Cluster information:
Kubernetes version:
Cloud being used: (put bare-metal if not on a public cloud)
Installation method: manual
Host OS: ubuntu 22.04
Kubernetes 1.23.12
CNI and version:
CRI and version:
So, gitlab 15.0
ingressroutetcp for https
apiVersion: v1
items:
- apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
annotations:
ingress.kubernetes.io/ssl-passthrough: "true"
name: gitlab-ingress
namespace: gitlab
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: HostSNI(`*`)
priority: 1
services:
- name: gitlab-ce
port: 443
tls:
certResolver: gitlab
passthrough: true
ingressroutetcp for SSH
- apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: gitlab-ssh
namespace: gitlab
spec:
entryPoints:
- gitlab-ssh
routes:
- kind: Rule
match: HostSNI(`*`)
priority: 2
services:
- name: gitlab-ce
port: 22
So, since the traefik was already deployed I just had to edit traefik deployment
spec:
containers:
- args:
- --global.checknewversion
- --global.sendanonymoususage
- --entrypoints.metrics.address=:9100/tcp
- --entrypoints.traefik.address=:9000/tcp
- --entrypoints.web.address=:8000/tcp
- --entrypoints.websecure.address=:8443/tcp
- --entrypoints.gitlab-ssh.address=:2222/tcp
…
…
ports:
- containerPort: 9100
name: metrics
protocol: TCP
- containerPort: 9000
name: traefik
protocol: TCP
- containerPort: 8000
name: web
protocol: TCP
- containerPort: 8443
name: websecure
protocol: TCP
- containerPort: 2222
name: gitlab-ssh
kubectl get svc -n traefik
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
traefik LoadBalancer 10.99.21.249 <LB_IP> 80:30102/TCP,443:30101/TCP,2222:32766/TCP 2y60d
I’m able to access https://gitlab.domain.XXXX
but, failed miserably to ssh to <LB_IP> port 2222
Trying to understand if I do something wrong, do I miss something ?