Argo is a Cloud Native Computing Foundation (CNCF) project for building and managing continuous delivery workflows on Kubernetes. It consists of four open source projects:
- Argo CD—continuous delivery based on declarative configuration in a GitOps pattern, with full-featured UI.
- Argo Workflows—native workflow engine for Kubernetes that supports DAGs and step-based workflows.
- Argo Rollouts—supports progressive deployment strategies like canary and blue/green deployment in Kubernetes.
- Argo Events—event-based workflow automation framework for Kubernetes.
While these are the flagship products of the Argo Project, it includes several other projects such as Argo Autopilot, Argo Image Updater, and Argo ApplicationSet. We will cover these briefly later in this article.
Importance of the Argo Project
The Argo project was accepted to the Cloud Native Computing Foundation in 2020. Among the project’s users are Google, Tesla, NVIDIA, GitHub, Adobe, IBM, and Red Hat. Production use of Argo is growing rapidly, with the latest CNCF survey showing 115% year-over-year growth.
The Argo Project is taking a central role in the cloud native ecosystem:
- Argo had 757 authors in 2021, ranked 3rd of all CNCF projects including Kubernetes.
- More than 80% of Argo CD users use it in production and 66% have been in production for more than 6 months.
- Over 10% of Argo CD users run more than 500 applications, demonstrating the platform’s scalability.
- Argo’s achieved “adopt” status for DevSecOps in the 2021 CNCF Tech Radar Report, indicating its robust security capabilities.
- Argo projects have, collectively, over 20,000 GitHub stars.
- In the recent CNCF Survey, the Net Promoter Score (NPS) for Argo CD/Rollouts was 72, and 48 for Argo Workflows/Events, indicating users are highly satisfied with the platform.
Why is Argo CD an Enabling Technology for GitOps?
Argo CD, Argo’s continuous delivery tool, is considered by many in the industry to be an enabler for GitOps. In other words, Argo CD is making GitOps easier and more approachable for teams who want to adopt it.
GitOps is a paradigm that unifies best practices for application development workflows down to the operating infrastructure of the system. It has four basic principles:
- The system is described in a declarative manner
- System definitions are versioned and audited
- A software agent automatically matches Git state with deployment state
- State is reconciled on an ongoing basis between Git and the deployment platform (commonly Kubernetes)
How does Argo CD implement GitOps principles?
In GitOps deployments, Argo CD uses Kubernetes manifests to continuously monitor Git repositories, verify commits, proactively fetch changes from repositories, and synchronize them with cluster resources.
This synchronous reconciliation process continuously reconciles the state of the cluster configuration with the state described in Git, exactly in line with GitOps principles.
Why Argo CD solves the configuration drift problem
This continuous monitoring and synchronization solves a major problem of traditional deployments—configuration errors that occur when clusters are configured differently than expected, which commonly cause deployment failures. Argo avoids this “configuration drift”, and if it does happen, provides a deployment history that shows exactly when the changes was introduced, and makes it easy to roll back.
Advantages of GitOps with Argo
Using Argo CD provides all the advantages of GitOps, in a familiar Kubernetes environment. Argo enables an efficient workflow based on a Git repository, improved productivity with automated continuous delivery, and reduced deployment complexity. Most importantly, it doesn’t require teams to learn new tools or radically change their process.
Argo CD is the central element that lets you apply GitOps workflows to progressive delivery strategies such as canary and blue/green deployments. The Argo project aims to provide a better experience for Kubernetes developers while maintaining a familiar user experience for deployment objects, and easily applying all common deployment strategies.
Related content: Read our guide to Argo for Kubernetes
Argo Project Tools
GitHub Repo: https://github.com/argoproj/argo-cd
Application definitions, configurations, and environments must be declarative and versioned. Application deployment and lifecycle management should be automated, auditable and understandable. Argo CD can help with this challenge.
Argo CD is a continuous delivery (CD) tool native to Kubernetes. Unlike external CD tools that only support push-based deployment, Argo CD can pull updated code from a Git repository and deploy it directly to Kubernetes resources. This allows developers to manage infrastructure configuration and application updates from a single system.
Argo CD provides the following key features:
- Deploy applications manually or automatically to a Kubernetes cluster.
