diff --git a/kubernetes/argocd/ingress.yaml b/kubernetes/argocd/ingress.yaml index 10b4ff3..616441f 100644 --- a/kubernetes/argocd/ingress.yaml +++ b/kubernetes/argocd/ingress.yaml @@ -1,4 +1,25 @@ -# https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.7/guide/ingress/annotations/ +## https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#aws-application-load-balancers-albs-and-classic-elb-http-mode +## https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.7/guide/ingress/annotations/ +apiVersion: v1 +kind: Service +metadata: + annotations: + alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + labels: + app: argogrpc + name: argogrpc + namespace: argocd +spec: + ports: + - name: "443" + port: 443 + protocol: TCP + targetPort: 8080 + selector: + app.kubernetes.io/name: argocd-server + sessionAffinity: None + type: NodePort +--- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -10,15 +31,29 @@ metadata: alb.ingress.kubernetes.io/group.name: ingress alb.ingress.kubernetes.io/healthcheck-protocol: HTTPS alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:322620855520:certificate/83e1e2db-0fb4-48bf-8509-874896afc07d + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/conditions.argogrpc: [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] spec: - ingressClassName: alb - rules: - - http: + rules: + - host: argocd.argoproj.io + http: paths: - - path: /argocd - pathType: Exact - backend: - service: - name: argocd-server - port: - name: https + - path: / + backend: + service: + name: argogrpc + port: + number: 443 + pathType: Prefix + - path: / + backend: + service: + name: argocd-server + port: + number: 443 + pathType: Prefix + tls: + - hosts: + - argocd.argoproj.io +