Log on to the GitOps system - Container Service for Kubernetes

This topic describes how to log on to the GitOps system.

Prerequisites

The kubeconfig file of a master instance is obtained by the administrator from the Distributed Cloud Container Platform for Kubernetes (ACK One) console and a kubectl client is connected to the master instance.
GitOps is enabled for the master instance. For more information, see Enable GitOps for a master instance of ACK One.

Introduction to the domain name of the GitOps Argo CD server

By default, ACK One GitOps creates a Server Load Balancer (SLB) instance to expose the Argo CD server and generates a domain name that is resolved to the internal IP address of the SLB instance for the Argo CD server. The domain name of the Argo CD server is in the following format: https://argocd.<ackone cluster id>.<region>.alicontainer.com. <ackone cluster id> is the ID of the master instance and <region> is the region where the master instance resides.

Note

To ensure data security, the SLB instance is used to expose only private IP addresses.

Use the Argo CD CLI to log on to Argo CD

Use an Alibaba Cloud RAM user

Run the following command to use a Resource Access Management (RAM) user to access the domain name of the Argo CD server:

argocd login argocd.<cluster id>.<region>.alicontainer.com --sso --insecure
Opening browser for authentication
Performing authorization_code flow login: https://signin.aliyun.com/oauth2/v1/auth?access_type=...
Authentication successful
'root' logged in successfully
Context 'argocd.<cluster id>.<region>.alicontainer.com' updated

Use a GitOps local user

Access the domain name of the Argo CD server

Run the following command to use a GitOps local user to access the domain name of the Argo CD server:

argocd login argocd.<ackone cluster id>.<region>.alicontainer.com
Username: localuser1
Password:
'localuser1:login' logged in successfully
Context 'argocd.<ackone cluster id>.<region>.alicontainer.com' updated

Run the kubectl port-forward command

Run the following command to use a GitOps local user to log on to Argo CD through port forwarding:

export ARGOCD_OPTS='--port-forward-namespace argocd --port-forward'

argocd login
Username: localuser1
Password:
'localuser1:login' logged in successfully
Context 'port-forward' updated

Use the Argo CD UI to log on to Argo CD

Use an Alibaba Cloud RAM user

Enter the domain name of the Argo CD server in the address bar of a browser to access the Argo CD UI.
The domain name of the Argo CD server is in the following format: https://argocd.<ackone cluster id>.<region>.alicontainer.com. <ackone cluster id> is the ID of the master instance and <region> is the region where the master instance resides.
On the logon page, click LOG IN VIA ALIYUN to log on by using single sign-on (SSO).
If you use a RAM user, you can use SSO to log on to Argo CD without entering a username and password.

Use a GitOps local user

Access the domain name of the Argo CD server

Enter the domain name of the Argo CD server in the address bar of a browser to access the Argo CD UI.
The domain name of the Argo CD server is in the following format: https://argocd.<ackone cluster id>.<region>.alicontainer.com. <ackone cluster id> is the ID of the master instance and <region> is the region where the master instance resides.
On the logon page, enter the username and password of the local user, and then click SIGN IN.

Run the kubectl port-forward command

Run the following command to use the kubeconfig file of the master instance to log on to Argo CD through port forwarding:
```
kubectl port-forward -n argocd service/argocd-server 8080:https
```
Enter https://127.0.0.1:8080 in the address bar of a browser to access the Argo CD UI.
On the logon page, enter the username and password of the local user, and then click SIGN IN.