Argo Workflows

The most popular Kubernetes-native workflow engine for orchestrating containerized DAGs, ML pipelines, CI/CD, and parallel batch jobs at scale.

16.8Kstars
3.6Kforks
Apache License 2.0
Go

Argo Workflows is an open source, container-native workflow engine for Kubernetes that defines complex, parallelizable jobs entirely as containers coordinated through Kubernetes Custom Resource Definitions. Unlike legacy VM-based orchestrators, every workflow step runs as its own container, giving you precise resource control, isolated environments, and native cloud infrastructure integration without the overhead of traditional job schedulers.

Built as a CNCF graduated project with 200+ organizations in production, Argo Workflows handles anything from simple sequential scripts to intricate Directed Acyclic Graphs with thousands of parallel branches. Its executor-sidecar architecture deploys an argoexec agent alongside each step container to handle artifact transport, parameter passing, and output collection entirely within the pod boundary, keeping execution decoupled from the control plane.

The platform integrates with the broader Argo ecosystem—connecting to Argo Events for event-driven triggers, Argo CD for GitOps deployments, and external systems via webhooks and gRPC APIs. Multi-language SDKs in Python (Hera), Go, Java, and TypeScript (Juno) let data scientists, platform engineers, and backend teams define workflows in their native tooling, all compiled to the same Kubernetes-native YAML spec.

Operationally, Argo Workflows ships with a real-time DAG visualization UI, Prometheus metrics per step, OpenTelemetry tracing, SSO via OAuth2/OIDC, and configurable garbage collection—making it production-ready out of the box on any Kubernetes cluster, from managed cloud services to bare-metal on-prem installations.

What You Get

  • DAG and steps-based workflow declaration - Define complex workflows using Directed Acyclic Graphs or sequential steps, with explicit dependency tracking between containerized tasks and automatic parallel execution of independent branches.
  • Multi-cloud artifact support - Native integration with S3, GCS, Azure Blob Storage, Alibaba Cloud OSS, HDFS, Artifactory, Git, HTTP, and raw storage for transparent input/output data exchange between workflow steps.
  • Workflow templating - Store reusable ClusterWorkflowTemplates in-cluster that any namespace can reference, reducing duplication and enforcing organizational standards across teams and pipelines.
  • Cron-scheduled workflows - Define CronWorkflow resources that trigger pipelines on a schedule, enabling automated batch processing, data ingestion, and periodic ML model retraining.
  • Step-level parameters and artifacts - Pass typed parameters (strings, numbers, JSON) and file artifacts between steps, enabling dynamic pipeline composition where each step’s outputs feed into subsequent steps.
  • Retry, timeout, and memoized resubmit - Configure per-step and per-workflow retry policies, execution timeouts, and result caching so failed runs restart from the last successful checkpoint rather than from scratch.
  • REST and gRPC server API - Programmatically submit, monitor, suspend, resume, and delete workflows via standard HTTP or gRPC endpoints for integration with CI systems, notebooks, and custom tooling.
  • Real-time DAG visualization UI - Interactive web interface showing live workflow status, step-level logs multiplexed across concurrent containers, artifact browsing, and historical workflow archive access.
  • Plugin-based step executors - Extend Argo with custom step types via HTTP plugin processes registered as ConfigMaps, without modifying core binaries or rebuilding images.
  • Prometheus metrics and OpenTelemetry tracing - Automatically expose per-step resource usage (CPU, memory, runtime) and distributed traces, integrating with Grafana dashboards and tracing backends like Jaeger or Tempo.
  • SSO with OAuth2/OIDC - Secure the Argo Server UI and API using enterprise identity providers such as Okta, Dex, or Keycloak, with Kubernetes RBAC-based authorization.
  • Multi-language workflow SDKs - Author workflows programmatically in Python via Hera, TypeScript via Juno, or Java and Go via official client libraries, all generating valid Argo Workflows YAML.

Common Use Cases

  • ML training pipeline orchestration - A data science team defines a Hera Python workflow that fans out across 50 GPU pods for hyperparameter search, collects evaluation artifacts, and conditionally promotes the best model to a registry—all driven by a single CronWorkflow trigger.
  • Large-scale data processing - A data engineering team parallelizes 200+ geospatial extract jobs across independent Kubernetes pods using a DAG workflow with S3 artifact passing, reducing wall-clock time from hours to under 35 minutes.
  • CI/CD pipeline replacement - A platform team migrates from Jenkins by defining test, build, and deploy stages as Argo workflow steps, triggering runs via GitHub webhooks and using Argo CD to sync deployment manifests after successful workflow completion.
  • Scientific simulation at scale - A research lab runs thousands of parameterized simulations by submitting a workflow with a loop over parameter sets, each step isolated in its own container with controlled resource allocation and automatic result archiving to object storage.
  • Infrastructure automation - A DevOps team uses Kubernetes resource orchestration steps to provision and configure cloud resources in sequence, with exit hooks that send Slack notifications and clean up temporary credentials on completion.
  • Batch report generation - A business intelligence team schedules nightly CronWorkflows that query data warehouses, transform results, generate PDF reports as artifacts, and upload them to shared storage—with automatic retry if any step fails.

