I have a working Microk8s cluster. After enabling the argocd community addon, the recommended ingress for argocd sever doesn't seem to be working.
Here's a note I got after enabling the addon:
Infer repository community for addon argocd
Infer repository core for addon helm3
Addon core/helm3 is already enabled
Installing ArgoCD (Helm v4.6.3)
"argo" already exists with the same configuration, skipping
Release "argo-cd" does not exist. Installing it now.
NAME: argo-cd
LAST DEPLOYED: Thu Oct 20 17:34:33 2022
NAMESPACE: argocd
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
In order to access the server UI you have the following options:
kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443
and then open the browser on http://localhost:8080 and accept the certificate
enable ingress in the values file server.ingress.enabled and either
- Add the annotation for ssl passthrough: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough
- Add the
--insecure flag to server.extraArgs in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts
After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running:
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
(You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://github.com/argoproj/argo-cd/blob/master/docs/getting_started.md#4-login-using-the-cli)
ArgoCD is installed
Additionally, here's the Ingress that I defined:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-server-ingress
namespace: argocd
annotations:
cert-manager.io/cluster-issuer: lets-encrypt
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
# If you encounter a redirect loop or are getting a 307 response code
# then you need to force the nginx ingress to connect to the backend using HTTPS.
#
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
rules:
- host: argocd.DOMAIN.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: argo-cd-argocd-server
port:
name: https
tls:
- hosts:
- argocd.DOMAIN.com
secretName: argocd-secret # do not change, this is provided by Argo CD
When I visit the host address, I get this:
From firefox, here's the certificate being issued.
From the notes I got after enabling this addon, how do I do this part enable ingress in the values file server.ingress.enabled this or get my ingress to correctly work?
UPDATE:
Here's what the ingress description looks like:
