Manually deploying applications at scale especially across distributed edge sites can be time consuming, prone to manual error and difficult to standardize. Traditional automation tools like Terraform or Ansible help reduce manual effort. However, they often require coordinating updates in batches, scheduling change windows, and managing state from a central location. GitOps with VCF Edge takes it a step further. By using Git as the single source of truth and continuously syncing changes through a declarative pipeline, you gain real-time, version-controlled, and decentralized deployments.
This is especially powerful in distributed edge environments, where pushing frequent, granular changes reliably and consistently is otherwise a major challenge.
In my previous blog, we discussed how you can deploy a single host edge site using VMware Cloud Foundation (VCF) 9.0 to support both VM and container workloads on the same platform. Today, we’re going to take this a step further. We will discuss how you can take advantage of the recently released Argo CD operator supervisor service to deploy applications (both VMs and containers) via GitOps to those edge locations.
GitOps Workflow with Argo CD on VCF 9.0 for Edge
At its core, GitOps leverages a Git repository as the single source of truth for application configurations. Argo CD, a declarative GitOps continuous delivery tool, automates the deployment and synchronization of applications to the cluster based on changes in the Git repository.
For VCF 9.0, this translates to:
- Centralized Git Repository: You store all desired states for your VM and container applications, including their configurations, in a Git repository. This repository acts as the central control plane for all your distributed edge sites.
- Argo CD Operator Deployment: You deploy the newly released Argo CD operator at each edge site on your VCF instance, on top of the locally running supervisor. This operator simplifies the installation and management of Argo CD within your edge environment.
- Application Synchronization: Argo CD continuously monitors the Git repository for any changes. When it detects a change, such as a new application version or a configuration update, it automatically pulls the corresponding manifests and applies them to the local edge cluster.This ensures that the applications running on your edge sites always match the desired state defined in Git.
- Drift Detection and Remediation: Argo CD also provides robust drift detection capabilities. If someone makes any manual changes to the applications on the edge sites, Argo CD detects the deviation from the desired state defined in Git. It can then automatically remediate the change by reverting to the Git-defined configuration or alert you to the discrepancy.
- Rollback Capabilities: Since Git maintains a complete history of all changes, rolling back to a previous application version or configuration is as simple as reverting a commit in Git. Argo CD will then automatically synchronize the edge sites to the desired previous state.
Getting Started
To begin leveraging GitOps with Argo CD on your VCF 9.0 for Edge deployments, you will need to:
Ensure VCF 9.0 Deployment
Confirm that you have deployed your single-host or multi-host edge sites with supervisor enabled (required if deploying containers) using VCF 9.0 as discussed in my previous blog. You will also need to upgrade supervisor using the async patch release 9.0.0.0100 to deploy the Argo CD operator.
Install the Argo CD Operator
- Download the Argo CD Operator and Argo CLI from the Broadcom Support Portal.
- Login to your vCenter and navigate to Supervisor Management > Services. Click on Add a New Service
- Click on Upload.
- Select the Argo CD operator file and click on Finish.
- The Argo CD service gets added successfully.
- Click on Actions > Manage Service within the ArgoCD Service tile. Select the edge site supervisor and click on Next and Finish (leave the YAML Service Config section as is). Notice the Argo CD service is configured successfully on the edge site supervisor.
- Navigate back to the Inventory tab in vCenter and notice the Argo CD service controller manager is deployed.
We’ve already created a namespace called argocd where we will deploy our applications. We’ve assigned the VM classes to the namespace and assigned a storage policy as well. We have also deployed the Local Consumption Interface (LCI) supervisor service to view the VM service and VKS clusters deployed within a namespace.
As you can see, we have set up a VKS cluster on the edge site as well to deploy container-based applications. We can set up the VKS cluster dynamically using Argo CD as well. However, our focus in this blog is on application deployment. Hence, we’ve set up the VKS cluster before-hand to keep the workflow short.
We have created a content library on the vCenter to store our VM application OVA file. Although this example places the content library centrally, a local vCenter at the edge location allows for an alternative setup. In this scenario, administrators can create a primary content library at the central data center, and configure the edge site to subscribe to it through a local content library. This setup pulls any changes either immediately or as needed, based on configuration settings, ensuring that the edge site has local copies of the images available.
