Skip to main content

Overview

ArgoCD is a declarative, GitOps continuous delivery tool for Kubernetes. It monitors your Git repository and automatically synchronizes your desired application state with your cluster.

What is GitOps?

GitOps uses Git repositories as the single source of truth for declarative infrastructure and applications. Benefits include:

Version Control

All changes are tracked in Git with full audit history

Automated Deployment

Changes are automatically deployed when merged

Easy Rollbacks

Revert to any previous state with Git

Declarative Config

Define desired state, ArgoCD ensures it matches

Prerequisites

  • A running Kubernetes cluster (GKE, Kind, or other)
  • kubectl configured to access your cluster
  • A Git repository with your Kubernetes manifests

Installation

1. Create ArgoCD Namespace

Create a dedicated namespace for ArgoCD: 
kubectl create namespace argocd

2. Install ArgoCD

Apply the official ArgoCD manifests: 
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
This installs:
  • ArgoCD API server
  • Repository server
  • Application controller
  • UI server
  • Redis for caching

3. Verify Installation

Wait for all pods to be ready: 
kubectl get pods -n argocd
Expected output: 
NAME                                  READY   STATUS    RESTARTS   AGE
argocd-application-controller-0       1/1     Running   0          2m
argocd-dex-server-5dd8fcc5bc-xxxxx    1/1     Running   0          2m
argocd-redis-74cb89f466-xxxxx         1/1     Running   0          2m
argocd-repo-server-6c9d77f5c4-xxxxx   1/1     Running   0          2m
argocd-server-7f5d8c9b8d-xxxxx        1/1     Running   0          2m

Accessing ArgoCD UI

Method 1: Port Forwarding (Quick Access)

Forward the ArgoCD server port to your local machine: 
kubectl port-forward svc/argocd-server -n argocd 8080:443
The UI will be available at https://localhost:8080. Your browser will warn about the self-signed certificate - this is expected for local access.
Access the UI:
  • URL: https://localhost:8080
  • Username: admin
  • Password: Retrieved in the next step

Method 2: LoadBalancer (Production)

For production environments, expose via LoadBalancer: 
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'
Get the external IP: 
kubectl get svc argocd-server -n argocd

Get Initial Admin Password

Retrieve the auto-generated admin password: 
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo
Security Best Practice: Change the admin password immediately after first login and delete the initial secret:
kubectl -n argocd delete secret argocd-initial-admin-secret
Login to the UI and navigate to User Info → Update Password.

Creating Your First Application

  1. Open ArgoCD UI at https://localhost:8080
  2. Click ”+ NEW APP” in the top left
  3. Configure Application Settings: General:
    • Application Name: exchange-app
    • Project: default
    • Sync Policy: Automated (recommended)
    Source:
    • Repository URL: Your Git repository (e.g., https://github.com/jogeshwar01/exchange)
    • Revision: main or master
    • Path: . (or subdirectory containing manifests)
    Destination:
    • Cluster URL: https://kubernetes.default.svc (in-cluster)
    • Namespace: default (or your target namespace)
    Directory:
    • Check “Recurse” to include subdirectories
  4. Click CREATE
ArgoCD Application Creation

Via CLI

Install the ArgoCD CLI: 
# macOS
brew install argocd

# Linux
curl -sSL -o argocd-linux-amd64 https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
sudo install -m 555 argocd-linux-amd64 /usr/local/bin/argocd
Login via CLI: 
argocd login localhost:8080
Create an application: 
argocd app create exchange-app \
  --repo https://github.com/jogeshwar01/exchange \
  --path . \
  --dest-server https://kubernetes.default.svc \
  --dest-namespace default \
  --sync-policy automated \
  --auto-prune \
  --self-heal

Via Manifest (GitOps Way)

Create an Application manifest:
application.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: exchange-app
  namespace: argocd
spec:
  project: default
  source:
    repoURL: https://github.com/jogeshwar01/exchange
    targetRevision: main
    path: .
    directory:
      recurse: true
  destination:
    server: https://kubernetes.default.svc
    namespace: default
  syncPolicy:
    automated:
      prune: true    # Delete resources not in Git
      selfHeal: true # Automatically sync on drift
      allowEmpty: false
    syncOptions:
    - CreateNamespace=true
    retry:
      limit: 5
      backoff:
        duration: 5s
        factor: 2
        maxDuration: 3m
Apply the application: 
kubectl apply -f application.yaml

Understanding Sync Policies

Manual Sync

Requires explicit sync trigger: 
syncPolicy: {}  # Empty means manual

Automated Sync

Automatically syncs on Git changes: 
syncPolicy:
  automated:
    prune: true      # Delete resources removed from Git
    selfHeal: true   # Fix drift when someone kubectl applies directly
Recommended for Production:
  • Use automated with selfHeal: true to maintain desired state
  • Enable prune: true to remove orphaned resources
  • Set up notifications for sync failures