Under The Hood

Architecture Argo Workflows is built on a clean event-driven, reconciliation-loop architecture grounded in Kubernetes controller-runtime primitives. The Workflow Controller subscribes to Custom Resource events and reconciles desired workflow state through specialized node executors for each template type—containers, DAGs, steps, scripts, resource manifests, and plugins—without a monolithic execution engine. A distinctive executor-sidecar pattern deploys an argoexec agent alongside each step container within the pod boundary to manage artifact transport, parameter collection, and output reporting, keeping execution decoupled from the control plane. The Argo Server sits as a separate process exposing REST and gRPC APIs, with an independent web UI, creating clean separation between orchestration and serving concerns. Data flows unidirectionally from CRD spec through the controller to pod-level executors that report back via Kubernetes annotations, forming an observable feedback loop that tolerates controller restarts without losing workflow state.

Tech Stack The backend is written in Go 1.26 with protobuf-generated APIs and deep integration with Kubernetes client-go and controller-runtime. The Argo Server exposes both HTTP REST and gRPC endpoints, serving a TypeScript and React frontend built with Vite and packaged as embedded static assets. Workflow persistence uses PostgreSQL or MySQL accessed via raw SQL with migrations, augmented by Kubernetes etcd storage via CRDs for active workflow state. Artifact handling covers S3, GCS, Azure Blob, Alibaba Cloud OSS, HDFS, Git, and HTTP via a plugin-extensible driver interface. OpenTelemetry provides distributed tracing with configurable exporters, and Prometheus metrics are exposed natively per workflow and per step. Development tooling uses Nix and devenv for reproducible build environments, golangci-lint for static analysis, and K3d for local Kubernetes cluster testing.

Code Quality The codebase demonstrates comprehensive testing discipline with over 280 test files covering unit, integration, and end-to-end scenarios. Unit tests use Go’s standard testing framework with testify assertions and Kubernetes fake clients for controller logic isolation; end-to-end tests in the dedicated test directory validate full workflow execution against live clusters. Error handling is explicit and structured through an internal typed errors package that maps to HTTP status codes in the API layer, avoiding silent swallowing of failures. Strong type safety derives from code-generated CRD structs, protobuf message types, and consistent use of typed parameters throughout the codebase. GitHub Actions CI enforces golangci-lint, Snyk security scanning, and OpenSSF Scorecard checks on every pull request, with build tags isolating slow integration tests from fast unit runs.

What Makes It Unique Argo Workflows occupies a genuinely distinctive position as the first and most widely adopted Kubernetes-native workflow engine to treat containers as first-class execution units rather than adapting VM-era orchestration concepts to the cloud. The executor-sidecar pattern is a concrete architectural differentiator: argoexec runs alongside each step container inside the same pod to handle artifact transport and output collection without external coordination, enabling fully offline execution once a pod is scheduled. The plugin system allows new step executor types to be registered as HTTP servers via ConfigMaps, extending the engine without forking or rebuilding core binaries. Real-time DAG visualization with live multiplexed log streaming across concurrent steps is rarely matched in open-source workflow tooling at this maturity level. The multi-language SDK ecosystem—Hera for Python with full type safety, Juno for TypeScript—enables cross-functional teams to express workflows in their native languages while sharing the same Kubernetes-native execution substrate.

Self-Hosting

Argo Workflows is released under the Apache License 2.0, one of the most permissive open-source licenses available. You are free to use it commercially, modify the source code, distribute it, and integrate it into proprietary systems without any obligation to open-source your own code. There are no copyleft restrictions, no contributor license agreements required for use, and no license keys or activation requirements. The project is governed by the CNCF under its graduated project framework, meaning it meets the foundation’s criteria for production readiness, security practices, and community governance.

Running Argo Workflows yourself requires a working Kubernetes cluster—managed options like EKS, GKE, AKS, or OpenShift work out of the box, as does any conformant self-managed cluster. You deploy the Workflow Controller and Argo Server via Helm or raw manifests, and optionally provision a PostgreSQL or MySQL database for workflow archiving and long-term history. Day-to-day operations include managing RBAC policies, configuring artifact repository credentials, tuning controller resource limits, and handling Kubernetes upgrades that may require CRD migrations. High availability requires multiple controller replicas with leader election, and the Argo Server can be horizontally scaled behind an ingress. The operational surface area is manageable for a team already running Kubernetes, but meaningful effort is needed for first-time setup and ongoing security patching.

Compared to managed offerings built on Argo—such as Codefresh, Kubeflow Pipelines on Vertex AI, or cloud-native ML platform services from major providers—self-hosting trades managed upgrades, built-in SLAs, and enterprise support contracts for full infrastructure control and zero licensing costs. The community provides support via the Argoproj Slack workspace and GitHub issues, but there is no official SLA or paid support tier directly from the Argo project. Organizations running Argo Workflows at scale typically invest in custom runbooks, cluster-level monitoring dashboards, and internal expertise to cover the gap that managed services fill automatically.

Join founders buildingwith open source

Opinionated takes, migration guides, cost-saving tips, and insights from the open source ecosystem.

Subscribe on Substack

No spam. Unsubscribe anytime.

Join 750+ subscribers
No spam. Unsubscribe anytime.

Search