Rundeck on kubernetes can't do https

12/15/2019

It seems my rundeck can't do https. I'm doing a ssl offload at a loadbalancer. The following is a snippet of my deployment yml

 containers:
    - name: rundeck
      image:rundeck/rundeck:3.1.1
      env:
        - name: RUNDECK_GRAILS_URL
          value: "https://rundeck.somehost.io"
        - name: SERVER_SECURED_URL
          value: "https://rundeck.somehost.io"
        - name: RUNDECK_JVM_SETTINGS
          value: "-Dserver.web.context=/rundeck -Drundeck.jetty.connector.forwarded=true"

I've follow most tips form the net but my rundeck still looking for http after login

-- Jeffry
kubernetes
rundeck

2 Answers

12/16/2019

You need to define -Drundeck.ssl.config parameter and SSL port (-Dserver.https.port=4443) too in your Rundeck section (the example has HAproxy and MySQL as part of the container but you can use the Rundeck section).

This parameter point to a file with this content (with your paths and certificate, you've full SSL configuration explanation here)

keystore=/etc/rundeck/ssl/keystore
keystore.password=password
key.password=password
truststore=/etc/rundeck/ssl/truststore
truststore.password=password

You can check the entire example project here.

Alternatively, you can use this image maybe easiest to configure (check the "SSL" parameters).

-- MegaDrive68k
Source: StackOverflow

12/16/2019

You need to enable the ssl settings, for example:

    args: ["-Dserver.https.port=4443 -Drundeck.ssl.config=/home/rundeck/server/config/ssl.properties"]

But you will need to add a certificate (for example a self-certificate) to the container.

You can try:

1) extend the Rundeck official image (like this )

2) create a volume with the certificate and mount it on /home/rundeck/etc/truststore (also you might need to mount the /home/rundeck/server/config/ssl.properties with the right password ). BTW, I haven't tried that

-- Luis Toledo
Source: StackOverflow