argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes

https://argo-cd.readthedocs.io

Apache License 2.0

16.67k stars 5.05k forks source link

Cluster-API cluster auto-registration #9033

Open dmolik opened 2 years ago

dmolik commented 2 years ago

Summary

A new controller that listens for new Cluster-API clusters ( https://pkg.go.dev/sigs.k8s.io/cluster-api@v1.1.3/api/v1beta1#Cluster ) and once a writable status is given, registers the cluster with a new secret IE: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters

Motivation

Auto-Bootstrapping clusters, IE: create a cluster-api cluster via an argo application, then target it via an applicationset cluster generator with labels.

Proposal

New controller to massage the cluster-api generated kubeconfig secret into an argocd cluster secret. the added benefit of a controller also deletes clusters from argocd as they are torn down.

Similar Proposal

https://github.com/argoproj/argo-cd/issues/9007

dmolik commented 2 years ago

I've been working on a PoC, it's technically functional: https://github.com/dmolik/argocd-cluster-register

rishabh625 commented 2 years ago

@dmolik : introducing new controller is a big change and should require to follow process, once accepted can be worked on so that effort doesn't get waste

dmolik commented 2 years ago

@rishabh625 I understand the sentiment, and the concern around wasted effort. However, in all likelihood I was going to write a PoC either way. I felt it was, at the very least, a worth while investment, and solved problems I see myself and others facing in the near future. In addition, I have some down time at the moment.

dntosas commented 2 years ago

Hey team!

I have also implemented an operator that automates this process and converts CAPI cluster into Argo definitions which is already part of many production environments.

You can check in here --> https://github.com/dntosas/capi2argo-cluster-operator

ron1 commented 2 years ago

Another implementation is available here --> https://github.com/a1tan/argocdsecretsynchronizer

willemm commented 1 year ago

I'm not really sure why there would be a need for a separate controller, all you need is for ArgoCD to recognize kubeconfig secrets from CAPI and use them as target clusters. All the information is there already, and the format of the secret is quite comparable (as shown by the simplicity of all the controllers and even the kyverno policy presented in this discussion).

lknite commented 10 months ago

I've also reinvented this wheel: https://github.com/lknite/daytwo

It's currently written in c#/.net but I'm planning to rewrite in go and see if I can get it accepted as a feature enhancement. So, feel free to submit any feature enhancement requests and I'll see what I can do.

argocd-register-controller supports multiple clusterapi servers
also, an argocd-labels-controller to copy labels from capi provider resources to argocd cluster secrets
also, an argocd-pinniped-controller to generate pinniped kubeconfig files from argocd cluster secrets

oblazek commented 3 months ago

all you need is for ArgoCD to recognize kubeconfig secrets from CAPI and use them as target clusters

Seems to me this is the best way to go. Is there any plan to implement this ?