the source of truth for defining the desired application state, continuously monitoring and syncing your cluster to match what's defined in Git.

    GitOps Native

    Git as single source of truth for deployments

    Auto-Sync

    Automatic deployment when Git changes detected

    Self-Healing

    Automatically reverts manual cluster changes

    1

    Prerequisites

    • A RamNode VPS with at least 2 CPU cores and 4GB RAM (8GB recommended)
    • Ubuntu 22.04 LTS or Debian 12
    • Root or sudo access
    • A domain name pointed to your VPS (optional for production)
    • Basic knowledge of Kubernetes, Docker, and Git
    • GitHub/GitLab account for storing application manifests
    2

    Initial Server Setup

    Update system packages
    sudo apt update && sudo apt upgrade -y
sudo apt install -y curl wget git vim apt-transport-https ca-certificates

    Configure firewall:

    Configure UFW firewall
    sudo ufw allow 22/tcp    # SSH
sudo ufw allow 6443/tcp  # Kubernetes API
sudo ufw allow 80/tcp    # HTTP
sudo ufw allow 443/tcp   # HTTPS
sudo ufw enable

    Disable swap (required for Kubernetes):

    Disable swap
    sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
    3

    Install Kubernetes with K3s

    K3s is a lightweight Kubernetes distribution perfect for VPS environments.

    Install K3s
    curl -sfL https://get.k3s.io | sh -s - --write-kubeconfig-mode 644

    Verify installation:

    Verify K3s
    # Check K3s service status
sudo systemctl status k3s

# Verify kubectl access
kubectl get nodes

    Configure kubectl access:

    Setup kubectl
    mkdir -p ~/.kube
sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
sudo chown $USER:$USER ~/.kube/config
export KUBECONFIG=~/.kube/config
echo 'export KUBECONFIG=~/.kube/config' >> ~/.bashrc

# Verify access
kubectl cluster-info
kubectl get namespaces
    4

    Install ArgoCD

    Create namespace and install ArgoCD
    # Create ArgoCD namespace
kubectl create namespace argocd

# Install ArgoCD using official manifest
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

    Wait for pods to be ready:

    Monitor deployment
    # Monitor pod status
kubectl get pods -n argocd -w

# Wait for all pods to be ready (2-5 minutes)
kubectl wait --for=condition=Ready pods --all -n argocd --timeout=300s

# Verify all components
kubectl get all -n argocd
    5

    Access ArgoCD UI

    Get initial admin password:

    Retrieve admin password
    kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d && echo

    Save this password securely - you'll need it to log in.

    Option A: Port Forwarding (Quick Access)

    Port forward for testing
    kubectl port-forward svc/argocd-server -n argocd 8080:443

    Access at: https://localhost:8080

    Option B: NodePort Service (Persistent Access)

    Expose via NodePort
    # Patch service to NodePort
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}'

# Get assigned NodePort
kubectl get svc argocd-server -n argocd -o jsonpath='{.spec.ports[0].nodePort}'

    Access at: https://YOUR_VPS_IP:NODEPORT

    Option C: Ingress with SSL (Production)

    argocd-ingress.yaml
    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: argocd-server-ingress
  namespace: argocd
  annotations:
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/router.tls: "true"
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
    cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
  rules:
  - host: argocd.yourdomain.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: argocd-server
            port:
              name: https
  tls:
  - hosts:
    - argocd.yourdomain.com
    secretName: argocd-server-tls
    Apply ingress
    kubectl apply -f argocd-ingress.yaml
    6

    Install ArgoCD CLI

    Install CLI
    curl -sSL -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
sudo chmod +x /usr/local/bin/argocd

# Verify installation
argocd version

    Login and configure:

    Login and change password
    # Login using admin password
argocd login localhost:8080 --username admin --password YOUR_ADMIN_PASSWORD --insecure

# Change admin password (recommended)
argocd account update-password

# Delete initial secret after password change
kubectl -n argocd delete secret argocd-initial-admin-secret
    7

    SSL with Let's Encrypt

    Install cert-manager
    # Install cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.3/cert-manager.yaml

# Wait for cert-manager pods
kubectl wait --for=condition=Ready pods --all -n cert-manager --timeout=300s

    Create ClusterIssuer:

    letsencrypt-prod-issuer.yaml
    apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: your-email@example.com
    privateKeySecretRef:
      name: letsencrypt-prod
    solvers:
    - http01:
        ingress:
          class: traefik
    Apply ClusterIssuer
    kubectl apply -f letsencrypt-prod-issuer.yaml
    8

    Deploy Your First Application

    Add repository and create app
    # Add sample repository
argocd repo add https://github.com/argoproj/argocd-example-apps.git

# Create application
argocd app create guestbook \
  --repo https://github.com/argoproj/argocd-example-apps.git \
  --path guestbook \
  --dest-server https://kubernetes.default.svc \
  --dest-namespace default

# Sync the application
argocd app sync guestbook

    Monitor deployment:

    Monitor and access
    # Check application status
argocd app get guestbook
kubectl get pods -n default -w

# Expose the guestbook
kubectl port-forward svc/guestbook-ui -n default 8081:80
# Access at: http://localhost:8081
    9

    GitOps Best Practices

    Recommended repository structure:

