Scaling Argo CD across 100+ teams demands more than one cluster — this episode breaks down how to architect multi-tenant Argo CD with SSO, cluster sharding, and hard namespace boundaries.
You'll learn:
- How to integrate SSO (Dex/OIDC) with Argo CD RBAC to enforce per-team access without shared admin credentials
- When and how to shard Argo CD across multiple Application Controllers to avoid reconciliation bottlenecks at scale
- Namespace isolation strategies — AppProject restrictions, resource whitelists, and preventing cross-team blast radius
- How to structure AppProjects so each team only sees and deploys to their own namespaces and clusters
- Common gotchas: overlapping RBAC rules, controller memory pressure, and misconfigured destination restrictions
Keywords: Argo CD multi-tenancy, Argo CD SSO OIDC, Argo CD cluster sharding, AppProject namespace isolation, GitOps platform engineering
🎧 Listen, then go deeper — DevOps & Cloud interview-prep ebooks at DevOpsInterview.Cloud
