Configuration
On GCP we default to using GCR as the container registry (using gcr.io
).
Please set your provider to gke
via this in your jx-requirements.yml
to indicate you are using GCP:
clusterConfig:
provider: gke
We also recommend using Jenkins X Pipelines as this works out of the box with kaniko for creating container images without needing a docker daemon and works well with GCR.
Configuring DNS and TLS
For a secure Jenkins X installation, you must enable TLS when interacting with the vault service.
To configure TLS, you must first configure Zone DNS settings within Google Cloud Platform, and then configure external DNS settings for Ingress and TLS in the jx-requirements.yml
configuration file.
Configuring Google Cloud DNS
You should have a domain name registered with a name registrar, for example www.acmecorp.example
before configuring DNS Zone settings.
For more information, refer to Creating a managed public zone from the Google documentation.
-
Navigate via browser to the Project Selector page. and choose your Google Cloud Platform project.
-
-
Choose Public as your Zone Type.
-
Type a Zone Name for your zone.
-
Input a DNS suffix in DNS name, for example
acmecorp.example
. -
Choose your DNSSEC or DNS Security state, which should be set to
Off
for this configuration.
-
-
(Optional) Input a Description for your DNS zone.
-
Click
Create
.
Once created, the Zone Details page loads.
NS (Name server) and SOA (Start of authority) records are automatically created for your domain (for example acmecorp.example
)
Configuring External DNS in Jenkins X
Once you have configured Google Cloud DNS, you can use browse the Zones page in your Google Cloud Platform project to setup your external domain.
To setup External DNS:
-
Choose a unique DNS name; you can use nested domains (for example,
cluster1.acmecorp.example
). Enter the name in theDNS Name
field -
Run the
jx create domain
command against your domain name, for example:jx create domain gke --domain cluster1.acmecorp.example
You will be prompted for information as needed during the setup:
-
Choose your Google Cloud Platform project from the available list.
-
Update your existing managed servers to use the displayed list of Cloud DNS nameservers. Copy the list for use in the next steps.
-
Next up is configuring GCP:
-
From the Google Cloud Platform Zones page, change the Resource Record Type to
NS
) and use the default values for your domain for for TTL (5
) and TTL Unit (minutes
). -
Add the first nameserver to the Name server field
-
Click
Add item
and add any subsequent nameservers. -
Click
Create
.
Finally, configure Jenkins X for the new domain names:
-
Edit the
jx-requirements.yml
file and update thedomain
field (iningress
) to your domain name, for examplecluster1.acmecorp.example
-
In the tls setting, enable TLS with
enabled: true
The resulting
jx-requirements.yml
entries for these settings should look similar to the example below:gitops: true ingress: domain: cluster1.acmecorp.example externalDNS: true namespaceSubDomain: -jx. tls: email: certifiable@acmecorp.example enabled: true production: true secretStorage: vault
jx boot
for the changes to take effect in your environment.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.