Configure Ingress

Configure Ingress, DNS and TLS

Ingress

If you don’t specify anything in your jx-requirements.yml file then Boot will default to using HTTP (rather than HTTPS) and using nip.io as the DNS mechanism.

After running Boot your jx-requirements.yml may look like:

cluster:
  provider: gke
  clusterName: my-cluster-name
  environmentGitOwner: my-git-org
  project: my-gke-project
  zone: europe-west1-d
environments:
- key: dev
- key: staging
- key: production
ingress:
  domain: 1.2.3.4.nip.io
  externalDNS: false
  tls:
    email: ""
    enabled: false
    production: false
kaniko: true
secretStorage: local
storage:
  logs:
    enabled: false
  reports:
    enabled: false
  repository:
    enabled: false
webhook: prow

If you wish to enable external DNS (to automatically register DNS names for all of your exported services) a DNS domain name or TLS then modify the ingress section of your to add ingress.domain and ingress.externalDNS = true in jx-requirements.yml file and re-run jx boot. There’s a complete example below.

You can also update your configuration to enable TLS via ingress.tls.enabled = true. Here’s an example:

cluster:
  clusterName: mycluster
  environmentGitOwner: myorg
  gitKind: github
  gitName: github
  gitServer: https://github.com
  namespace: jx
  provider: gke
  vaultName: jx-vault-myname
environments:
- key: dev
- key: staging
- key: production
gitops: true
ingress:
  domain: my.domain.com
  externalDNS: true
  namespaceSubDomain: -jx.
  tls:
    email: someone@acme.com
    enabled: true
    production: true
kaniko: true
secretStorage: vault
storage:
  logs:
    enabled: true
    url: gs://jx-prod-logs
  reports:
    enabled: false
    url: ""
  repository:
    enabled: false
    url: ""
webhook: prow

Last modified June 24, 2020: fix: de-duplicating nested install structure (ba9f980e30)