GitOps with ArgoCD 3.0: Multi-Cluster Management at Scale

By /

GitOps with ArgoCD 3.0: Multi-Cluster Management at Scale

Managing 50+ Kubernetes clusters with consistent configurations is a nightmare without GitOps. ArgoCD 3.0 makes multi-cluster management practical with ApplicationSets, progressive delivery, and improved RBAC. Therefore, this guide shows you how to scale from a single cluster to hundreds while keeping your sanity and your configurations consistent.

Why Multi-Cluster? When You Need More Than One

Organizations run multiple clusters for several legitimate reasons: geographic distribution (US, EU, Asia), environment separation (dev, staging, production), team isolation (each team gets their own cluster), compliance boundaries (PCI, HIPAA data must be in specific clusters), or simply scale (one cluster can’t handle all your workloads). Moreover, edge computing and IoT scenarios may require hundreds of small clusters.

The challenge isn’t deploying to multiple clusters — kubectl can do that. The challenge is maintaining consistency: ensuring the same security policies, same networking configurations, and same versions of shared services are applied everywhere. ArgoCD turns this from a manual coordination nightmare into an automated, auditable process.

ApplicationSets: Deploy Everywhere at Once

ApplicationSets are templates that generate ArgoCD Applications dynamically based on generators. Think of them as “Application factories” — you define the pattern once, and ArgoCD creates an Application for every cluster, every region, or every team.

apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
  name: platform-services
  namespace: argocd
spec:
  generators:
    # Generate one Application per cluster registered in ArgoCD
    - clusters:
        selector:
          matchLabels:
            environment: production
        values:
          region: "{{metadata.labels.region}}"

  template:
    metadata:
      name: "platform-{{name}}"
    spec:
      project: platform
      source:
        repoURL: https://github.com/company/platform-manifests
        path: "services/overlays/{{values.region}}"
        targetRevision: main
      destination:
        server: "{{server}}"
        namespace: platform
      syncPolicy:
        automated:
          prune: true
          selfHeal: true
        syncOptions:
          - CreateNamespace=true
          - ServerSideApply=true

When you add a new production cluster with the right labels, ArgoCD automatically generates an Application for it and deploys all platform services. No manual configuration, no tickets, no forgetting to deploy something.

Multi-cluster ArgoCD deployment
ApplicationSets generate Applications dynamically for every cluster matching the selector

Environment Promotion: Dev to Staging to Production

A proper multi-cluster GitOps workflow promotes changes through environments rather than deploying directly to production. ArgoCD 3.0 supports this through directory-based overlays with Kustomize.

Your repository structure looks like:

k8s-manifests/
  services/
    order-service/
      base/              # Shared manifests
        deployment.yaml
        service.yaml
      overlays/
        development/      # Dev overrides (1 replica, debug logging)
          kustomization.yaml
        staging/          # Staging overrides (2 replicas, staging DB)
          kustomization.yaml
        production/       # Prod overrides (5 replicas, prod DB, resource limits)
          kustomization.yaml
          hpa.yaml

Promotion workflow: merge to main deploys to dev automatically. Create a PR targeting the staging branch deploys to staging after review. Tag a release deploys to production. Each step is a Git operation with full audit trail.

Progressive Delivery with Argo Rollouts

ArgoCD integrates with Argo Rollouts for canary deployments and blue-green releases across clusters. A canary deployment sends 5% of traffic to the new version, monitors error rates and latency for 10 minutes, then gradually increases to 100% if metrics are healthy. If something goes wrong, automatic rollback kicks in.

Progressive delivery monitoring
Canary deployments verify each release with real traffic before full rollout

RBAC for Multi-Tenant Clusters

ArgoCD 3.0 improves RBAC with AppProject-based isolation. Each team gets a Project that restricts which repositories they can deploy from, which clusters they can deploy to, and which namespaces they can manage. This prevents Team A from accidentally deploying to Team B’s namespace or pulling from an unauthorized repository.

Scaling ArgoCD Itself

A single ArgoCD instance can manage hundreds of clusters and thousands of applications with proper tuning. Key settings: increase the controller’s --status-processors and --operation-processors values, enable sharding for very large deployments, and use Redis clustering for the cache layer. However, beyond 500 clusters, consider running multiple ArgoCD instances with a management-cluster pattern.

ArgoCD scaling architecture
Tune ArgoCD controller settings as your cluster count grows

Related Reading:

Resources:

In conclusion, ArgoCD 3.0 makes multi-cluster GitOps practical through ApplicationSets, progressive delivery, and granular RBAC. Start with two clusters (dev and production), prove the pattern, then scale to as many clusters as your organization needs.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top