Adds support for adding VMs into a load balancer's backend pool#182
Open
ciaranj wants to merge 2 commits intojenkinsci:masterfrom
Open
Adds support for adding VMs into a load balancer's backend pool#182ciaranj wants to merge 2 commits intojenkinsci:masterfrom
ciaranj wants to merge 2 commits intojenkinsci:masterfrom
Conversation
added 2 commits
February 21, 2020 22:06
…d pool Based heavily on work by @gpolek (jenkinsci#61) Allows the specification of a load balancer & backend (that can optionally be in a different resource group to that in which the Agent VMs get spun up) This is (as mentioned in the original pull request) highly useful for scenarios where you need to whitelist the traffic coming from your pool of VMs. This is a pre-requisite for support AAD logins to the jenkins agents too on environments where Conditional Access Policies use named location constraints.
ciaranj
changed the title
Member
|
needs conflicts resolved |
Member
|
I think this might be a simpler approach: |
Author
From what I recall of this work, the approach was needed because the load balancer was required to support outbound traffic from VMs with no public IP at all, so #221 feels (again from what I recall) like a subtly different solution to a very similar issue. |
Member
|
ah right sure makes sense 👍, the other approach is a UDR on the subnet, (which is what I use) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is a re-working of @gpolek 's work in #61 but;
I needed the possibility of ensuring all my Jenkins agents use known IP address for outbound connection, for example, to whitelist them on a remote environment. Azure allows it by using Source Network Address Translation feature on Azure load balancer.
More on this topic can be found in Azure's docs https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/load-balancer/load-balancer-outbound-connections.md#load-balanced-vm-with-no-instance-level-public-ip-address.
This pull request allows putting azure vm agents into load balancer's backend pool of your choice. I've added also availability set support to ensure all my agents will stay alive when Azure does maintenance.