...
Create a Secret Token (manually)
Create a ServiceAccount
| Code Block |
|---|
| language | shell |
|---|
| title | Shell Command |
|---|
|
kubectl create serviceaccount dashboard-sa -n kubernetes-dashboard |
Bind It to the Cluster Role (e.g. cluster-admin)
| Code Block |
|---|
| language | shell |
|---|
| title | Shell Command |
|---|
|
kubectl create clusterrolebinding dashboard-sa-admin --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:dashboard-sa |
...
| Code Block |
|---|
| language | shell |
|---|
| title | Shell Command |
|---|
|
kubectl -n kubernetes-dashboard describe secret dashboard-sa-token |
...
Install Argo CD
Install Argo CD in the argocd namespace:
| Code Block |
|---|
| language | shell |
|---|
| title | Shell Command |
|---|
|
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml |
Expose Argo CD with an Ingress
🔹 Ingress with NGINX
Create a file argocd-ingress.yaml:
prepare argocd_ingress.yaml
| Code Block |
|---|
| language | yaml |
|---|
| title | argocd_ingress.yaml |
|---|
|
# argocd-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-server-ingress
namespace: argocd
annotations:
nginx.ingress.kubernetes.io/backend-protocolingress.class: "HTTPSnginx"
nginx.ingress.kubernetes.io/sslbackend-passthroughprotocol: "trueHTTPS"
nginx.ingress.kubernetescert-manager.io/sslcluster-redirectissuer: "true"letsencrypt-prod" # Optional: if using TLS
spec:
rules:
- host: argocd.da # 🔁 Replace with your DNS name
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: argocd-server
port:
number: 443
tls:
- hosts:
- argocd.da
secretName: argocd-tls # Auto-created by cert-manager if using TLS |
Apply it:
| Code Block |
|---|
|
kubectl apply -f argocd-ingress.yaml
|
Create a Permanent Token for Login
🔹 1. Create a ServiceAccount
| Code Block |
|---|
|
kubectl -n argocd create namespaceserviceaccount argocd-admin-sa
kubectl apply |
Bind It to Argo CD Admin Role
| Code Block |
|---|
|
kubectl -n argocd create rolebinding argocd-admin-rb --role=admin --serviceaccount=argocd:argocd-admin-sa
|
Create a Secret-based Token
Create this file: argocd-token.yaml
| Code Block |
|---|
| language | yaml |
|---|
| title | manifest |
|---|
|
apiVersion: v1
kind: Secret
metadata:
name: argocd-admin-token
namespace: argocd
annotations:
kubernetes.io/service-account.name: argocd-admin-sa
type: kubernetes.io/service-account-token |
Apply it:
| Code Block |
|---|
|
kubectl apply -f argocd-token.yaml
|
Wait & Retrieve the Token
It may take a few seconds for Kubernetes to populate the token. Then:
| Code Block |
|---|
| language | shell |
|---|
| title | Shell Command |
|---|
|
kubectl -n argocd describe secret argocd-admin-token-f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
### wait
kubectl get pod -n argocd -w
kubectl apply -f argocd_ingress.yaml
local_path storage class:
kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml
|