- Automatically synchronize application state with the current version of declarative configuration.
- Web user interface and command line interface (CLI).
- Ability to visualize deployment issues and detect and fix misconfigurations.
- Role-Based Access Control (RBAC) to support multi-cluster management.
- Single sign-on (SSO) with providers such as GitLab, GitHub, Microsoft, OAuth2, OIDC, LinkedIn, LDAP, SAML 2.0, and more
- Supports webhooks to trigger actions on GitLab, GitHub, and BitBucket.
GitHub Repo: https://github.com/argoproj/argo-workflows
Argo Workflows is a workflow automation solution designed from the ground up for containers, without the overhead and limitations of traditional VM and server-based environments. It runs on any Kubernetes cluster, regardless of cloud provider, and easily orchestrates parallelized tasks in Kubernetes.
Argo Workflows is an open source container-native workflow engine for orchestrating parallel tasks on Kubernetes. Argo Workflows a Kubernetes application that adds several Kubernetes CRDs to your environment.
Key features include:
- Defining workflows where each step in the workflow is a container.
- Modeling multi-step workflows as sets of actions or using graphs (DAGs) to capture dependencies between actions.
- Running compute-intensive tasks for machine learning and data processing in a short time.
- Running CI/CD pipelines natively on Kubernetes without configuring complex solutions.
GitHub Repo: https://github.com/argoproj/argo-rollouts
Kubernetes provides the default Deployment object, which supports a RollingUpdate deployment strategy. This provides basic safety guarantees based on readiness probes, but has many limitations. There is insufficient control over rollout speed, you cannot control flow of traffic between the current and new version, there is no ability to query external metrics to verify the update, and it is difficult to abort and rollback an update.
Argo Rollouts provides an alternative to rolling deployments, which are generally considered too risky for production deployments. It provides a set of Kubernetes controllers and CRDs that support advanced progressive deployment features such as blue/green deployments, canary deployments, and experiments.
Argo Rollouts can integrate with ingress controllers and service meshes and leverage traffic shaping features to incrementally switch traffic to new versions during updates. It can also query and interpret metrics from different providers to validate deployments and facilitate automatic upgrades or rollbacks.
GitHub Repo: https://github.com/argoproj/argo-events
In a Kubernetes environment, there is a need to manage dependencies from a variety of event sources, customize business-level constraint logic, and manage complex, multi-source dependencies of batch jobs. Argo Events provides a solution that is extensible, enabling custom event listeners and complying with CloudEvents.
Argo Events is an event-based dependency manager that lets you define dependencies on various event sources including webhook, S3, schedules, and streams, and trigger Kubernetes objects after event dependencies are resolved.
Argo Events is typically integrated with another system that can execute workflow steps. It works well with Argo Workflows, which lets you orchestrate parallel Kubernetes jobs, triggered by events from Argo Events.
5 Other Argo Projects You Should Know
GitHub Repo: https://github.com/argoproj-labs/argocd-autopilot
New users of GitOps and ArgoCD are unfamiliar with GitOps practices and might find it difficult to build repositories, add applications, promote applications across environments, and manage ArgoCD installations.
Argo CD Autopilot saves operators time by automating many of these processes. It can install and manage ArgoCD by itself, and provide a clear structure for how new applications should be added and updated, all from git. It creates a simple pattern for updating applications and promoting changes throughout your environment. Finally, it can help users bootstrap the cluster with previously installed applications, and handle secrets to prevent them from appearing in plaintext code within a Git repository.
Argo Image Updater
GitHub Repo: https://github.com/argoproj-labs/argocd-image-updater
Argo CD Image Updater can check for new versions of container images deployed on Kubernetes workloads and automatically update them to the latest allowed version using Argo CD. This can be achieved by setting application parameters in Argo CD applications. Image Updater can run on a Kubernetes cluster or be used standalone from the command line.
Key capabilities of Image Updater include:
- Updating images of applications managed from Argo CD created via Helm or Kustomize.
- Updating application images using multiple update strategies, including parallel updates.
- Support for all popular container registries and ability to configure private container registries.
- Ability to write changes back to Git
- Ability to filter images based on registry tags.
