1+ # A helm example values file for an AWS install with nginx-ingress controller, TLS termination at ELB layer 4 and enable JNLP external communication
2+ # Install an nginx-ingress controller
3+ nginx-ingress :
4+ Enabled : true
5+ rbac :
6+ create : true
7+ controller :
8+ ingressClass : " nginx"
9+ config :
10+ use-proxy-protocol : " true"
11+ http-snippet : |
12+ map '' $pass_access_scheme {
13+ default https;
14+ }
15+ map '' $pass_port {
16+ default 443;
17+ }
18+ server {
19+ listen 8080 proxy_protocol;
20+ return 301 https://$host$request_uri;
21+ }
22+ service :
23+ targetPorts :
24+ # 8080 used for redirection
25+ http : 8080
26+ https : http
27+ annotations :
28+ service.beta.kubernetes.io/aws-load-balancer-backend-protocol : " tcp"
29+ service.beta.kubernetes.io/aws-load-balancer-proxy-protocol : " *"
30+ service.beta.kubernetes.io/aws-load-balancer-ssl-ports : " https"
31+ # The ARN reference 'arn:aws:acm:us-west-2:XXXXXXXX:certificate/XXXXXX-XXXXXXX-XXXXXXX-XXXXXXXX' must be replaced by the actual ARN of the
32+ # ACM certificate used to do the TLS termination.
33+ service.beta.kubernetes.io/aws-load-balancer-ssl-cert : " arn:aws:acm:us-east-1:XXXXXXXX:certificate/XXXXXX-XXXXXXX-XXXXXXX-XXXXXXXX"
34+ service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy : " ELBSecurityPolicy-TLS-1-2-2017-01"
35+ # Increase the connection idle timeout for external communication (should be greater than the Ping Thread)
36+ service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout : ' 3600'
37+ externalTrafficPolicy : " Local"
38+ # Allow external communication to the Operations Center through JNLP
39+ tcp :
40+ 50000 : " {{ .Release.Namespace }}/cjoc:50000:PROXY"
41+ OperationsCenter :
42+ # Set the platform to aws, so that ELBs are created
43+ platform : ' aws'
44+ # Set the HostName for the Operation Center
45+ HostName : ' cloudbees-core.example.com'
46+ # Setting ServiceType to ClusterIP creates ingress
47+ ServiceType : ClusterIP
0 commit comments