Protect Jenkins with https

xuyuji9000 / kubernetes-playground

1 stars 0 forks source link

Protect Jenkins with https #17

Closed xuyuji9000 closed 5 years ago

xuyuji9000 commented 5 years ago

PFX_FILE=
openssl pkcs12 -in ${PFX_FILE} -nocerts -nodes | sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > clientcert.key
openssl pkcs12 -in ${PFX_FILE} -clcerts -nokeys | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >  clientcert.cer
openssl pkcs12 -in ${PFX_FILE} -cacerts -nokeys -chain | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >  cacerts.cer

xuyuji9000 commented 5 years ago

Create secret

kubectl create secret tls yogiman.cn \
--key ./clientcert.key \
--cert ./fullchain1.pem

xuyuji9000 commented 5 years ago

Upgrade Jenkins

# values.yaml
master:
  ingress:
    enabled: true
    hostName: jenkins.yogiman.cn
    tls:
    - secretName: yogiman.cn
       hosts:
       - jenkins.yogiman.cn         
  serviceType: ClusterIP
persistence:
  enabled: true
  existingClaim: jenkins

Upgrade Jenkins

helm upgrade -f ./values.yaml jenkins stable/jenkins