    Repository structure
    myapp/
├── base/
│   ├── deployment.yaml
│   ├── service.yaml
│   └── kustomization.yaml
├── overlays/
│   ├── dev/
│   │   └── kustomization.yaml
│   ├── staging/
│   │   └── kustomization.yaml
│   └── prod/
│       └── kustomization.yaml
└── README.md

    Enable auto-sync and self-healing:

    Configure auto-sync
    # Enable automatic sync
argocd app set guestbook --sync-policy automated

# Enable auto-pruning
argocd app set guestbook --auto-prune

# Enable self-healing
argocd app set guestbook --self-heal

    Configure webhooks:

    Set up webhooks in your Git provider to trigger instant syncs:

    Webhook URL
    https://argocd.yourdomain.com/api/webhook

Settings:
- Content type: application/json
- Events: Push events
- SSL verification: Enable
    10

    Performance Optimization

    Optimize ArgoCD for VPS environments:

    Reduce resource consumption
    # Edit deployments to adjust resource limits
kubectl edit deployment argocd-server -n argocd
kubectl edit deployment argocd-repo-server -n argocd
kubectl edit deployment argocd-application-controller -n argocd

# Recommended resource limits:
resources:
  limits:
    cpu: 500m
    memory: 512Mi
  requests:
    cpu: 250m
    memory: 256Mi

    Expected performance on RamNode VPS:

    VPS TierApplicationsSync TimeResource Usage
    2GB RAM1-5Fast60-70%
    4GB RAM5-15Fast40-50%
    8GB RAM15-50Very Fast25-35%
    11

    Backup and Disaster Recovery

    Backup ArgoCD configuration
    # Export all ArgoCD applications
kubectl get applications -n argocd -o yaml > argocd-apps-backup.yaml

# Backup all resources in argocd namespace
kubectl get all,secret,configmap -n argocd -o yaml > argocd-full-backup.yaml

    Automated backups via cron:

    Setup automated backups
    crontab -e

# Add daily backup at 2 AM
0 2 * * * kubectl get applications -n argocd -o yaml > /backup/argocd-apps-$(date +\%Y\%m\%d).yaml

    Restore from backup:

    Restore applications
    kubectl apply -f argocd-apps-backup.yaml
    12

    Security Hardening

    Configure RBAC:

    argocd-rbac-cm.yaml
    apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-rbac-cm
  namespace: argocd
data:
  policy.default: role:readonly
  policy.csv: |
    p, role:developers, applications, get, */*, allow
    p, role:developers, applications, sync, */*, allow
    g, developer-team, role:developers
    Apply RBAC
    kubectl apply -f argocd-rbac-cm.yaml

    Enable SSO with GitHub:

    Configure SSO
    # Edit argocd-cm configmap
kubectl edit configmap argocd-cm -n argocd

# Add for GitHub:
data:
  url: https://argocd.yourdomain.com
  dex.config: |
    connectors:
    - type: github
      id: github
      name: GitHub
      config:
        clientID: YOUR_GITHUB_OAUTH_CLIENT_ID
        clientSecret: YOUR_GITHUB_OAUTH_CLIENT_SECRET
        orgs:
        - name: your-github-org
    13

    Monitoring and Observability

    Access Prometheus metrics
    # Check metrics service
kubectl get svc -n argocd | grep metrics

# Port forward to access metrics
kubectl port-forward svc/argocd-metrics -n argocd 8082:8082

# View at: http://localhost:8082/metrics

    Configure Slack notifications:

    Install notifications
    kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj-labs/argocd-notifications/stable/manifests/install.yaml

kubectl edit configmap argocd-notifications-cm -n argocd
    Notification configuration
    data:
  service.slack: |
    token: YOUR_SLACK_BOT_TOKEN
  template.app-deployed: |
    message: Application {{.app.metadata.name}} is now running.
  trigger.on-deployed: |
    - when: app.status.operationState.phase in ['Succeeded']
      send: [app-deployed]

    Troubleshooting

    Pods Stuck in Pending State

    Diagnose resource issues
    # Check node resources
kubectl describe nodes

# View pod events
kubectl describe pod POD_NAME -n argocd

    Application Sync Fails

    Debug sync issues
    # Check application status
argocd app get APP_NAME

# View detailed logs
kubectl logs -n argocd deployment/argocd-application-controller

    Out of Memory Errors

    Check memory usage
    free -h
kubectl top nodes
kubectl top pods -n argocd

    Useful Commands

    ArgoCD command reference
    # Application Management
argocd app list
argocd app get APP_NAME
argocd app sync APP_NAME
argocd app delete APP_NAME

# Repository Management
argocd repo list
argocd repo add REPO_URL

# Cluster Management
argocd cluster list
argocd cluster add CONTEXT_NAME

# Check Health & Rollback
argocd app wait APP_NAME --health
argocd app rollback APP_NAME REVISION

    Next Steps

    • Multi-Cluster Management - Manage multiple Kubernetes clusters
    • ApplicationSets - Deploy across multiple clusters automatically
    • Progressive Delivery - Implement canary and blue-green deployments
    • Image Updater - Automatically update container images in Git
    Official DocumentationGitHub Repository