# GitOps架构设计
[root@k8s-master ~]# cat > /root/gitops-architecture.txt << 'EOF' FGEDU GitOps架构 ================ 1. 核心组件 - Git仓库: 配置存储 - ArgoCD: 同步控制器 - Kubernetes: 目标集群 2. 工作流程 - 开发提交代码 - CI构建镜像 - 更新Git配置 - ArgoCD同步部署 3. 环境管理 - 开发环境: dev分支 - 测试环境: test分支 - 生产环境: main分支 4. 最佳实践 - 声明式配置 - 版本控制 - 自动同步 - 审计追踪 EOF # 初始化Git仓库 [root@k8s-master ~]# mkdir -p /root/gitops-repo [root@k8s-master ~]# cd /root/gitops-repo [root@k8s-master gitops-repo]# git init Initialized empty Git repository in /root/gitops-repo/.git/ [root@k8s-master gitops-repo]# git config user.email "admin@fgedu.net.cn" [root@k8s-master gitops-repo]# git config user.name "FGEDU Admin" # 创建应用目录结构 [root@k8s-master gitops-repo]# mkdir -p apps/fgedu-app/{base,overlays/{dev,test,prod}} [root@k8s-master gitops-repo]# mkdir -p infrastructure

# 创建命名空间
[root@k8s-master ~]# kubectl create namespace argocd
namespace/argocd created

# 安装ArgoCD
[root@k8s-master ~]# kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yafrom PG视频:www.itpux.comml
customresourcedefinition.更多视频教程www.fgedu.net.cnapiextensions.k8s.io/applications.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/applicationsets.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
serviceaccount/argocd-application-controller created
serviceaccount/argocd-applicationset-controller created
serviceaccount/argocd-dex-server created
serviceaccount/argocd-notifications-controller created
serviceaccount/argocd-redis created
serviceaccount/argocd-repo-server created
serviceaccount/argocd-server created

# 查看ArgoCD状态
[root@k8s-master ~]# kubectl get pods -n argocd
NAME READY STATUS RESTARTS AGE
argocd-application-controller-0 1/1 Running 0 3m
argocd-applicationset-controller-abc12-xyz789 1/1 Running 0 3m
argocd-dex-server-abc12-xyz789 1/1 Running 0 3m
argocd-notifications-controller-abc12-xyz789 1/1 Running 0 3m
argocd-redis-abc12-xyz789 1/1 Running 0 3m
argocd-repo-server-abc12-xyz789 1/1 Running 0 3m
argocd-server-abc12-xyz789 1/1 Running 0 3m

# 获取初始密码
[root@k8s-master ~]# kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath=”{.data.password}” | base64 -d
abc123def456

# 访问ArgoCD
[root@k8s-master ~]# kubectl port-forward svc/argocd-server -n argocd 8080:443
Forwarding from 127.0.0.1:8080 -> 8080

# 创建基础配置
[root@k8s-master gitops-repo]# cat > apps/fgedu-app/base/deployment.yaml << 'EOF' apiVersion: apps/v1 kind: Deployment metadata: name: fgedu-app spec: replicas: 3 selector: matchLabels: app: fgedu-app template: metadata: labels: app: fgedu-app spec: containers: - name: app image: nginx:1.25 ports: - containerPort: 80 resources: requests: cpu: 100m memory: 128Mi limits: cpu: 500m memory: 512Mi EOF [root@k8s-master gitops-repo]# cat > apps/fgedu-app/base/service.yaml << 'EOF' apiVersion: v1 kind: Service metadata: name: fgedu-app spec: ports: - port: 80 targetPort: 80 selector: app: fgedu-app EOF [root@k8s-master gitops-repo]# cat > apps/fgedu-app/base/kustomization.yaml << 'EOF' apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - deployment.yaml - service.yaml commonLabels: app.kubernetes.io/name: fgedu-app app.kubernetes.io/managed-by: argocd EOF # 创建生产环境覆盖 [root@k8s-master gitops-repo]# cat > apps/fgedu-app/overlays/prod/kustomization.yaml << 'EOF' apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: fgedu-prod resources: - ../../base commonLabels: env: production patchesStrategicMerge: - deployment-patch.yaml EOF [root@k8s-master gitops-repo]# cat > apps/fgedu-app/overlays/prod/deployment-patch.yaml << 'EOF' apiVersion: apps/v1 kind: Deployment metadata: name: fgedu-app spec: replicas: 5 template: spec: containers: - name: app resources: requests: cpu: 200m memory: 256Mi limits: cpu: 1000m memory: 1Gi EOF

# 创建ArgoCD应用
[root@k8s-master ~]# cat > fgedu-argocd-app.yaml << 'EOF' apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: fgedu-app-prod namespace: argocd spec: project: default source: repoURL: https://git.fgedu.net.cn/fgedu/k8s-apps.git targetRevision: main path: apps/fgedu-app/overlays/prod destination: server: https://kubernetes.default.svc namespace: fgedu-prod syncPolicy: automated: prune: true selfHeal: true allowEmpty: false syncOptions: - CreateNamespace=true - PrunePropagationPolicy=foreground - PruneLast=true retry: limit: 5 backoff: duration: 5s factor: 2 maxDuration: 3m EOF [root@k8s-master ~]# kubectl apply -f fgedu-argocd-app.yaml application.argoproj.io/fgedu-app-prod created # 查看应用状态 [root@k8s-master ~]# kubectl get application -n argocd NAME SYNC STATUS HEALTH STATUS fgedu-app-prod Synced Healthy # 手动同步应用 [root@k8s-master ~]# argocd app sync fgedu-app-prod TIMESTAMP GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE 2026-04-04T23:00:00+08:00 Service fgedu-prod fgedu-app Healthy service/fgedu-app created 2026-04-04T23:00:00+08:00 apps Deployment fgedu-prod fgedu-app Running Healthy deployment.apps/fgedu-app created # 创建ApplicationSet实现多环境部署 [root@k8s-master ~]# cat > fgedu-appset.yaml << 'EOF' apiVersion: argoproj.io/v1alpha1 kind: ApplicationSet metadata: name: fgedu-app-multi-env namespace: argocd spec: generators: - list: elements: - env: dev namespace: fgedu-dev replicas: "1" - env: test namespace: fgedu-test replicas: "2" - env: prod namespace: fgedu-prod replicas: "5" template: metadata: name: 'fgedu-app-{{env}}' spec: project: default source: repoURL: https://git.fgedu.net.cn/fgedu/k8s-apps.git targetRevision: main path: apps/fgedu-app/overlays/{{env}} destination: server: https://kubernetes.default.svc namespace: '{{namespace}}' syncPolicy: automated: prune: true selfHeal: true syncOptions: - CreateNamespace=true EOF [root@k8s-master ~]# kubectl apply -f fgedu-appset.yaml applicationset.argoproj.io/fgedu-app-multi-env created # 查看ApplicationSet状态 [root@k8s-master ~]# kubectl get applicationset -n argocd NAME AGE fgedu-app-multi-env 1m [root@k8s-master ~]# kubectl get application -n argocd NAME SYNC STATUS HEALTH STATUS fgedu-app-dev Synced Healthy fgedu-app-test Synced Healthy fgedu-app-prod Synced Healthy