Use dedicated Load Balancer for jenkins port 50000

2/26/2020

I have installed jenkins from its official helm chart

I am exposing it via nginx ingress controller, which is also installed via its helm chart.

The service is exposed in a public IP that I am passing to nginx upon installation, so I am able to access it in https://11.22.33.44/jenkins

I want to also be able to access port 50000 on the master for remote jnlp connections (i.e. initiated outside the cluster).

If I understand correctly, using this value I can create a (secondary I assume) load balancer for the service of the agent (i.e. the one pertaining to port 50000.).

My question is how to restrict this secondary load balancer given that I see only one value, related to load balancer source ip ranges.

What if I have different requirements in terms of source IP ranges for

a) the jenkins ui (port 443)

b) the jenkins jnlp protocol (port 50000)

-- pkaramol
jenkins
kubernetes-helm
kubernetes-ingress

1 Answer

2/26/2020

Yes, you are correct. You can create a secondary load balancer for the service of the agent.

And to restrict secondary load balancer with separate source IP ranges you need to modify the charts a little. You can achieve it following steps bellow:

  1. Add slaveLoadBalancerSourceRanges variable (it doesn't necessarily have to be called like this) to values.yaml file and now you have two variables: slaveLoadBalancerSourceRanges and loadBalancerSourceRanges that you can set to any values you like (you can do it now).

  2. Notice these few lines in jenkins-master-svc.yaml responsible for setting loadBalancerSourceRanges:

    {{- if .Values.master.loadBalancerSourceRanges }}
      loadBalancerSourceRanges:
    {{ toYaml .Values.master.loadBalancerSourceRanges | indent 4 }}
    {{- end }}
  3. Modify previously noticed lines to use newly created variable:

    {{- if .Values.master.slaveLoadBalancerSourceRanges }}
      loadBalancerSourceRanges:
    {{ toYaml .Values.master.slaveLoadBalancerSourceRanges | indent 4 }}
    {{- end }}
  4. Paste these lines to jenkins-agent-svc.yaml (between these two highlighted lines )

  5. Deploy these changes to kubernetes.

Let me know it if was useful.

-- HelloWorld
Source: StackOverflow