ArgoCD Guide: Cilium as the Unexpected Multi-Cluster Solution for Developers

Multi-cluster Kubernetes adoption is accelerating, but most developers still view cross-cluster management as an operations-only burden. By combining ArgoCD’s GitOps deployment engine with Cilium’s eBPF-powered networking, you can build seamless, developer-friendly multi-cluster workflows that require minimal manual overhead. This guide walks through setting up this unexpected pairing step by step.

Prerequisites

• 2+ running Kubernetes clusters (v1.24 or later) with kubectl configured for each
• ArgoCD CLI installed locally
• Cilium CLI v1.14 or later
• Helm v3.10 or later
• A Git repository to store GitOps configuration files

What is ArgoCD?

ArgoCD is a declarative, GitOps-based continuous delivery tool for Kubernetes. It syncs cluster state with version-controlled configuration stored in Git, automatically deploying updates when changes are committed. Its native multi-cluster support via ApplicationSet resources lets you manage deployments across dozens of clusters from a single control plane.

What is Cilium?

Cilium is an eBPF-based networking, security, and observability tool for Kubernetes. It replaces traditional kube-proxy and CNI implementations with high-performance eBPF programs, and includes ClusterMesh: a built-in feature for connecting multiple Kubernetes clusters with native service discovery and cross-cluster load balancing, no external service mesh required.

Why Combine ArgoCD and Cilium for Multi-Cluster?

Traditionally, multi-cluster setups require separate tools for deployment orchestration and cross-cluster networking. ArgoCD handles consistent, auditable deployment across all clusters via Git, while Cilium’s ClusterMesh handles cross-cluster traffic routing and service discovery. Together, they eliminate manual configuration for developers: you define your app once in Git, ArgoCD deploys it to all target clusters, and Cilium ensures services can communicate across clusters automatically.

Step-by-Step Setup Guide

1. Install and Configure Cilium with ClusterMesh

First, install Cilium on each cluster with a unique cluster name to enable ClusterMesh:

# Install Cilium on cluster1
cilium install --cluster-name cluster1 --version 1.14.5
# Install Cilium on cluster2
cilium install --cluster-name cluster2 --version 1.14.5

Enable ClusterMesh on both clusters, then connect them:

# Enable ClusterMesh on cluster1
cilium clustermesh enable --context cluster1-context
# Enable ClusterMesh on cluster2
cilium clustermesh enable --context cluster2-context
# Connect cluster1 to cluster2
cilium clustermesh connect --context cluster1-context --destination-context cluster2-context

Verify connectivity with:

cilium clustermesh status --context cluster1-context

2. Install ArgoCD on Your Management Cluster

Deploy ArgoCD to your primary management cluster (e.g., cluster1):

kubectl create namespace argocd --context cluster1-context
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml --context cluster1-context

Expose the ArgoCD API server (for example, via port-forwarding for testing):

kubectl port-forward svc/argocd-server -n argocd 8080:443 --context cluster1-context

Login via the CLI and update the default admin password:

argocd login localhost:8080
argocd account update-password

3. Add Remote Clusters to ArgoCD

Register your secondary cluster (cluster2) with ArgoCD so it can manage deployments there:

argocd cluster add cluster2-context --name cluster2

Verify clusters are added:

argocd cluster list

4. Create GitOps Configuration for Multi-Cluster Deployment

Create a sample application repository with a simple Nginx deployment and service. Then create an ArgoCD ApplicationSet that targets all registered clusters, and uses Cilium’s ClusterMesh for cross-cluster service access:

apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
  name: multi-cluster-nginx
  namespace: argocd
spec:
  generators:
  - clusters: {}
  template:
    metadata:
      name: nginx-{{.metadata.name}}
    spec:
      project: default
      source:
        repoURL: "https://github.com/your-org/multi-cluster-apps.git"
        targetRevision: main
        path: nginx
      destination:
        server: {{.spec.server}}
        namespace: default
      syncPolicy:
        automated:
          prune: true
          selfHeal: true

Cilium’s ClusterMesh automatically enables cross-cluster service discovery: a service named nginx in the default namespace will be accessible from any connected cluster via nginx.default.svc.cluster.local, no extra configuration required.

5. Deploy and Verify

Commit the ApplicationSet to your Git repository, then sync it in ArgoCD:

argocd app sync multi-cluster-nginx

Check deployment status in the ArgoCD UI or via CLI:

argocd app list

Test cross-cluster connectivity by running a curl command from a pod in cluster1 to the Nginx service in cluster2:

kubectl run test-pod --image=curlimages/curl -it --rm --context cluster1-context -- curl nginx.default.svc.cluster.local

Best Practices

• Store application and infrastructure configurations in separate Git repositories for clearer audit trails
• Enable ArgoCD RBAC to restrict deployment permissions to authorized developers only
• Use Cilium network policies to restrict unnecessary cross-cluster traffic
• Scrape Cilium metrics with Prometheus to monitor cross-cluster connectivity and performance
• Test failover scenarios regularly to ensure workloads resync correctly if a cluster goes offline

Conclusion

Pairing ArgoCD and Cilium delivers an unexpected, developer-friendly multi-cluster Kubernetes setup. ArgoCD handles deployment consistency via GitOps, while Cilium eliminates cross-cluster networking complexity with ClusterMesh. Developers no longer need to rely on ops teams to manage multi-cluster workflows: a single Git commit can deploy and connect applications across all your clusters, with full auditability and minimal overhead.