argocd
| Field |
Value |
| Service |
argocd |
| Purpose |
Alternate GitOps control plane and migration reference alongside Fleet |
| Criticality |
Tier 1 |
| Owner |
Platform / GitOps owner |
| Clusters |
homelab, oci |
| Namespace |
argocd |
| Exposure |
internet |
| Stateful |
yes |
| Backup class |
cluster backup |
| RPO / RTO |
Git is authoritative, 30 to 60 minutes to restore controller state |
| Last reviewed |
2026-05-20 |
1. Service Overview
Argo CD remains in the repository as the alternate GitOps controller and as the source of older Application and ApplicationSet layouts that predate the Fleet-first model.
Summary
If this service is unavailable, the legacy GitOps path and any workloads still depending on Argo CD lose reconciliation and operator visibility.
Dependencies
| Dependency |
Type |
Why it matters |
| Git repository credentials |
secret |
Argo CD must read the Git source of truth |
| Redis and Argo CD control-plane pods |
runtime |
Application and sync state depend on the controller stack |
| Traefik |
ingress |
External access to the UI and API |
2. Architecture Diagram
[Git repository]
-> [Argo CD API and controllers]
-> [Applications / ApplicationSets]
-> [Target clusters and namespaces]
3. Deployment Specifications
| Item |
Value |
| Source path |
argocd/base, argocd/shared, argocd/prod, argocd/oci |
| Deployment model |
Kustomize |
| Namespace |
argocd |
| Workload kind |
Deployments, Stateful supporting components, ApplicationSet resources |
| Chart or image version |
Argo CD 3.3.x family in current manifests |
| Config files |
base/kustomization.yaml, shared/kustomization.yaml, prod/kustomization.yaml, oci/kustomization.yaml |
Cluster mapping
| Cluster |
Overlay path |
Notes |
| homelab |
argocd/prod |
Main legacy deployment path |
| oci |
argocd/oci |
OCI-specific ingress and access path |
4. Configuration Guide
Environment variables
| Variable |
Source |
Purpose |
Secret? |
| Repository and controller settings |
argocd/shared and overlay manifests |
Git access, application scope, notifications |
mixed |
ConfigMaps
| Resource |
Path |
Purpose |
| argocd-notifications-cm |
argocd/prod/argocd-notifications-cm.yaml |
Notifications and messaging behavior |
Secrets management
- Secret names: repository credentials and cluster access secrets under argocd/shared
- Source of truth: committed placeholder manifests plus runtime secret material
- Rotation trigger: Git credential rotation or cluster access changes
- Recovery note: restore repository and cluster secrets before reconciling applications
5. Access Protocols
| Path |
URL or endpoint |
Audience |
Auth |
TLS terminates at |
| Internal |
argocd server and repo-server services in the argocd namespace |
Platform operators |
Argo CD RBAC |
Argo CD / Traefik |
| External |
https://argocd.mutana.fr or environment-specific hostname |
Platform operators |
Argo CD auth plus ingress controls |
Traefik |
6. Operations and Observability
- Primary health indicators: application controller healthy, repo-server healthy, Application sync status current.
- Dashboards or alerts: shared cluster monitoring and Argo CD object status.
- Log locations: controller, repo-server, and API server pod logs.
- Known failure modes: bad Git credentials, stale Application paths, broken ingress, cluster secret drift, or ApplicationSet generation failures.
7. Backup and Recovery Notes
- Backup method: Git plus cluster backup for controller state and secrets.
- Restore prerequisites: Argo CD namespace, repository secrets, and controller deployments.
- Related runbook: ../runbooks/argocd.md
8. Release and Change Notes
- Current deployed app version: Argo CD 3.3.x family in the current repo state.
- Current chart version: N/A.
- Last significant change: retained as the alternate GitOps controller while the repository standardized on Fleet-first bootstrap and overlays.
- Rollback reference: previous Kustomize overlay revision in Git.