Enable public access to GitOps to access and manage applications through the ArgoCD UI from outside your fleet's private network.
Prerequisites
Before you begin, ensure that you have:
Fleet management enabled
Two clusters associated with the fleet instance: a service provider cluster and a service consumer cluster. See Associate clusters with a fleet instance.
The kubeconfig file of the fleet instance, with kubectl connected to the fleet instance. Get the kubeconfig from the ACK One console.
Cloud Assistant CLI 3.0.172 or later installed with credentials configured (required for the CLI method)
Enable public access in the console
Log on to the ACK One console. In the left-side navigation pane, choose Fleet > Multi-cluster Applications.
On the Multi-cluster GitOps page, click the
icon next to the fleet name in the upper-left corner and select the destination fleet from the drop-down list.GitOps is enabled by default for a new fleet. If GitOps is not yet enabled for your fleet, click Enable GitOps, then click OK in the dialog box. If GitOps is already enabled, the GitOps Console button appears on the page.
Click Enable next to Public Access. In the Enable Public Access dialog box, enter the IP addresses or CIDR blocks to add to the whitelist, then click OK.
After the fleet updates, click GitOps Console in the upper-right corner to access the ArgoCD UI over the Internet.
Enable public access using the CLI
This method requires Cloud Assistant CLI 3.0.172 or later with credentials configured.
Step 1: Get the cluster ID
Run the following command and record the cluster ID from the output:
aliyun adcp DescribeHubClustersStep 2: Enable public access and configure access control
Restrict public access to specific CIDR blocks. Granting access to all public IP addresses exposes the ArgoCD UI to unauthorized users.
Run the following command to get your computer's public IP address:
curl ifconfig.meThen run the following command to enable public access. Replace regionId with your region ID, **** with your cluster ID, and 10.100.XX.XX/24 with your CIDR block:
aliyun adcp UpdateHubClusterFeature --RegionId regionId --ClusterId **** --PublicAccessEnabled true --AccessControlList "[\"10.100.XX.XX/24\"]" --ArgoCDEnabled trueAccess the GitOps console
After enabling public access to ArgoCD, click GitOps Console on the Multi-cluster GitOps page to access GitOps.