In this example, the container images are coming from the internet. However, you can set up a local Harbor repository at the edge site as well to ensure container images are available locally.
Deploy an Argo CD Instance
Now let’s deploy our Argo CD instance to the argocd namespace using the Broadcom documentation. For this, we will need to access the supervisor via CLI. For this, download the VCF CLI package from the link shown below and set it up.
Run the following commands to access the argocd namespace:
We will now deploy the Argo CD instance:
|
1 2 3 4 5 6 7 8 9 |
PS /root/argocd-9 > cat ./argocd-deployment.yaml apiVersion: argocd-service.vsphere.vmware.com/v1alpha1 kind: ArgoCD metadata: name: argocd-1 namespace: argocd spec: version: 2.14.13+vmware.1-vks.1 |
Notice Argo CD is deployed successfully.
We can now navigate to the web browser and see that Argo CD instance is up and running:
Install Argo CD CLI and add Clusters
Install the Argo CD CLI that you downloaded from the Broadcom Support Portal and run the command:
|
1 2 3 4 5 6 |
PS /root/argocd-9 > argocd login 10.1.8.207 WARNING: server certificate had error: tls: failed to verify certificate: x509: cannot validate certificate for 10.1.8.207 because it doesn't contain any IP SANs. Proceed insecurely (y/n)? y Username: admin Password: 'admin:login' logged in successfully Context '10.1.8.207' updated |
Now we add the supervisor and VKS cluster to Argo CD:
We can validate the clusters in Argo CD by navigating to the Argo CD UI > Settings > Clusters page.
Set up Your Git Repository
Create a Git repository (e.g., on GitHub, GitLab, Bitbucket etc.) to host your application manifests (VM Service, Kubernetes pod definitions, VKS cluster definition files etc.). In this demo, we’re using a local git repository set up using Gitea, however you can find the sample code used in this GitHub repository as well. The folder structure for the git repository is as follows:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
. ├── apps │ ├── container-app │ │ ├── deployment.yaml │ │ └── service.yaml │ └── vm-app │ └── ubuntu-vm.yaml ├── child-apps │ ├── container-application.yaml │ └── vm-application.yaml ├── parent │ └── application.yaml └── README.md 6 directories, 7 file |
The parent directory contains the main application.yaml file that creates the application on Argo CD. This parent application points to the apps/child-apps folder which contains VM and container Argo CD application definition files. These child applications, in-turn, point to the apps/vm-app and apps/container-app folders, which contain the actual VM and container definition files.
In this case, we’re using a git repository that is public. If you are using a private repository, then you will also need to add the git repository to Argo CD by following this documentation. You will need to navigate to Settings > Repositories on the Argo CD UI.
Click on Connect Repo.
Provide the git repository details and connect.
Configure Argo CD Applications
In this example, we are deploying three applications in Argo CD. The first is the parent-app, which creates two child applications: vm-app and container-app. The vm-app deploys an Ubuntu VM, while the container-app deploys an NGINX pod and service on the existing VKS cluster. This structure allows you to organize applications into separate folders and link each one back to the parent application, which targets the Supervisor.
We deploy the parent application.yaml file in the argocd namespace:
The parent application is visible in the Argo CD UI. The parent application in turn creates the child applications and the YAML definition files from the git repository are pulled and deployed on the supervisor for the VM service and VKS cluster for the kubernetes pod.
We can see that the VM gets created:
Both the VM and container applications get deployed:
Nginx pod:
Ubuntu VM:
Conclusion
We saw how you can leverage GitOps with VCF 9.0 for Edge using Argo CD. A single Git repository can serve as the source of truth for deploying applications to one edge site. You can use the same repository to scale across thousands of edge sites. At each site, the local Argo CD instance polls the Git repository for changes and ensures that the applications are always up to date.
The integration of GitOps with Argo CD on VCF 9.0 revolutionizes how applications are delivered and managed at the edge. By embracing a declarative, Git-centric approach, organizations can achieve unparalleled levels of automation, consistency, and reliability for their distributed edge deployments. This not only streamlines operations but also enables faster innovation and business growth at the intelligent edge.
Resources:
