Closed christianh814 closed 1 year ago
buffstyles
commented
1 year ago @christianh814 are you sure you have enabled this feature in the appset-controller settings? https://argo-cd.readthedocs.io/en/latest/operator-manual/applicationset/Progressive-Rollouts/#enabling-progressive-rollouts
christianh814
commented
1 year ago @buffstyles
Admittedly, I've forgotten this. But I did enable it to re-test
$ kubectl -n argocd exec -it argocd-applicationset-controller-5d55f55c44-8s4td -- env | grep PROG
ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_ROLLOUTS=trueHowever, the similar thing happens. All applications are created at once (why?)...although now nothing is syncing? It just stays as "missing" and "outofsync"
$ kubectl get applicationsets.argoproj.io -n argocd
NAME AGE
pricelist 8m5s
$ kubectl get applications.argoproj.io -n argocd
NAME SYNC STATUS HEALTH STATUS
pricelist-config OutOfSync Healthy
pricelist-db OutOfSync Missing
pricelist-frontend OutOfSync MissingInterestingly enough, my autosync is disabled?
$ kubectl export application pricelist-config -n argocd -o yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
labels:
pricelist-component: config
name: pricelist-config
namespace: argocd
spec:
destination:
namespace: pricelist
server: https://kubernetes.default.svc
project: default
source:
path: applicationsets/rollingsync/apps/pricelist-config
repoURL: https://github.com/christianh814/gitops-examples
targetRevision: main
syncPolicy:
retry:
backoff:
duration: 5s
factor: 2
maxDuration: 3m0s
limit: 5So in the doc, it seems it says
RollingSync will force all generated Applications to have autosync disabled.
Is there a way to change that? The fact that this is the default is disappointing. This should be configurable if it isn't.
logs
time="2023-01-12T20:26:32Z" level=info msg="Refreshing app status (spec.source differs), level (3)" application=argocd/pricelist-config
time="2023-01-12T20:26:32Z" level=info msg="Comparing app state (cluster: https://kubernetes.default.svc, namespace: pricelist)" application=argocd/pricelist-config
time="2023-01-12T20:26:32Z" level=info msg="Refreshing app status (spec.source differs), level (3)" application=argocd/pricelist-db
time="2023-01-12T20:26:32Z" level=info msg="Comparing app state (cluster: https://kubernetes.default.svc, namespace: pricelist)" application=argocd/pricelist-db
time="2023-01-12T20:26:32Z" level=info msg="Refreshing app status (spec.source differs), level (3)" application=argocd/pricelist-frontend
time="2023-01-12T20:26:32Z" level=info msg="Comparing app state (cluster: https://kubernetes.default.svc, namespace: pricelist)" application=argocd/pricelist-frontend
time="2023-01-12T20:26:33Z" level=info msg="getRepoObjs stats" application=argocd/pricelist-config build_options_ms=0 helm_ms=0 plugins_ms=0 repo_ms=0 time_ms=261 unmarshal_ms=261 version_ms=0
time="2023-01-12T20:26:33Z" level=info msg="Updated sync status: -> OutOfSync" application=pricelist-config dest-namespace=pricelist dest-server="https://kubernetes.default.svc" reason=ResourceUpdated type=Normal
time="2023-01-12T20:26:33Z" level=info msg="getRepoObjs stats" application=argocd/pricelist-db build_options_ms=0 helm_ms=0 plugins_ms=0 repo_ms=0 time_ms=259 unmarshal_ms=259 version_ms=0
time="2023-01-12T20:26:33Z" level=info msg="Updated health status: -> Healthy" application=pricelist-config dest-namespace=pricelist dest-server="https://kubernetes.default.svc" reason=ResourceUpdated type=Normal
time="2023-01-12T20:26:33Z" level=info msg="Updated sync status: -> OutOfSync" application=pricelist-db dest-namespace=pricelist dest-server="https://kubernetes.default.svc" reason=ResourceUpdated type=Normal
time="2023-01-12T20:26:33Z" level=info msg="Updated health status: -> Missing" application=pricelist-db dest-namespace=pricelist dest-server="https://kubernetes.default.svc" reason=ResourceUpdated type=Normal
time="2023-01-12T20:26:33Z" level=info msg="Update successful" application=argocd/pricelist-config
time="2023-01-12T20:26:33Z" level=info msg="Reconciliation completed" application=argocd/pricelist-config dedup_ms=0 dest-name= dest-namespace=pricelist dest-server="https://kubernetes.default.svc" diff_ms=0 fields.level=3 git_ms=261 health_ms=0 live_ms=0 settings_ms=0 sync_ms=0 time_ms=267
time="2023-01-12T20:26:33Z" level=info msg="getRepoObjs stats" application=argocd/pricelist-frontend build_options_ms=0 helm_ms=0 plugins_ms=0 repo_ms=0 time_ms=264 unmarshal_ms=264 version_ms=0
