All Products
Search
Document Center

Container Service for Kubernetes:Enable public access to Argo CD

最終更新日:Aug 26, 2024

To use Argo CD to submit or access applications in an associated cluster of Distributed Cloud Container Platform for Kubernetes (ACK One), you need to enable public access to Argo CD. This topic describes how to enable public access to Argo CD on a Fleet instance.

Prerequisites

Enable public access to Argo CD

Use the console

  1. Log on to the ACK One console. In the left-side navigation pane, choose Fleet > Multi-cluster Applications.

  2. On the Multi-cluster Applications page, click Access Control.

  3. In the dialog box that appears, turn on Enable Access Control and enter the public IP address or CIDR block of the user agent into the Access Control field.

    Note
    • The public IP address or CIDR block of the user agent can access Argo CD over the Internet only after you add it to the access control list.

    • You can run the curl ifconfig.me command to query the public IP address of the user agent or contact the network administrator to obtain the public IP address.

    • Separate multiple IP addresses or CIDR blocks with carriage returns. You can add up to 50 IP addresses or CIDR blocks.

  4. Click OK.

Use the CLI

  1. Run the following command to query the basic information about the cluster and record the cluster ID.

    aliyun adcp DescribeHubClusters
  2. Run the following command to query the public IP address of the user agent.

    For security purposes, you need to allow only the specified public CIDR block to access Argo CD over the Internet.

    You can run the following command to query the public IP address of the user agent or contact the network administrator to obtain the public IP address.

    curl ifconfig.me
  3. Run the following command to enable public access to Argo CD and configure access control.

    For example, if the public CIDR block of the user agent is 10.100.XX.XX/24, run the following command to allow the CIDR block to access the Argo CD UI over the Internet.

    aliyun adcp UpdateHubClusterFeature --RegionId regionId --ClusterId **** --PublicAccessEnabled true --AccessControlList "[\"10.100.XX.XX/24\"]" --ArgoCDEnabled true 

Access Argo CD

After public access to Argo CD is enabled, you can click GitOps Console on the Multi-cluster Applications page to quickly access Argo CD.