Feedback
Build Real GitOps Pipelines From Empty Clusters to Automated Deploys
Explain what Argo CD does and does not do, and trace a change from a Git commit through the reconciliation loop to a running resource on the cluster. | |
Name the parts that make up Argo CD, the API server, application controller, repo-server, Redis, Dex, the ApplicationSet controller, and say what breaks when each one is unhealthy. | |
Provision real infrastructure from scratch: stand up servers with Terraform, bootstrap a Kubernetes cluster, and deploy an application onto it, so Argo CD has something real to manage. | |
Install Argo CD and choose deliberately between the full, core, and custom installs, then log in from the CLI and register additional clusters. | |
Create your first Application from the argocd CLI, then redefine the exact same setup as declarative manifests you keep in Git, including the repository credentials. | |
Read an Application manifest field by field, and configure sync policy on purpose: automated sync, self-healing, pruning and its exceptions, retries and backoff, ignoreDifferences, namespace creation, and the sync options that change how Argo CD applies resources. | |
Decide what happens to your running workloads when an Application is deleted, and set finalizers accordingly. | |
Run your own code around a sync with resource hooks and sync phases (PreSync, Sync, PostSync), and order resources within a sync using sync waves. | |
Create a local user and grant rights with RBAC, scoping one teammate to exactly one project, and verify the grant resolved instead of hoping it did. | |
Package an application as a Helm chart and have Argo CD manage it as a versioned release, passing values and tracking what is deployed. |
Explain what Argo CD does and does not do, and trace a change from a Git commit through the reconciliation loop to a running resource on the cluster. | |
Name the parts that make up Argo CD, the API server, application controller, repo-server, Redis, Dex, the ApplicationSet controller, and say what breaks when each one is unhealthy. | |
Provision real infrastructure from scratch: stand up servers with Terraform, bootstrap a Kubernetes cluster, and deploy an application onto it, so Argo CD has something real to manage. | |
Install Argo CD and choose deliberately between the full, core, and custom installs, then log in from the CLI and register additional clusters. | |
Create your first Application from the argocd CLI, then redefine the exact same setup as declarative manifests you keep in Git, including the repository credentials. | |
Read an Application manifest field by field, and configure sync policy on purpose: automated sync, self-healing, pruning and its exceptions, retries and backoff, ignoreDifferences, namespace creation, and the sync options that change how Argo CD applies resources. | |
Decide what happens to your running workloads when an Application is deleted, and set finalizers accordingly. | |
Run your own code around a sync with resource hooks and sync phases (PreSync, Sync, PostSync), and order resources within a sync using sync waves. | |
Create a local user and grant rights with RBAC, scoping one teammate to exactly one project, and verify the grant resolved instead of hoping it did. | |
Package an application as a Helm chart and have Argo CD manage it as a versioned release, passing values and tracking what is deployed. | |
Generate Applications from templates with ApplicationSets, producing many Applications from one definition across namespaces or clusters. | |
Build a multi-branch pipeline that gives every Git branch/revision its own live environment, so a push creates a deployment and a merge or delete tears it down. | |
You finish with a working artifact; an automated GitOps pipeline you assembled yourself, running on infrastructure you provisioned, that you can explain piece by piece. |
The book title was not neither an arbitrary title nor a random choice. It describes what you actually do in it.
GitOps the Hard Way, with Argo CD: The hard way is not difficulty for its own sake. It is doing the work yourself: you build every piece instead of letting a script, a managed service, or a one-click installer do it somewhere you cannot watch. You provision the servers, bootstrap the cluster, install Argo CD from raw manifests, register the repository, and see the first sync fire because you wired it. Every component passes through your hands once, which is why you recognize it late…
The book title was not neither an arbitrary title nor a random choice. It describes what you actually do in it.
GitOps the Hard Way, with Argo CD: The hard way is not difficulty for its own sake. It is doing the work yourself: you build every piece instead of letting a script, a managed service, or a one-click installer do it somewhere you cannot watch. You provision the servers, bootstrap the cluster, install Argo CD from raw manifests, register the repository, and see the first sync fire because you wired it. Every component passes through your hands once, which is why you recognize it later when it misbehaves. The hard way is the long path that turns out to be the short one, because you never have to come back and learn what the shortcut skipped.
Build Real GitOps Pipelines: Real is the load-bearing word. The pipeline runs on infrastructure you stood up, moves manifests you wrote, and breaks in ways you have to read and repair. A toy pipeline rewards you with a green checkmark and teaches you nothing about the day it turns red. This one earns its keep by surviving contact with real servers, real syncs, and real failures, the same conditions it would meet in production.
From Empty Clusters: This is the starting line, and it is bare on purpose. Argo CD is not waiting for you, the repository is not bootstrapped, and the setup is yours to assemble from scratch. Starting from empty means nothing is a black box, because you watched every piece go in and you know why it is there.
