Add Contour TLS guide to docs

docs/gitbook/usage/contour-progressive-delivery.md

@@ -16,16 +16,6 @@ kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
 
 The above command will deploy Contour and an Envoy daemonset in the `projectcontour` namespace.
 
-Find the external address of Contour's Envoy load balancer:
-
-```bash
-export ADDRESS="$(kubectl -n projectcontour get svc/envoy -ojson \
-| jq -r ".status.loadBalancer.ingress[].hostname")"
-echo $ADDRESS
-```
-
-Configure your DNS server with a CNAME record (AWS) or A record (GKE) and point a domain e.g. `app.example.com` to the LB address.
-
 Install Flagger using Kustomize (kubectl 1.14) in the `projectcontour` namespace:
 
 ```bash
@@ -174,6 +164,16 @@ to the primary pods. During the canary analysis, the `podinfo-canary.test` addre
 
 ### Expose the app outside the cluster
 
+Find the external address of Contour's Envoy load balancer:
+
+```bash
+export ADDRESS="$(kubectl -n projectcontour get svc/envoy -ojson \
+| jq -r ".status.loadBalancer.ingress[].hostname")"
+echo $ADDRESS
+```
+
+Configure your DNS server with a CNAME record (AWS) or A record (GKE/AKS/DOKS) and point a domain e.g. `app.example.com` to the LB address.
+
 Create a HTTPProxy definition and include the podinfo proxy generated by Flagger (replace `app.example.com` with your own domain):
 
 ```yaml
@@ -211,7 +211,7 @@ podinfo-ingress   app.example.com     valid
 Now you can access podinfo UI using your domain address.
 
 Note that you should be using HTTPS when exposing production workloads on internet.
-You can obtain free TLS certs from Let's Encrypt, read this [guide](https://github.com/stefanprodan/eks-envoy-ingress)
+You can obtain free TLS certs from Let's Encrypt, read this [guide](https://github.com/stefanprodan/eks-contour-ingress)
 on how to configure cert-manager to secure Contour with TLS certificates.
 
 ### Automated canary promotion