How to use the "DNS01" method of "Certmanager" ?
- By default, use the "HTTP01" method
export GITLAB_HELM_NS=gitlab-test
export GITLAB_HELM_NAME=my-gitlab
helm -n $GITLAB_HELM_NS install $GITLAB_HELM_NAME gitlab/gitlab --version 7.7.0 \
--set certmanager-issuer.email=your@email.com \
--set global.time_zone=Asia/Shanghai \
--set global.hosts.externalIP=172.25.25.32 \
--set global.hosts.domain=test.helm.xuxiaowei.cn \
--timeout 600s[root@anolis-7-9 ~]# kubectl -n gitlab-test get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
cm-acme-http-solver-99w6m 1/1 Running 0 9m 192.168.210.213 anolis-7-9 <none> <none>
cm-acme-http-solver-jw2zq 1/1 Running 0 9m 192.168.210.214 anolis-7-9 <none> <none>
cm-acme-http-solver-ml28x 1/1 Running 0 9m 192.168.210.216 anolis-7-9 <none> <none>
cm-acme-http-solver-sxncb 1/1 Running 0 8m59s 192.168.210.215 anolis-7-9 <none> <none>
my-gitlab-certmanager-8457bfdc8-mn96q 1/1 Running 0 11m 192.168.210.203 anolis-7-9 <none> <none>
my-gitlab-certmanager-cainjector-74df787cf4-ffbvg 1/1 Running 0 11m 192.168.210.205 anolis-7-9 <none> <none>
my-gitlab-certmanager-webhook-7b86db4c96-hwxrv 1/1 Running 0 11m 192.168.210.202 anolis-7-9 <none> <none>
my-gitlab-gitaly-0 0/1 Pending 0 11m <none> <none> <none> <none>
my-gitlab-gitlab-exporter-55dcfcb595-stzh2 1/1 Running 0 11m 192.168.240.74 anolis-7-7 <none> <none>
my-gitlab-gitlab-runner-6fb4bf7468-8q6pl 0/1 Running 4 (43s ago) 11m 192.168.240.67 anolis-7-7 <none> <none>
my-gitlab-gitlab-shell-55fdc9cb9f-7lbrv 1/1 Running 0 10m 192.168.210.210 anolis-7-9 <none> <none>
my-gitlab-gitlab-shell-55fdc9cb9f-vjgnl 1/1 Running 0 11m 192.168.240.69 anolis-7-7 <none> <none>
my-gitlab-issuer-1-s8ftl 0/1 Completed 0 11m 192.168.210.208 anolis-7-9 <none> <none>
my-gitlab-kas-688dc97ddd-2hz5x 0/1 CrashLoopBackOff 6 (4m5s ago) 11m 192.168.240.68 anolis-7-7 <none> <none>
my-gitlab-kas-688dc97ddd-st2ng 0/1 CrashLoopBackOff 6 (2m8s ago) 10m 192.168.210.211 anolis-7-9 <none> <none>
my-gitlab-migrations-1-d8frn 1/1 Running 2 (69s ago) 11m 192.168.240.72 anolis-7-7 <none> <none>
my-gitlab-minio-66f584f746-7npd4 0/1 Pending 0 11m <none> <none> <none> <none>
my-gitlab-nginx-ingress-controller-6bdd56c45-65jsj 1/1 Running 0 11m 192.168.240.66 anolis-7-7 <none> <none>
my-gitlab-nginx-ingress-controller-6bdd56c45-hwmb2 1/1 Running 0 11m 192.168.210.204 anolis-7-9 <none> <none>
my-gitlab-postgresql-0 0/2 Pending 0 11m <none> <none> <none> <none>
my-gitlab-prometheus-server-646489c599-n96jm 0/2 Pending 0 11m <none> <none> <none> <none>
my-gitlab-redis-master-0 0/2 Pending 0 11m <none> <none> <none> <none>
my-gitlab-registry-78fc549f8d-4vh69 1/1 Running 0 11m 192.168.240.71 anolis-7-7 <none> <none>
my-gitlab-registry-78fc549f8d-7j7s9 1/1 Running 0 10m 192.168.210.212 anolis-7-9 <none> <none>
my-gitlab-sidekiq-all-in-1-v2-7f45ccbddd-rmjmf 0/1 Init:2/3 2 (47s ago) 11m 192.168.240.73 anolis-7-7 <none> <none>
my-gitlab-toolbox-795884b958-fbdkj 1/1 Running 0 11m 192.168.240.70 anolis-7-7 <none> <none>
my-gitlab-webservice-default-689f5fcbd8-g7mgr 0/2 Init:2/3 2 (22s ago) 10m 192.168.210.209 anolis-7-9 <none> <none>
my-gitlab-webservice-default-689f5fcbd8-jpg8r 0/2 Pending 0 10m <none> <none> <none> <none>
[root@anolis-7-9 ~]# kubectl -n gitlab-test logs cm-acme-http-solver-99w6m
I1222 03:41:27.936459 1 solver.go:39] "cert-manager/acmesolver: starting listener" expected_domain="registry.test.helm.xuxiaowei.cn" expected_token="ztG4YIRLaHQZrtOCpknb-OblZkGV2qlvhW-AKNTsCZ0" expected_key="ztG4YIRLaHQZrtOCpknb-OblZkGV2qlvhW-AKNTsCZ0.UUCUHtGVgEm1yQhbPObxABi8FEUrr1dUOa26catlEjk" listen_port=8089
[root@anolis-7-9 ~]#