EMF Argo CD Deployment Guide (AWS Cloud)#

This guide explains how Edge Manageability Framework (EMF) is deployed on AWS Cloud using Argo CD and the cluster profile file:

orch-configs/clusters/cluster-name.yaml

The cluster profile drives the deployment of multiple Argo CD Applications across the cluster.

1. Cluster Profile Overview#

The cluster profile (cluster-name.yaml) performs the following:

  • Combines multiple profile files (root.clusterValues)

  • Injects global settings (AWS account, region, EFS, TargetGroups)

  • Applies AWS-specific overrides (postCustomTemplateOverwrite)

  • Declares Git repository, branch, Argo project, and feature toggles

  • Orchestrates multiple Applications, not just a single Helm chart

2. High-Level Deployment Flow#

  1. Bootstrap AWS essentials: authentication, load balancers, and shared storage

  2. Install Argo CD into the EKS cluster

  3. Apply the Root Application manifest pointing to Git repo and cluster-name.yaml

  4. Process root.clusterValues in order (last wins)

  5. Generate child Applications: platform, observability (o11y), Kyverno, edge infra, UI, SRE

  6. Apply AWS-specific overrides (postCustomTemplateOverwrite), e.g., TargetGroup ARNs

  7. Argo CD auto-syncs until all Applications are Healthy

3. Key AWS Fields in Cluster Profile#

Field

Description

root.useLocalValues

If true, overwrite locally defined values

argo.project

Argo CD project name (usually cluster-name)

argo.namespace

Namespace for core EMF components

argo.clusterName

Logical name for the EKS cluster

argo.clusterDomain

DNS suffix (e.g., cluster-name.customer-domain.com)

argo.deployRepoURL

Git repo with EMF manifests

argo.deployRepoRevision

Branch or tag to deploy (e.g., main)

aws.account

AWS account ID

aws.region

AWS region (e.g., us-west-2)

aws.efs.fsid

EFS FileSystem ID

aws.targetGroup.traefik

ALB TargetGroup ARN for HTTP

aws.targetGroup.traefikGrpc

ALB TargetGroup ARN for gRPC

postCustomTemplateOverwrite.* | Optional AWS-specific overrides

4. Profiles Layering Strategy#

Profiles in orch-configs/profiles/ are modular:

  • enable-*.yaml – Enable features

  • proxy-*.yaml – Proxy configuration

  • profile-*.yaml – Opinionated bundles (e.g., AWS)

  • resource-*.yaml – Resource sizing/tuning

  • artifact-*.yaml – Artifact storage mode

  • o11y-*.yaml – Observability overlays

Typical AWS layering order:

- $values/orch-configs/profiles/enable-platform.yaml
- $values/orch-configs/profiles/enable-o11y.yaml
- $values/orch-configs/profiles/enable-kyverno.yaml
- $values/orch-configs/profiles/enable-app-orch.yaml
- $values/orch-configs/profiles/enable-cluster-orch.yaml
- $values/orch-configs/profiles/enable-edgeinfra.yaml
- $values/orch-configs/profiles/enable-full-ui.yaml
- $values/orch-configs/profiles/enable-aws.yaml
- $values/orch-configs/profiles/enable-sre.yaml
- $values/orch-configs/profiles/proxy-none.yaml
- $values/orch-configs/profiles/profile-aws.yaml
- $values/orch-configs/profiles/resource-default.yaml
- $values/orch-configs/profiles/o11y-release.yaml
- $values/orch-configs/profiles/alerting-emails.yaml
- $values/orch-configs/profiles/artifact-rs-production-noauth.yaml
- $values/orch-configs/profiles/cluster-name.yaml

5. AWS Dependencies Setup#

  • IAM Provider – for cluster authentication

  • AWS Load Balancer Controller – to manage ALBs

  • EFS CSI Driver – persistent storage

  • Route53 DNS – domain resolution for services

6. Argo CD Installation#

Internal chained targets with side effects:

  • create-namespaces

  • release-secrets

  • keycloak-secret

  • install-argocd-release

  • wait-argocd-ready

  • deploy-rootapp

# Add Argo Helm repo
helm repo add argo-helm https://argoproj.github.io/argo-helm --force-update >/dev/null

admin_patch_pw=$(argocd account bcrypt --password "$ORCH_DEFAULT_PASSWORD")

# Install/upgrade Argo CD with Helm
helm upgrade --install argocd argo-helm/argo-cd \
  -n argocd \
  --version "8.0.0" \
  --values "edge-manageability-framework/bootstrap/argocd.yaml" \
  --values "edge-manageability-framework/bootstrap/nodeport.yaml" \
  --set configs.cm.users.session.duration=24h \
  --create-namespace --wait

kubectl -n argocd patch secret argocd-secret --type='merge' \
  -p '{"stringData":{"admin.password":"$admin_patch_pw"}}'

7. Apply Root Application#

helm upgrade --install root-app edge-manageability-framework/argocd/root-app \
  -n sc-dev \
  -f edge-manageability-framework/orch-configs/clusters/sc-dev.yaml \
  --create-namespace

This creates the Argo CD project and root Application, and deploys child Applications automatically.