Argo Tunnel in Kubernetes

To get the Argo Tunnel working in Kubernetes, we need to first install helm on the computer we run kubectl from. I use a debian based system for this, so these commands are the appropriate ones for a recent debian that has snap.

Install helm:

sudo snap install helm --classic

Configure a service account with cluster-admin role by sticking this into a rbac-config.yaml file:

apiVersion: v1
kind: ServiceAccount
    name: tiller
    namespace: kube-system
kind: ClusterRoleBinding
    name: tiller
    kind: ClusterRole
    name: cluster-admin
- kind: ServiceAccount
    name: tiller
    namespace: kube-system

Apply the configuration to the cluster:

kubectl create -f rbac-config.yaml

Initialize helm:

helm init --service-account tiller --history-max 200

Now we're ready to add the cloudflared ingress controller:

$ helm repo add cloudflare
$ helm repo update
$ helm install --name anydomain --namespace default \
    --set rbac.create=true \
    --set controller.ingressClass=argo-tunnel \
    --set controller.logLevel=6 \

Install cloudflared from here.

Then run cloudflared login and put the cert in ~/.cloudflared/

Create a secret for this domain:

kubectl create secret generic DOMAIN --from-file="$HOME/.cloudflared/cert.pem"

The rest of the Argo instructions for an Ingress definition should all work fine now.

Ben Bangert
Ben Bangert
Software Contriver

Code. Homebrew. Hike. Rollerblade.