I install self-hosted gitlab on GKE with helm.
- helm chart version : 4.7.1
- terraform: v12.24
I want to use nginx-ingress for setting firewall, which is mentioned in this page.
And my setting in values.yaml is as below.
nginx-ingress: controller: service: loadBalancerSourceRanges:[LIST, OF, ALLOW,IP]
and also, I want to use cert-manager.
ingress: annotations: kubernetes.io/ingress.allow-http: "false" configureCertmanager: true enabled: true tls: enabled: true
In this case, issuing certificate with cert-manager failed.
Waiting for http-01 challenge propagation: failed to perform self check GET request 'http://gitlab.xxx.xxx.xxx.xip.io/.well-known/acme-challenge/wW_aQvj0uAxl03IOeKlrVCXJtugAM-Mtgi2cvk4_5lU
If I changed loadBalancerSourceRanges to [0.0.0.0/0], certificate issued successfully so I figured out it’s because of firewall rule. But I cannot find what IP address must be allowed in nginx-ingress.
Or, instead of adding some IP addresses for cert, should I change another configuration ?
If someone knows the way to issue certificate with cert-manager in GKE which has nginx-ingress and loadBalancerSourceRange , please help me.