-
There are a few issues and discussions around this but there's no clear answer that I can see. My end goal is to run analysisRuns on the remote clusters where workloads actually run, not the mgmt cluster that the main Kargo controller runs on. I gathered from other threads and docs that the ArgoCD model of basically putting a KubeConfig in a secret and calling across clusters in that fashion is frowned up. But the alternative or best practice config is not really documented as far as I can tell. It seems to be something like: set up a Kargo controller on each cluster with one as the primary, then use some sort of communication/webhooks between them to run remote AnalysisRuns and do other operations on a remote cluster. Basically Kargo <--> Kargo communication instead of authing with a cluster directly, if I understand right. That sounds great to me but I really can't find how to set it up much of anywhere. Looking through the docs, issues, discussions, and helm chart documentation it's really not very clear to me what the best practice is to do this. It's important to me because it's really the final thing I need to prove that Kargo is capable of internally in order to sort of begin actually using it more widely. If we want to replace GHA we need to bring the ability to run arbitrary code in between promotions (unit, E2E, integration testing) and it seems that Kargo is perfectly capable of this, it's just a bit hard to figure out how to do it in remote clusters. I think this will be a common use case going forward as being able to run analysisTemplates in the same cluster/namespace as the actual workload of course makes for more accurate, reliable, and simple (less complex networking and such) testing. So any guidance, docs, issues, or anything else folks could point me to would help a lot! A helm example in particular would be most valuable. |
Beta Was this translation helpful? Give feedback.
Replies: 5 comments 11 replies
-
This isn't documented yet, but it's basically this:
What you'll end up with is:
|
Beta Was this translation helpful? Give feedback.
-
Appreciate the quick and detailed response as always! I modified an existing diagram I have to try to visualizing this architecture. I have a lot of trouble with this stuff without diagramming it out, and maybe it'll also help future lurkers. I don't think it's perfectly accurate but I tried to make all the connections as I understand them. Is this basically accurate or what would you change? It's a bit simplified/has generic names but hopefully it drives home the key ideas. |
Beta Was this translation helpful? Give feedback.
-
Hi @krancour , that did the work and now AnalisysysRun's works from the remote clusters thank you so much for that much needed explanation! |
Beta Was this translation helpful? Give feedback.
-
Thank for your response dear @krancour , |
Beta Was this translation helpful? Give feedback.
-
Ya... I'd been thinking this was your scenario and part of your problem. I missed that this wasn't using the job provider. Until we work out how to do make this work for jobs that executed on another cluster (I'll look at rollouts#3350), I think we can probably disable the link if it's a job provider and the stage is labeled for a shard. |
Beta Was this translation helpful? Give feedback.
This isn't documented yet, but it's basically this:
When installing a distributed (i.e. sharded) Kargo controller somewhere besides the cluster that actually hosts the Kargo control plane, provide a cluster-specific value for
controller.rollouts.controllerInstanceID
during the helm install.Run a Rollouts controller "next to" each of your distributed Kargo controllers. Following process quite similar to how you must have already configured the distributed Kargo controllers, configure it like so:
contro…