time="2023-01-12T20:26:33Z" level=info msg="Updated sync status: -> OutOfSync" application=pricelist-frontend dest-namespace=pricelist dest-server="https://kubernetes.default.svc" reason=ResourceUpdated type=Normal
time="2023-01-12T20:26:33Z" level=info msg="Update successful" application=argocd/pricelist-db
time="2023-01-12T20:26:33Z" level=info msg="Reconciliation completed" application=argocd/pricelist-db dedup_ms=0 dest-name= dest-namespace=pricelist dest-server="https://kubernetes.default.svc" diff_ms=1 fields.level=3 git_ms=259 health_ms=0 live_ms=0 settings_ms=0 sync_ms=0 time_ms=268
time="2023-01-12T20:26:33Z" level=info msg="Updated health status: -> Missing" application=pricelist-frontend dest-namespace=pricelist dest-server="https://kubernetes.default.svc" reason=ResourceUpdated type=Normal
time="2023-01-12T20:26:33Z" level=info msg="Update successful" application=argocd/pricelist-frontend
time="2023-01-12T20:26:33Z" level=info msg="Reconciliation completed" application=argocd/pricelist-frontend dedup_ms=0 dest-name= dest-namespace=pricelist dest-server="https://kubernetes.default.svc" diff_ms=0 fields.level=3 git_ms=264 health_ms=0 live_ms=0 settings_ms=0 sync_ms=0 time_ms=27
morey-tech
commented
1 year ago strategy is found in the spec would help address this recurring problem for users.Happy to take on the docs updates once confirmed.
crenshaw-dev
commented
1 year ago Am I correct in assuming that the initial creation of Applications from an ApplicationSet using the RollingSync strategy needs to be done manually and does not follow the strategy? If so, this should be mentioned in the docs.
I believe the appset controller should create the Applications all at once, but it should sync them according to the sync strategy.
christianh814
commented
1 year ago also tagging @wmgroot
christianh814
commented
1 year ago To recap
The first bullet point is the most pressing IMHO
wmgroot
commented
1 year ago To clarify, you can have syncPolicy.automated in your Application template spec, but it will be removed by the applicationset-controller when the Applications are generated since the applicationset-controller is handling the sync timing instead. I think updating the documentation to make this clear is a good idea.
In your example, I believe that the frontend Application should not begin syncing until the db Application has returned to Healthy after Progressing. I'll see if I can reproduce the issue using your example and some dummy pods.
wmgroot
commented
1 year ago The unexpected behavior is happening because the RollingSync strategy is selecting none of the generated Applications.
time="2023-01-13T23:31:15Z" level=info msg="ApplicationSet pricelist step list:"
time="2023-01-13T23:31:15Z" level=info msg="step 1: []"
time="2023-01-13T23:31:15Z" level=info msg="step 2: []"
time="2023-01-13T23:31:15Z" level=info msg="step 3: []"The matchExpressions rely on selecting the generated Applications by label in order to be compatible with all types of ApplicationSet generator.
Please try updating your matchExpression from
- matchExpressions:
- key: srv
operator: In
values:
- configto
- matchExpressions:
- key: pricelist-component
operator: In
values:
- configI'm adding some additional logging to make this more clear, such as including the step the Application belongs to in the status of the ApplicationSet.
christianh814
commented
1 year ago Ah okay...also the documentation could be clearer on this.
Cc @morey-tech
wmgroot
commented
1 year ago I can see that the docs are very ambiguous. I'll put in a PR to have logging and docs updated to make the examples clear on this expectation.
wmgroot
commented
1 year ago Opened https://github.com/argoproj/argo-cd/pull/12103 with a bugfix and updates to the documentation based on this issue.
crenshaw-dev
commented
1 year ago @christianh814 and @morey-tech do either of y'all feel comfortable giving the PR a first pass, or at least testing locally? I'm pretty busy with 2.6 bugfixes.
christianh814
commented
1 year ago @crenshaw-dev I'll have some time tomorrow (Jan 26th) to test it
kevinetore
commented
1 year ago @christianh814 @wmgroot I have 2 similar questions in regard to this issue:
Environment
Same as the initial issue described by Christian is happening on my side:
When I try to use this feature, it seems that the ApplicationSet Controller creates them all at once (instead of one at a time as my configuration suggests).
