No https URL generated on AKS?

WIthin Azure AKS:

Followed the instruction in portal in azure com to create A record for * and A record for buildkit mapping to the given IP addresses from helm upgrade okteto okteto/okteto -f config.yml --namespace=okteto

okteto up and once in shell, to start server in dev environment in

/usr/local/bin/gunicorn config.asgi --bind --chdir=/app -k uvicorn.workers.UvicornWorker --timeout 600

This works fine as we get in browser, but there is Forbidden 403 but that is another story?

But not sure why in deployed mode, don’t get endpoint as indicated by the helm command:

helm upgrade okteto okteto/okteto -f config.yml --namespace=okteto

Expect to see https URL, although in Lens i see a few endpoints but none pointing to my Django app?

okteto deploy --build --wait -l=error


name: my-paf
namespace: okteto

    context: .
    dockerfile: compose/production/django/Dockerfile


    file: production.yml
      - django
      - mongo

    # image: okteto/python:3

    command: bash
    # command: python runserver

    workdir: /app
      runAsUser: 101
      - .:/app
      - 3000:3000
      - 8000:8000
      - 9000:9000
      - /root/.cache/pip


license: # optional
subdomain: ""

  endpoint: "//"

    enabled: true
    clientId: 5XXXXXXXXXX # OAauth Consumer Key
    clientSecret: XXXXXXXXXXXXXXXXXXXXXX # OAauth Consumer Secret
    workspace: myprojects

      enabled: true
        container: "my-okteto-container" # "okteto-container"
        accountName: "my-paf" # "okteto-storage-account"

    enabled: true
    type: LoadBalancer


version: "3.8"

  django: # &django
      context: .
      dockerfile: ./compose/production/django/Dockerfile

    container_name: my_paf_production_django

      - mongo
      - ./.envs/.production/.django
      - ./.envs/.production/.mongodb

      - "8080:8080"
      - "8000:8000"
      - "3000:3000"

      - COOKIE_SECURE=true
      - DEBUG= false 
      # - DEBUG = os.environ.get('DJANGO_DEBUG', '') != 'False'

    command: /start
    # command: bash -c "/usr/local/bin/gunicorn config.asgi --bind --chdir=/app -k uvicorn.workers.UvicornWorker --timeout 600"
    stdin_open: true
    tty: true

    image: #
    container_name: "mongo"
    restart: always
      - ./.envs/.production/.mongodb

      - production_mongodb_data:/data/db
      - 27017:27017 # mongodb
      - 9216:9216 # mongodb-exporter


Self-hosting in AKS, but no endpoint given?

helm upgrade okteto okteto/okteto -f config.yml --namespace=okteto

Once you create both DNS entries you can access your Okteto instance at this URL:

Based on your question, I think you are mixing two concepts.

The helm upgrade okteto okteto/okteto -f config.yml --namespace=okteto command is used to install and configure your Okteto Self-Hosted instance. You don’t need to run this command every time you deploy a new development environment. You only need to run this command when you want to make changes to your Okteto Self-Hosted instance (e.g., upgrade to a new version). You and your entire team can deploy as many development environments into your Okteto Self-Hosted instance as you need. Okteto Self-Hosted will handle account creation, access control, and namespace creation.

When you install Okteto Self-Hosted, the “okteto” namespace is used exclusively for Okteto’s services. Services deployed on that namespace won’t have an automatic HTTPS endpoints. You should deploy your development environment on a namespace managed by Okteto. By default, Okteto Self-Hosted will create a namespace for you when you first log in.

okteto deploy... and okteto up... are the commands that you use to deploy your development environment and interact with it. To deploy your development environment on your Okteto Self-Hosted instance, do the following:

  1. Log in to your instance okteto context use With this, all the okteto commands that you run will use the namespace that Okteto Self-Hosted created for you.
  2. Remove the hardcoded namespace on your okteto.yml file.
  3. Deploy okteto deploy --build --wait -l=error.

Once your development environment is deployed, you can see the available endpoints using the okteto CLI, or by opening your browser and accessing your Okteto Self-Hosted instance (eg. The endpoints will use the same domain your Okteto Self-Hosted instance uses.

@ramiro I should not use namespace okteto but instead

kubectl create ns okteto-dev

for example?

  1. okteto context use
  2. Remove hardcoded namespace so okteto.yml: delete line 2 namepsace: okteto?

No, you should use the instructions we provided above. If you want to create more namespaces, you can do it the website that Okteto Self-Hosted provides or by using the command okteto namespace create name.