- Support for image-specific custom pull keys (using generic K8s keys, K8s pull keys, environment variables or external scripts)
GitHub Repo: https://github.com/argoproj/applicationset
The regular Argo CD application resource deploys resources from a single Git repository to a single target cluster/namespace. ApplicationSet provides more advanced functionality, letting you use template automation to create and modify multiple Argo CD applications at once.
ApplicationSet is a Kubernetes controller coupled with an ApplicationSet CRD. This controller/CRD enables automation and flexibility when managing Argo CD applications across multiple clusters, and enables self-service in multi-tenant Kubernetes clusters.
All this is managed by a single instance of the ApplicationSet custom resource, which eliminates the need for multiple ArgoCD application resources to target multiple clusters and repositories.
The ApplicationSet controller provides the following key features:
- Deploys ArgoCD application to multiple Kubernetes clusters at once.
- Deploying multiple ArgoCD applications from a single mono-repository.
- Enabling non-privileged cluster users to deploy Argo CD applications without the involvement of cluster administrators.
Argo CD Operator
GitHub Repo: https://github.com/argoproj-labs/argocd-operator
The Argo CD operator manages the entire lifecycle of Argo CD and its components. Its goal is to automate manual tasks involved in operating an Argo CD cluster, such as upgrades, backup and recovery processes, and installations. Another plus is that it can configure Prometheus and Grafana automatically to provide observability for an Argo CD environment.
The operator is currently in development and aims to provide the following features:
- Default settings that make it easier to configure and install Argo CD components.
- Seamless upgrades for Argo CD components.
- Ability to backup and restore Argo CD clusters.
- Ability to aggregate and publish Argo CD and operator metrics using Prometheus and Grafana.
- Auto-scaling for Argo CD components.
Argo Vault Plugin
GitHub Repo: https://github.com/argoproj-labs/argocd-vault-plugin
This plugin helps improve security when working with GitOps and Argo CD. It lets you utilize Hashicorp Vault or other secrets managers (such as IBM Cloud Secrets Manager or AWS Secrets Manager), without relying on operators or CRDs. This plugin can be used not only for secrets, but also for deployments, configMaps, or other Kubernetes resources that might contain sensitive information.
The argocd-vault-plugin searches a directory containing YAML or JSON files, looks for the <placeholder> pattern and injects secrets from the vault. You can use comments to specify an exact path the plug-in should use to look for secret values.
Codefresh: Software Delivery Built on Argo
Codefresh is built on the Argo project, but adds powerful features that can make it even more valuable for development teams. The following diagram illustrates how Codefresh enhances Argo with additional capabilities.
An important part of Codefresh is Argo Autopilot. This is an enterprise installer for Argo, which offers a streamlined installation experience for all Argo projects and also provides an opinionated way to upgrade and maintain Argo instances. Argo Autopilot was fully open sourced by Codefresh.
By design, Codefresh is fully compatible with all existing Argo installations. We use the Argo projects behind the scenes in their original form.
Therefore the Codefresh platform is appropriate for any kind of organization
- If you already use Argo, then there will be a natural migration path to Codefresh
- If you are not familiar with the Argo projects, you don’t need to become an expert on them. Codefresh will take care of all the implementation details for you and offer a single control plane for all the individual components with minimal effort on your part
Here is a summary of features Codefresh adds on top of Argo:
- Artifact storage and management (i.e. containers or binaries) to track all your digital assets
- Secret management and credentials rotation for secure access to external services
- Security gates and manual approvals for any enterprise workflows
- Source code compilation to cover the continuous integration part
- Project features and issue reporting so what you always know which feature is deployed where
- Environment promotions and release management for deployments with minimal downtime
- Insights and analytics to understand your development velocity and release trends
- Annotations and metadata so you can simply mark and track your digital assets across the whole software lifecycle
See how this looks in the Codefresh dashboard:
If you are trying to build an in-house CI/CD platform with just Argo Workflows, you will have to spend hundreds of hours to customize the generic workflow engine in order to create a pipeline component that can handle your basic tasks (code compilation, unit testing, security scans). Codefresh does this out of the box. It gives you a turn-key solution for running CI pipelines that are powered by Argo Workflows/Events under the hood.
The World's Most Modern CI/CD Platform
A next generation CI/CD platform designed for cloud-native applications, offering dynamic builds, progressive delivery, and much more.Check It Out