K
Q

Access ArgoCD server

4/26/2021

I am following the Installation Instructions from https://argoproj.github.io/argo-cd/getting_started/#3-access-the-argo-cd-api-server and even though the service type has been changes to LoadBalancer I cannot manage to login.

The information I have is:

$ oc describe svc argocd-server
Name:                     argocd-server
Namespace:                argocd
Labels:                   app.kubernetes.io/component=server
                          app.kubernetes.io/name=argocd-server
                          app.kubernetes.io/part-of=argocd
Annotations:              <none>
Selector:                 app.kubernetes.io/name=argocd-server
Type:                     LoadBalancer
IP:                       172.30.70.178
LoadBalancer Ingress:     a553569222264478ab2xx1f60d88848a-642416295.eu-west-1.elb.amazonaws.com
Port:                     http  80/TCP
TargetPort:               8080/TCP
NodePort:                 http  30942/TCP
Endpoints:                10.128.3.91:8080
Port:                     https  443/TCP
TargetPort:               8080/TCP
NodePort:                 https  30734/TCP
Endpoints:                10.128.3.91:8080
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

If I do:

$ oc login https://a553569222264478ab2xx1f60d88848a-642416295.eu-west-1.elb.amazonaws.com
The server is using a certificate that does not match its hostname: x509: certificate is valid for localhost, argocd-server, argocd-server.argocd, argocd-server.argocd.svc, argocd-server.argocd.svc.cluster.local, not a553569222264478ab2xx1f60d88848a-642416295.eu-west-1.elb.amazonaws.com
You can bypass the certificate check, but any data you send to the server could be intercepted by others.
Use insecure connections? (y/n): y

error: Seems you passed an HTML page (console?) instead of server URL.
Verify provided address and try again.
-- Hector Esteban
argocd
kubernetes

Similar Questions

kubernetes with ceph rbd
Kubernetes Ingress Nginx loading resources 404
Kubernetes cluster autoscaler does not seem to work on GKE?
Kubernetes: Multiple containers that have to communicate + exposed nodePort
istio retry fails to work or I don't understand it?

4 Answers

4/26/2021

By default, argocd server run with self signed tls enabled. Your are trying to access the argocd server with different url with tls enabled. The API server should be run with TLS disabled. Edit the argocd-server deployment to add the --insecure flag to the argocd-server command.

      containers:
      - command:
        - argocd-server
        - --staticassets
        - /shared/app
        - --insecure
-- Taybur Rahaman
Source: StackOverflow
10/18/2021

I was able to login argocd-server by using below command

argocd login --insecure --grpc-web test-server.companydomain.com --grpc-web-root-path /argocd

Username: admin

Password:

'admin:login' logged in successfully

I am using traefik as ingress controller. My server can be accessed on browser https://test-server.companydomain.com/argocd

-- Utsav Garg
Source: StackOverflow
2/16/2022

If you wish to expose an ArgoCD server via ingress, you can disable the TLS by patching the argocd-server deployment:

no-tls.yaml

spec:
  template:
    spec:
      containers:
      - name: argocd-server
        command: 
          - argocd-server
          - --insecure

kubectl patch deployment -n argocd argocd-server --patch-file no-tls.yaml
-- red
Source: StackOverflow
7/1/2021

I managed to successfully login argocd-server by the following

kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'

argoPass=$(kubectl -n argocd get secret argocd-initial-admin-secret \
    -o jsonpath="{.data.password}" | base64 -d)

argocd login --insecure --grpc-web k3s_master:32761 --username admin \
    --password $argoPass
-- j3ffyang
Source: StackOverflow