Ilya Ivanov

Ilya Ivanov

DevOps eXtraordinaire

Install Karpenter with ArgoCD

Today we are going to install Karpenter with ArgoCD.

This article assumes that you already have ArgoCD working.

The first step to installing a new application with Argo always is to look for an exising Helm chart. If there is one, installing it usually is a no-brainer. Just add up an application, provide repository and chart urls, done.

However, the Karpenter team made a decision to drop Helm repository support at https://charts.karpenter.sh/ and instead publish it in an OCI repository (which turns out to be a thing) hosted on Amazon ECR.

The problem is, ArgoCD will not resolve oci:// url for Helm repository. At least, not without authentication. Even if it’s a public repository. Joyful.

Of course, if you have private charts in ECR, there’s not much choice, you need a token. Someone even put together an automation for refreshing ECR tokens.

However, if you want just the public ones, there’s a workaround. We will chain the charts and let Helm do the heavy lifting.

First, create a wrapper application:

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: karpenter-root
  namespace: argocd
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  destination:
    namespace: karpenter
    server: 
  project: default
  source:
    repoURL: 
    targetRevision: HEAD
    path: helm/karpenter-root
    helm:
      valuesObject:
        karpenter:
          serviceAccount:
            annotations:
              eks.amazonaws.com/role-arn: "arn:aws:iam::something/something"
          settings:
            clusterName: "mycluster"
            interruptionQueue: "Karpenter-mycluster"
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true

This configuration expects a custom Helm chart in helm/karpenter-root in the same repository. Also note some minimal settings passed to Helm as valuesObject.

Our Helm chart in helm/karpenter-root/Chart.yaml is going to be simplistic:

apiVersion: v2
name: karpenter-root
description: Karpenter parent chart
type: application

version: 0.1.0
appVersion: "1.0.0"

dependencies:
  - name: karpenter
    version: "v0.34.0"
    # TAKE THAT, KARPENTER TEAM! NO TOKENS FOR YOU!!
    repository: "oci://public.ecr.aws/karpenter"

Also add values to helm/karpenter-root/values.yaml:

karpenter:
  serviceAccount:
    annotations:
      eks.amazonaws.com/role-arn: "none"
  settings:
    clusterName: "none"
    interruptionQueue: "none"

To pass more values, you’ll need to add them to both Application definition and values.yaml, but that’s a small price to pay.

That’s all, folks!

Comments

You May Also Enjoy

Github Torrent Action

Here’s something I’ve been meaning to get to for a while, and finally got a chance. Enter GitHub Torrent Action!