Skip to main content

WISP

This guide details the lifecycle management of the SENSE Orchestrator stack (stackv) using ArgoCD. The deployment utilizes the App of Apps pattern or standalone Application manifests, pointing to the sense-helm chart repository.

1. Environment Dependencies

ArgoCD will manage the application resources, but the following external dependencies must exist in the target namespace (default) before the application will sync successfully.

Required Secrets

Ensure the following secrets are present in the target namespace. These are referenced directly by the Helm chart via the ArgoCD valuesObject.

  • regcred (Docker Registry Pull Secret)
  • sense-o-keystore (Java Keystore for TLS)
  • new-kc-auth (Application Credentials & DB passwords)

Required PVCs

  • app-mysql-pvc (If not dynamically provisioned by the chart)

2. Configuration (ArgoCD Application)

The deployment is defined via an ArgoCD Application CRD. This references the sense-helm chart repository and overrides default values via the valuesObject.

2.1 Key Configuration Parameters

ParameterValue in ManifestDescription
Target Revision1.14.7The specific version of the Helm chart to deploy.
Domainstackv.dev3.virnao.comThe public DNS entry for the Orchestrator.
Image TagdevThe application image version. Note: In production, pin this to a specific SHA or numbered tag.
ResourcesRequests: 600m/4GiMinimum reserved resources.
Java Memory4GHeap size allocated to the JVM.
Persistenceapp-mysql-pvcName of the Persistent Volume Claim for the database.

2.2 The Application Manifest

Save the following as sense-orchestrator-argocd.yaml:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: stackv
  namespace: argocd
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  project: default
  source:
    repoURL: https://stackv.github.io/sense-helm/
    chart: sense-orchestrator
    targetRevision: 1.14.7
    helm:
      valuesObject:
        global:
          namespace: default
          domain: stackv.dev3.virnao.com
        image:
          repository: virnao/stackv-orchestrator
          tag: dev
          pullSecrets:
            - name: regcred
        auth:
          clientSecret: new-kc-auth
        init:
          migration:
            repository: virnao/stackv-db-migration
        issuer:
          enabled: true
        java:
          memory: 4G
        resources:
          requests:
            cpu: 600m
            memory: 4Gi
          limits:
            cpu: 2000m
            memory: 6Gi
        tls:
          keystoreSecret: sense-o-keystore
        mysql:
          pvcName: app-mysql-pvc
  destination:
    server: https://kubernetes.default.svc
  syncPolicy:
    syncOptions:
      - CreateNamespace=true
      - ServerSideApply=true

3. Deployment Procedure

3.1 Apply the Manifest

Submit the Application manifest to the cluster where ArgoCD is running (often the same cluster, but checking the namespace argocd is standard).

kubectl apply -f sense-orchestrator-argocd.yaml -n argocd

3.2 Verify Sync Status

  1. Log in to the ArgoCD UI.
  2. Locate the stackv application.
  3. Verify the status is Healthy and Synced.
  4. If the status is "Degraded," check the specific resource events. Common issues include:
    • Missing Secrets: If the pods fail to pull images (ImagePullBackOff) or crash on startup (CrashLoopBackOff), verify the secrets in Section 1 exist in the default namespace.
    • PVC Pending: Ensure the storage class supports the requested volume or that app-mysql-pvc is bound.

3.3 Configuration Updates

To update configuration (e.g., change memory limits or update the image tag):

  1. Do not edit the Application manifest in the cluster directly.
  2. Edit the valuesObject in the YAML file stored in your Gitops repository.
  3. Commit and push the changes.
  4. ArgoCD will detect the OutOfSync state. Trigger a sync to apply the new configuration.

4. Post-Deployment Verification

Once ArgoCD reports "Healthy," verifying the service requires accessing the public URL.

  1. Navigate to https://stackv.dev3.virnao.com/StackV-web/portal (or the configured domain).
  2. Ensure the Keycloak redirect occurs (if Keycloak is configured to handle auth).

5. Troubleshooting Argo Interactions

Common Sync Statuses

StatusMeaningAction Required
Healthy / SyncedDesired state matches live state.None.
DegradedA resource is failing (e.g., CrashLoopBackOff).Check Pod logs via ArgoCD UI. Verify new-kc-auth secret keys match chart expectations.
OutOfSyncGit configuration differs from the cluster.Review the "Diff" tab in ArgoCD. If intentional, click Sync.
UnknownArgoCD cannot communicate with the cluster.Check ArgoCD Controller logs.