Are you saying we should or should not use namespace okteto but use any other namespace such as okteto-dev, etc?

kubectl create namespace okteto-dev? or
okteto create namespace okteto-dev

Should be the same?

Doc says

kubectl create namespace okteto, didn’t say
okteto create namespace okteto

“Remove the hardcoded namespace from your production.yml” but there is no namespace in production.yml defined, only in okteto.yml, if that’s what you mean

Okteto Self-Hosted is a platform that will manage Kubernetes namespaces for you, among many other things.

For your question, you don’t need to create a namespace, Okteto automatically creates one for you when you log in to your Okteto Self-Hosted instance. You need to:

  1. Log in to your instance okteto context use (you only need to do this the first time, okteto will remember your log in).
  2. Remove the hardcoded namespace from okteto.yml file.
  3. Deploy okteto deploy --build --wait -l=error.

The okteto deploy command will automatically deploy your development environment on the namespace that Okteto created for you.

sorry default namespace already created? But we don’t see that in our AKS cluster? The AKS cluster has namespaces:


that’s all

okteto login?

But okteto login to where if not using okteto cloud?

okteto namespace create test-ns
x This command is only available on Okteto Cloud or Okteto Enterprise

when you say the above, you are referring the which cluster it is currently pointed to correct? as would only be an eventual endpoint that would be later created.

So within the context of self-hosting, in this case Azure AKS, basically we need helm install into this reserved okteto namespace:

helm install okteto okteto/okteto -f config.yml --namespace=okteto

But separately we need to create our our namepace okteto-dev

kubectl create namespace okteto-dev

in our working namespace to deploy app

Is that the correct assumption to generate the https endpoint?

No. What I’m saying there is that you need to run this command: okteto context use, replacing with the address of your Okteto Self-Hosted instance.

When you install Okteto Self-Hosted, you are installing a web application, a webhook, and a few other components inside the okteto namespace in your Kubernetes cluster (our docs have the entire list if you are interested).

The web application and the APIs are available at https://okteto.$SUBDOMAIN (where subdomain is the value you provided to the subdomain key in the values.yaml file that you used when installing Okteto Self-Hosted). You can access the web application directly from your browser or with the Okteto CLI.

We recommend you first log in to your Okteto Self-Hosted instance with your browser to ensure everything works correctly.

To deploy your development environment, you first need to connect the okteto CLI in your computer with the Okteto Self-Hosted instance you deployed in your Kubernetes cluster. To do this, you need to run: okteto context use https://okteto.$SUBDOMAIN.

After that command has been run successfully, Okteto will create a namespace for you in your Kubernetes cluster. Every okteto command you run will use that namespace by default.

To deploy your development environment, run okteto deploy. You do not need to run any kubectl command when using the okteto CLI to develop.

okteto ctx
A context defines the default cluster/namespace for any Okteto CLI command.
Select the context you want to use:
Use the arrow keys to navigate: ↓ ↑ → ← (Okteto Cloud)
▸ ArthurPafStagingCluster *

Create new context

so this selects the context? How can there be at this stage if the endpoint has not been created yet?

But here it is using

kubectl create ns and
kubectl config view --minify | grep server

Select the Create new context option, and type the URL address of your Okteto Self-Hosted (the same URL that you use to browse the Okteto Self-Hosted web application).

When you run okteto context use you are connecting to your Okteto Self-Hosted instance, not to your application.

The link you refer to is to install Okteto Self-Hosted. You need to use kubectl when you are installing Okteto Self-Hosted.

You do not need to run any kubectl command when using the okteto CLI to deploy your development environment. You just need to run okteto deploy.

But if selecting Create new context then the ArthurPafStagingCluster cluster is not going to be used?

By following the instructions we provided you’ll be able to deploy your development environment inside the cluster where you installed Okteto Self-Hosted.

okteto context prompts to ask which context (cluster) so I enter Create new context with what https?

ok context
✓ Context ‘Create new context’ selected
? Enter your Okteto URL []:

I am slightly confused because we are providing an endpoint which does not exist at this time yet? On the contrary I thought it would be selecting one of the existing AKS clusters? But you are pointing out the create a new context, then how is it going to deploy onto AKS cluster that was created?

Could you clarify this? Because you are saying replacing with https address of your self-hosted instance but as far as I understood, it is not created yet?

and a blank page:

Screenshot 2022-11-23 at 22.48.33

What happens when you follow the instructions displayed on the terminal?

as I said, a blank page