ArgoCD Dashboard

The ArgoCD UI provides powerful visualization:
ArgoCD Dashboard Overview

Application Health

  • Healthy: All resources are running as expected
  • Progressing: Deployment in progress
  • Degraded: Some resources failed
  • Missing: Resources not found in cluster

Sync Status

  • Synced: Cluster state matches Git
  • OutOfSync: Drift detected
  • Unknown: Unable to determine state
ArgoCD Sync Status

Resource View

ArgoCD Resource Tree
The resource tree shows:
  • Dependency relationships
  • Resource health status
  • Live manifests vs. desired state

Diff View

ArgoCD Diff View
Compare Git manifests with live cluster state to identify drift.

Managing Applications

Sync an Application

Manually trigger a sync: 
argocd app sync exchange-app
Sync with prune: 
argocd app sync exchange-app --prune

View Application Details

argocd app get exchange-app

View Application Logs

argocd app logs exchange-app

Rollback

Rollback to a previous sync: 
argocd app rollback exchange-app
List history: 
argocd app history exchange-app

Delete Application

Delete from ArgoCD (doesn’t delete resources): 
argocd app delete exchange-app
Delete including all resources: 
argocd app delete exchange-app --cascade

Debugging

Check Application Controller Logs

View controller logs for sync issues: 
kubectl logs -n argocd deployment/argocd-application-controller
Follow logs in real-time: 
kubectl logs -n argocd deployment/argocd-application-controller -f

Check Repository Server Logs

For Git connection issues: 
kubectl logs -n argocd deployment/argocd-repo-server

Common Issues

Application stuck in “OutOfSync”: 
# View diff
argocd app diff exchange-app

# Force sync
argocd app sync exchange-app --force
Repository connection failed: 
# Test repository connection
argocd repo list

# Re-add repository
argocd repo add https://github.com/jogeshwar01/exchange --username <user> --password <token>
Sync timeout: Increase timeout in application spec: 
spec:
  syncPolicy:
    syncOptions:
    - Timeout=300s  # 5 minutes

Private Repositories

HTTPS with Token

argocd repo add https://github.com/your-org/private-repo \
  --username git \
  --password ghp_yourGitHubPersonalAccessToken

SSH Key

Generate SSH key: 
ssh-keygen -t ed25519 -C "[email protected]"
Add to ArgoCD: 
argocd repo add [email protected]:your-org/private-repo.git \
  --ssh-private-key-path ~/.ssh/id_ed25519

Multi-Cluster Management

Add external clusters: 
# List contexts
kubectl config get-contexts

# Add cluster
argocd cluster add gke_project_us-central1-a_prod-cluster
Deploy to different cluster: 
spec:
  destination:
    server: https://prod-cluster-endpoint
    namespace: production

Helm Chart Support

Deploy Helm charts: 
spec:
  source:
    repoURL: https://charts.example.com
    chart: my-app
    targetRevision: 1.0.0
    helm:
      values: |
        replicaCount: 3
        image:
          tag: v1.2.3

Kustomize Support

Use Kustomize overlays: 
spec:
  source:
    path: overlays/production
    kustomize:
      images:
      - jogeshwar01/exchange:v1.2.3

Notifications

Set up Slack notifications for sync events: 
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj-labs/argocd-notifications/stable/manifests/install.yaml
Configure Slack webhook in argocd-notifications-secret.

Best Practices

Production GitOps Guidelines:
  • Store all manifests in Git - never kubectl apply directly in production
  • Use separate repositories or branches for different environments
  • Enable automated sync with self-heal for production
  • Set up notifications for sync failures
  • Use ArgoCD Projects to enforce RBAC and policies
  • Regularly backup ArgoCD configuration
  • Use sealed secrets for sensitive data in Git
Performance Tips:
  • Use resource exclusions for frequently changing resources
  • Enable compression for large repositories
  • Configure webhook integrations for faster sync
  • Use application sets for managing many similar applications

Backup and Recovery

Backup ArgoCD Configuration

# Export all applications
argocd app list -o yaml > argocd-apps-backup.yaml

# Export all repositories
argocd repo list -o yaml > argocd-repos-backup.yaml

Restore

kubectl apply -f argocd-apps-backup.yaml

Next Steps

GKE Deployment

Deploy to production GKE cluster

Sealed Secrets

Secure your secrets in Git

Additional Resources

Build docs developers (and LLMs) love

Get started for freeTalk to us