Skip to content

Commit df3729b

Browse files
niallthomsonniallthomson
committed
Ensure NAT gateway is allowed as ingress
1 parent 2c03419 commit df3729b

3 files changed

Lines changed: 13 additions & 3 deletions

File tree

lab/scripts/setup.sh

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,14 @@ echo "export RESOURCES_PRECREATED='${RESOURCES_PRECREATED}'" > ~/.bashrc.d/infra
5858

5959
echo "export ANALYTICS_ENDPOINT='${ANALYTICS_ENDPOINT}'" > ~/.bashrc.d/analytics.bash
6060

61+
NAT_GW_IP=$(aws ec2 describe-nat-gateways \
62+
--filter "Name=tag:created-by,Values=eks-workshop-v2" "Name=tag:env,Values=${EKS_CLUSTER_NAME}" \
63+
--query "NatGateways[0].NatGatewayAddresses[0].PublicIp" --output text)
64+
65+
if [ "$NAT_GW_IP" != "None" ] && [ ! -z "$NAT_GW_IP" ]; then
66+
INBOUND_CIDRS="${INBOUND_CIDRS:+${INBOUND_CIDRS},}${NAT_GW_IP}/32"
67+
fi
68+
6169
echo "export INBOUND_CIDRS='${INBOUND_CIDRS}'" > ~/.bashrc.d/inbound-cidr.bash
6270

6371
/usr/local/bin/kubectl completion bash > ~/.bashrc.d/kubectl_completion.bash

website/docs/automation/gitops/argocd/access_argocd.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,10 +8,11 @@ Let's begin by installing Argo CD in our cluster:
88

99
```bash
1010
$ helm repo add argo-cd https://argoproj.github.io/argo-helm
11+
$ ESCAPED_CIDRS="${INBOUND_CIDRS//,/\\,}"
1112
$ helm upgrade --install argocd argo-cd/argo-cd --version "${ARGOCD_CHART_VERSION}" \
1213
--namespace "argocd" --create-namespace \
1314
--values ~/environment/eks-workshop/modules/automation/gitops/argocd/values.yaml \
14-
--set "server.service.annotations.service\\.beta\\.kubernetes\\.io/load-balancer-source-ranges"="$INBOUND_CIDRS" \
15+
--set "server.service.annotations.service\\.beta\\.kubernetes\\.io/load-balancer-source-ranges=$ESCAPED_CIDRS" \
1516
--wait
1617
NAME: argocd
1718
LAST DEPLOYED: [...]

website/docs/automation/gitops/argocd/gitea.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,12 +8,13 @@ We'll be using [Gitea](https://gitea.com) as a quick and easy alternative to Git
88
Let's install Gitea in our EKS cluster with Helm:
99

1010
```bash
11+
$ ESCAPED_CIDRS="${INBOUND_CIDRS//,/\\,}"
1112
$ helm upgrade --install gitea oci://docker.gitea.com/charts/gitea \
1213
--version "$GITEA_CHART_VERSION" \
1314
--namespace gitea --create-namespace \
1415
--values ~/environment/eks-workshop/modules/automation/gitops/argocd/gitea/values.yaml \
15-
--set "service.http.annotations.service\\.beta\\.kubernetes\\.io/load-balancer-source-ranges"="$INBOUND_CIDRS" \
16-
--set "service.ssh.annotations.service\\.beta\\.kubernetes\\.io/load-balancer-source-ranges"="$INBOUND_CIDRS" \
16+
--set "service.http.annotations.service\\.beta\\.kubernetes\\.io/load-balancer-source-ranges=$ESCAPED_CIDRS" \
17+
--set "service.ssh.annotations.service\\.beta\\.kubernetes\\.io/load-balancer-source-ranges=$ESCAPED_CIDRS" \
1718
--set "gitea.admin.password=${GITEA_PASSWORD}" \
1819
--wait
1920
```

0 commit comments

Comments
 (0)