App-of-Apps e Multi-Cluster
Aula 4 de 5
App-of-Apps Pattern
O padrão App-of-Apps gerencia múltiplas aplicações ArgoCD a partir de uma única Application raiz.
# root-app.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: root
namespace: argocd
spec:
project: default
source:
repoURL: https://github.com/org/infra.git
path: argocd/apps
directory:
recurse: true
destination:
server: https://kubernetes.default.svc
namespace: argocd
syncPolicy:
automated:
prune: true
selfHeal: true
# argocd/apps/ingress.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: ingress-nginx
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: https://github.com/org/infra.git
path: charts/ingress-nginx
helm:
values: |
controller:
replicaCount: 3
destination:
server: https://kubernetes.default.svc
namespace: ingress
syncPolicy:
automated: {}
# argocd/apps/monitoring.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: kube-prometheus
namespace: argocd
spec:
project: monitoring
source:
repoURL: https://prometheus-community.github.io/helm-charts
chart: kube-prometheus-stack
targetRevision: 56.0.0
helm:
values: |
grafana:
adminPassword: admin
destination:
server: https://kubernetes.default.svc
namespace: monitoring
Vantagens
- Declarativo: adicionar/remover apps = git commit
- Orquestração: hooks, sync waves, dependências
- Visibilidade: dashboard mostra todas as apps
- RBAC: projects isolam por app
Sync Waves — Ordem de Deploy
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: database
annotations:
argocd.argoproj.io/sync-wave: "0"
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: backend
annotations:
argocd.argoproj.io/sync-wave: "1"
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: frontend
annotations:
argocd.argoproj.io/sync-wave: "2"
Multi-Cluster
# Adicionar cluster externo
argocd cluster add context-name \
--name prod-us-east \
--label environment=prod \
--label region=us-east-1
argocd cluster list
# Kubeconfig de outro cluster
argocd cluster add minikube --name dev-local
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: app-prod
spec:
project: default
source:
repoURL: https://github.com/org/app.git
path: overlays/prod
destination:
name: prod-us-east # nome do cluster registrado
namespace: app
server: https://192.168.1.100:6443 # ou URL direta
---
# Destination com cluster selector
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: app-all-prod
spec:
destination:
name: in-cluster
ignoreDifferences:
- group: apps
kind: Deployment
jsonPointers:
- /spec/replicas
---
Cluster Secrets
apiVersion: v1
kind: Secret
metadata:
name: prod-cluster
namespace: argocd
labels:
argocd.argoproj.io/secret-type: cluster
type: Opaque
stringData:
name: prod-us-east
server: https://192.168.1.100:6443
config: |
{
"bearerToken": "...",
"tlsClientConfig": {
"insecure": false,
"caData": "..."
}
}
ApplicationSets — Templates Paramétricos
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: multi-env
spec:
generators:
- list:
elements:
- cluster: dev
url: https://192.168.1.10:6443
- cluster: staging
url: https://192.168.1.20:6443
- cluster: prod
url: https://192.168.1.30:6443
template:
metadata:
name: '{{cluster}}-app'
spec:
project: default
source:
repoURL: https://github.com/org/app.git
targetRevision: HEAD
path: 'overlays/{{cluster}}'
destination:
server: '{{url}}'
namespace: 'app-{{cluster}}'
syncPolicy:
automated: {}
argocd appset list
argocd appset get multi-env
App-of-Apps = app raiz que gerencia apps filhas. Sync Waves controlam ordem (banco → backend → frontend). ApplicationSets geram apps parametrizadas para múltiplos clusters/ambientes.