I have installed jenkins
from its official helm chart
I am exposing it via nginx
ingress controller, which is also installed via its helm chart.
The service is exposed in a public IP that I am passing to nginx
upon installation, so I am able to access it in https://11.22.33.44/jenkins
I want to also be able to access port 50000
on the master for remote jnlp
connections (i.e. initiated outside the cluster).
If I understand correctly, using this value I can create a (secondary I assume) load balancer for the service of the agent (i.e. the one pertaining to port 50000
.).
My question is how to restrict this secondary load balancer given that I see only one value, related to load balancer source ip ranges.
What if I have different requirements in terms of source IP ranges for
a) the jenkins
ui (port 443
)
b) the jenkins
jnlp protocol (port 50000
)
Yes, you are correct. You can create a secondary load balancer for the service of the agent.
And to restrict secondary load balancer with separate source IP ranges you need to modify the charts a little. You can achieve it following steps bellow:
Add slaveLoadBalancerSourceRanges
variable (it doesn't necessarily have to be called like this) to values.yaml
file and now you have two variables: slaveLoadBalancerSourceRanges
and loadBalancerSourceRanges
that you can set to any values you like (you can do it now).
Notice these few lines in jenkins-master-svc.yaml responsible for setting loadBalancerSourceRanges
:
{{- if .Values.master.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.master.loadBalancerSourceRanges | indent 4 }}
{{- end }}
Modify previously noticed lines to use newly created variable:
{{- if .Values.master.slaveLoadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.master.slaveLoadBalancerSourceRanges | indent 4 }}
{{- end }}
Paste these lines to jenkins-agent-svc.yaml (between these two highlighted lines )
Deploy these changes to kubernetes.
Let me know it if was useful.