Applicationset
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: extensions
namespace: argocd
spec:
generators:
- git:
repoURL: git@github.com:kevinetore/my-git-repo.git
revision: HEAD
directories:
- path: core/*
- path: extensions/*
- path: extensions/camunda
exclude: true
- path: extensions/mongodb
exclude: true
strategy:
type: RollingSync
rollingSync:
steps:
- matchExpressions:
- key: type
operator: In
values:
- core
- matchExpressions:
- key: type
operator: In
values:
- extensions
template:
metadata:
name: '{{path.basename}}'
labels:
# This will either be "core" or "extensions". I've also verified this and I can see that the generated Application resource has the correct type/label.
type: '{{path[0]}}'
spec:
project: default
destination:
server: https://kubernetes.default.svc
namespace: '{{path.basename}}'
syncPolicy:
syncOptions:
- ServerSideApply=true
automated:
prune: true
selfHeal: true
ignoreDifferences:
- group: ""
kind: Service
name: longhorn-frontend
jsonPointers:
- /spec/ports/0/nodePort
sources:
- repoURL: git@github.com:kevinetore/my-git-repo.git
targetRevision: HEAD
path: '{{path}}'Progressive syncs enabled
kubectl -n argocd exec -it pod/argocd-applicationset-controller-7786cb7547-pvdcv -- env | grep SYNC
ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS=trueI can see that with the applicationset code mentioned above, the ApplicationSet Controller creates them all at once. Also, the Auto sync option seems to get disabled.
If needed I can create a new issue, but before I do I thought perhaps I'm missing something.
UPDATE 1
According to earlier comments, the applicationset controller should create all the Application resources simultaneously. My assumption there was incorrect.
Because the applicationset controller is now in control of when Application resources are being synced, the auto policy is, in fact, being removed. The reason for that is not yet fully clear to me, perhaps something which could be made customizable, or would it make no sense as to when to use progressive syncs or auto syncs for ArgoCD? When using progressive syncs, is there then no periodic reconciliation?
crenshaw-dev
commented
1 year ago The reason for that is not yet fully clear to me, perhaps something which could be made customizable, or would it make no sense as to when to use progressive syncs or auto syncs for ArgoCD?
If auto-sync were enabled, the argocd-application-controller would immediately sync all apps when any change is observed in the source repo. That would defeat the ordering mechanism provided by ApplicationSet. So when you enable Progressive Syncs, the argocd-applicationset-controller disables auto-sync and instead triggers syncs when appropriate, in the defined order.
When using progressive syncs, is there then no periodic reconciliation?
Periodic reconciliation still occurs. The argocd-application-controller notices a change in the source repo and marks the Application as out of sync. The argocd-applicationset-controller notices that the Application is out of sync and then follows the defined progressive sync order to bring that app back into sync.
wmgroot
commented
1 year ago I wonder if it would be more intuitive for the ProgressiveSync to respect the configuration of the automated field instead. If automated is present, it performs automatic ordered syncs. Otherwise, it does not.
The only gotcha with that approach is that automated.selfHeal wouldn't be respected because the applicationset-controller has no way to know if an OutOfSync state was caused by a git-side or k8s-api-side change.
crenshaw-dev
commented
1 year ago So only the Updates would be progressive, syncs would be automated? I think it makes sense.
selfHeal is a bummer... might have to consider a differently-placed field.
Checklist:
argocd version.Describe the bug
Trying out the new RollingSync alpha feature isn't working as expected.
When I try to use this feature, it seems that the ApplicationSet Controller creates them all at once (instead of one at a time as my configuration suggests)
To Reproduce
kubectl apply -f https://raw.githubusercontent.com/christianh814/gitops-examples/main/applicationsets/rollingsync/appset-rollingsync.yamlAn example of the config I used:
Expected behavior
I expected the ApplicationSet controller to create the Applications as needed/defined in the config. In my case, I expected the first Application to deploy and finish before the second one is even created, and so on.
Screenshots
All applications appeard all at once, instead of one at a time
Version
Logs
I see the following, which indicates every app being created at once.