Argo CD Pocket Book — Uplatz
60+ deep-dive flashcards • GitOps • Kubernetes CD • Security & RBAC • Multi-Cluster • Observability • Interview Q&A
Cheat-friendly snippets • Real-world deployment tips • Production scaling patterns
1) What is Argo CD?
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It syncs Kubernetes clusters with the desired application state stored in Git repositories.
2) Why GitOps?
✔️ Single source of truth (Git)
✔️ Auditable deployments
✔️ Rollbacks via Git commits
✔️ Declarative & automated.
3) Argo CD Components
- API Server
- Repo Server
- Application Controller
- UI (Web + CLI)
4) Installation
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
kubectl port-forward svc/argocd-server -n argocd 8080:4435) First Login
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -dDefault user: admin
6) Creating an Application
argocd app create guestbook \
--repo https://github.com/argoproj/argocd-example-apps.git \
--path guestbook \
--dest-server https://kubernetes.default.svc \
--dest-namespace default7) Syncing an Application
argocd app sync guestbook8) Rollback
Argo CD can rollback to a previous Git commit, ensuring reproducibility and safety.
argocd app rollback guestbook 19) Health Status
Applications show health: Healthy, Progressing, Degraded, Missing, or Unknown.
10) Sync Strategies
✔ Manual sync
✔ Automatic sync
✔ Self-heal mode
✔ Prune (remove extra resources).
11) App of Apps Pattern
A meta-application manages multiple child apps by pointing to their manifests in Git. Simplifies multi-app deployments.
12) Multi-Cluster Deployments
Argo CD can deploy to multiple Kubernetes clusters by registering cluster contexts.
argocd cluster add CONTEXT13) Helm Charts
Argo CD supports deploying Helm charts directly.
argocd app create myapp --repo https://charts.helm.sh/stable --helm-chart nginx14) Kustomize
Native support for Kustomize overlays, enabling environment-specific configurations.
15) Directory Repos
Argo CD can watch plain YAML/K8s manifests in a Git directory without Helm/Kustomize.
16) RBAC
Role-based policies for read/write access. Define in argocd-rbac-cm ConfigMap.
17) SSO
Argo CD integrates with SSO providers (OIDC, SAML, LDAP, GitHub OAuth).
18) Secrets Management
Integrate with external secret stores like HashiCorp Vault, AWS Secrets Manager, or SealedSecrets.
19) Network Policies
Use Kubernetes NetworkPolicies to restrict communication of Argo CD pods.
20) Best Practices
- Use least privilege RBAC
- Audit sync/rollback actions
- Enable TLS for all endpoints
21) Metrics
Argo CD exposes Prometheus metrics via the /metrics endpoint.
22) Logging
Logs are emitted via standard Kubernetes logging. Aggregate with ELK, Loki, or CloudWatch.
23) Notifications
Argo CD Notifications plugin integrates with Slack, Teams, Email, and Webhooks for sync events.
24) Scaling
Run multiple Application Controllers for HA. Use Redis HA for caching.
25) Performance Tuning
- Reduce repo size with shallow clones
- Enable parallel sync
- Shard by namespace
26) Q: Argo CD vs Jenkins?
Answer: Jenkins is CI-focused, Argo CD is CD-focused with GitOps. They complement each other: Jenkins builds → Argo deploys.
27) Q: Argo CD vs Flux?
Answer: Both are GitOps CD tools. Argo CD has a rich UI and RBAC, while Flux is CLI-first and lighter.
28) Q: How does self-heal work?
Answer: If the cluster state drifts from Git, Argo CD automatically syncs resources back to the desired state.
29) Q: Can Argo CD manage non-K8s?
Answer: No, it is Kubernetes-native. Non-K8s infra requires tools like Terraform + Atlantis.
30) Q: How to improve Argo CD security?
Answer: Use TLS, RBAC, SSO, external secrets, audit logs, and isolate Argo CD namespace.