Automated Deploys: This is the finish line, and it runs without you. You commit to Git, and the change reconciles onto the cluster through complete CI/CD pipelines while your hands stay off the keyboard. The two words trace the whole arc of the book, empty to automated, and name the destination plainly: a pipeline that works, not a gallery of concepts you admire and forget.
Who This Guide Is For
Kubernetes developers: You build and run apps on Kubernetes and already live in manifests, Helm charts, and kubectl. You will learn to put your app under Argo CD so a Git commit ships it, see how your chart or manifests become a synced Application, and read sync and health status to know whether your change actually landed.
Platform engineers: You run Argo CD as a service for other teams. You will install it from raw manifests, scope teams to projects with RBAC, generate Applications across clusters with ApplicationSets, and decide what self-healing and pruning should do before someone else finds out the hard way.
DevOps engineers: You connect Git to clusters and CI to delivery. You will wire commits to syncs, run your own code around a deploy with hooks and waves, and build a pipeline that gives every branch its own live environment.
Site reliability engineers: You care what happens when state drifts. You will work through reconciliation, self-healing, sync retries and backoff, and what Argo CD shows you when an Application goes from Synced to OutOfSync or Healthy to Degraded.
Kubernetes operators and cluster admins: You manage clusters and the things running on them. You will install Argo CD, register additional clusters, and see how it reconciles target state against live state so you stop pushing manifests by hand.
Developers deploying onto a platform: You do not run Argo CD, you ship through it. You will learn what your team's setup expects from you: how an Application maps to your manifests or Helm chart, why a sync fails, and how to read the status instead of guessing.
Security engineers: Your concern is access and blast radius. You will use projects to fence what an Application can deploy and where, grant one teammate rights to exactly one project, see where secrets in Git become a problem you have to solve and more!
Teams moving to GitOps: You are getting a team off ad hoc kubectl apply and CI jobs that push straight at the cluster. You will replace that with Git as the place changes happen, and a controller that makes the cluster match.
Managed and distribution users: If you run Argo through OpenShift GitOps, Akuity, Codefresh, or a similar offering, this book covers the open-source core underneath them. The Applications, sync behavior, projects, and RBAC you learn here are the same ones those products wrap.
Consultants and contractors: You stand up GitOps for clients and need a setup you can reproduce, hand off, and defend. You will build the whole thing from manifests in version control, so the install is a repository and not a memory, and so the next person can read why each piece is there.
Engineers migrating from another CD tool: You are moving off Flux, Fleet, a Jenkins pipeline that runs kubectl apply, or a pile of deploy scripts. You will learn the Argo model on its own terms, map your current "CI pushes to the cluster" habit onto "CI commits, Argo reconciles", and find out where that change bites before it bites in production.
Infrastructure engineers: You live in Terraform and provisioning. The book starts there: you provision the servers and bootstrap the cluster with Terraform before Argo CD exists, so you see the full stack underneath the pipeline, not just the layer that syncs.
Engineers who inherited an Argo CD setup: Someone built it, they left, and now it is yours. You will work through the pieces they assembled so the running install stops being a black box: why the repo-server renders what it renders, what the sync options were set to, and which knobs are safe to turn.
Self-taught engineers and job switchers: You are building a skill that shows up in real job postings and want to do it on real infrastructure, not a sandbox you cannot point to. You finish with a working pipeline you built end to end and can explain in an interview line by line.
Helm 
GitLab 
Argo CD 
Kubernetes 
GitLab CI/CDFollow the winding road from start to finish
What Argo CD Actually Does: GitOps, Reconciliation, and Why Immutable Wins
4 sections · 53m readStand Up the Lab: Two Servers, a Cluster, and an App to Deploy
6 sections · 95m readYour First Argo CD Application: From CLI to Declarative Manifests
2 sections · 28m readSync Policy: Every Field, Every Sync Option, Every Annotation
17 sections · 136m read
Aymen El Amri is a software and cloud-native engineer, trainer, author, and technopreneur with 15+ years of experience in building and scaling distributed systems, cloud architectures, and modern software delivery pipelines.
He founded FAUN.dev(), one of the web's most active developer communities focused on Kubernetes, cloud-native engineering, modern software delivery, and other related topics.
He has trained thousands of engineers on DevOps, SRE, Kubernetes, microservices, and cloud architectures, helping teams build reliable and scalable systems. His technical guides and courses are widely used by engineers and organizations looking to adopt cloud-native practices.
His work earned several honors, including a national open-source award. He also advises companies on shaping their cloud-native and platform engineering direction. TechBeacon listed him among the top 100 DevOps professionals to follow.
Find him on X, LinkedIn and FAUN.dev().
Build Real GitOps Pipelines From Empty Clusters to Automated Deploys
If you have a coupon code, you can apply it at checkout in the next step.
Find more courses like this one
15 Modules 79 Sections
26 Modules 158 Sections
15 Modules 89 Sections
20 Modules 71 Sections
23 Modules 107 Sections
33 Modules 115 Sections