On GCP we default to using GCR as the container registry (using
Please set your provider to
gke via this in your
jx-requirements.yml to indicate you are using GCP:
clusterConfig: provider: gke
We also recommend using Jenkins X Pipelines as this works out of the box with kaniko for creating container images without needing a docker daemon and works well with GCR.
Configuring DNS and TLS
For a secure Jenkins X installation, you must enable TLS when interacting with the vault service.
To configure TLS, you must first configure Zone DNS settings within Google Cloud Platform, and then configure external DNS settings for Ingress and TLS in the
jx-requirements.yml configuration file.
Configuring Google Cloud DNS
You should have a domain name registered with a name registrar, for example
www.acmecorp.example before configuring DNS Zone settings.
For more information, refer to Creating a managed public zone from the Google documentation.
Navigate via browser to the Project Selector page. and choose your Google Cloud Platform project.
Choose Public as your Zone Type.
Type a Zone Name for your zone.
Input a DNS suffix in DNS name, for example
Choose your DNSSEC or DNS Security state, which should be set to
Offfor this configuration.
(Optional) Input a Description for your DNS zone.
Once created, the Zone Details page loads.
NS (Name server) and SOA (Start of authority) records are automatically created for your domain (for example
Configuring External DNS in Jenkins X
Once you have configured Google Cloud DNS, you can use browse the Zones page in your Google Cloud Platform project to setup your external domain.
To setup External DNS:
Choose a unique DNS name; you can use nested domains (for example,
cluster1.acmecorp.example). Enter the name in the
jx create domaincommand against your domain name, for example:
jx create domain gke --domain cluster1.acmecorp.example
You will be prompted for information as needed during the setup:
Choose your Google Cloud Platform project from the available list.
Update your existing managed servers to use the displayed list of Cloud DNS nameservers. Copy the list for use in the next steps.
Next up is configuring GCP:
From the Google Cloud Platform Zones page, change the Resource Record Type to
NS) and use the default values for your domain for for TTL (
5) and TTL Unit (
Add the first nameserver to the Name server field
Add itemand add any subsequent nameservers.
Finally, configure Jenkins X for the new domain names:
jx-requirements.ymlfile and update the
ingress) to your domain name, for example
In the tls setting, enable TLS with
jx-requirements.ymlentries for these settings should look similar to the example below:
gitops: true ingress: domain: cluster1.acmecorp.example externalDNS: true namespaceSubDomain: -jx. tls: email: email@example.com enabled: true production: true secretStorage: vault
jx bootfor the changes to take effect in your environment.
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.