just delegate a domain to the Azure’s cloud, map a wildcard DNS to the Kubernetes loadbalancer entry point… and (crucial, I just mention the painful part) do create your own cert-signing thing for let’s encrypt like this:
(the class: addon-http-application-routing is the REALLY important bit, else you don’t get the fancy loadbalancing/Ingress resource integration from Azure )
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
# Secret resource that will be used to store the account's private key.
# Add a single challenge solver, HTTP01 using nginx
and finally bring up the cluster of GitLab specifying 3 separate tls secrets, otherwise GitLab will assume you do have a wildcard certificate and the http01 validation of Let’sEncrypt will fail… (u need otherwise to use dns01 validation)
ah… don’t try to use ArgoCD for this,
it is buggy -> gitlab/-/issues/2039
therefore… reiterate with:
$ helm upgrade gitlab gitlab/gitlab -n gitlab -f gitlab_values.yaml –render-subchart-notes –reset-values
UPDATE: u want git+ssh access to pull/push from ur repo, right?
well, then you need to add the following snipped in your values.yaml
and again, accordingly, create in your dns zone a CNAME (ANAME) towards the newly created LoadBalancer IP that AKS has created you…
yes, of course you could have created a complete set of ingress-controllers, but we are not running a service that yet needs to be scaled to a broad audience