How to create an application tunnel link between Bamboo Data Center in a Kubernetes Cluster and Jira Cloud

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Fisheye および Crucible は除く

要約

Creating a tunneled application link between Bamboo Data Center in a Kubernetes cluster and Jira Cloud is an excellent solution for customers whose Kubernetes cluster services are not accessible from the internet. In some cases, organizational policy prevents network administrators from whitelisting specific domains and IP address ranges, which is necessary to ensure Atlassian Cloud products and other services work as expected. This page describes how to achieve this using the following steps:

  • Installing application tunnels from Atlassian Marketplace.
  • Configuring the required connection and upstream port using Helm charts.
  • Creating the application tunnel to your self managed instance.
  • Creating a tunneled application link between Bamboo Data Center in a Kubernetes cluster and Jira Cloud.

環境

The following steps have been validated in Bamboo Data Center 9.4.2 and 9.6.3 but may be applicable to other versions.

ソリューション

These steps assume there has been a successful installation of Bamboo on the Kubernetes cluster using Helm charts.

Now that we have a running Bamboo Data Center instance, we will start with the first step.

Step 1: Installing application tunnels on the Bamboo Data Center instance.

Using the steps from the documentation provided by Install application tunnels from Atlassian Marketplace, we will need to install the application tunnel on the Bamboo instance.

  1. In the upper-right corner of the screen, select Administration > Overview.
  2. Go to Manage Apps > Find new apps.
  3. Search for "Application tunnels".
  4. Click on the Install button.
  5. You should get the following message after a successful installation.
  6. Once you install the app, you'll see a new page in Administration > Application tunnel.

Step 2: Configuring the required connection and upstream port using Helm charts.

To do this, we will be modifying the Helm chart values file and creating a new Kubernetes ConfigMap. Before we do that, let's examine our Bamboo installation.

We will require an HTTP connector and an upstream port. I'll be choosing 8093 as my upstream port; please choose your preferred port based on availability.

  1. We need an JVM parameter as shown below to configure the upstream port:

     -Dsecure.tunnel.upstream.port=8093
  2. We also need to add a new connector port to the Apache tomcat's server.xml file as shown below:

    <Connector port="8093" connectionTimeout="20000" maxThreads="200" minSpareThreads="10" 
                       enableLookups="false" acceptCount="10" URIEncoding="UTF-8" />
  3. You can view the Apache tomcat's server.xml file in the running Bamboo instance using the command below:

    kubectl -n <namespace> exec -it <bamboo-pod> -- cat /opt/atlassian/bamboo/conf/server.xml
  4. The content of the server.xml can be copied out using the command below:

    kubectl -n <namespace> cp <bamboo-pod>:/opt/atlassian/bamboo/conf/server.xml server.xml
  5. Now modify the server.xml file to include the additional connector as shown below:

    ...
    
     </Connector>
        <Connector
                   port="8093"
                   connectionTimeout="20000"
                   maxThreads="200"
                   minSpareThreads="10"
                   enableLookups="false"
                   acceptCount="10"
                   URIEncoding="UTF-8" />
        <Engine name="Catalina"
                defaultHost="localhost">
    
          <Host name="localhost"
                appBase="webapps"
    
    ...
  6. Now that we have modified our server.xml file to include the HTTP connector, we will make it a Kubernetes ConfigMap and mount it on the pod by using the mount path /opt/atlassian/bamboo/conf/server.xml. We will be using the command below to created the Kubernetes ConfigMap:

    kubectl -n <namespace> create configmap custom-server-xml --from-file server.xml=server.xml
  7. Now we will modify the Helm Chart values file to include the new Kubernetes ConfigMap and the additional JVM argument for the upstream port:

    ...
    
      #
      additionalJvmArgs:
        - -Dsecure.tunnel.upstream.port=8093
    
     ...
    #
    additionalFiles:
       - name: custom-server-xml
         type: configMap
         key: server.xml
         mountPath:  /opt/atlassian/bamboo/conf
    # 
    
    ...
    
    

    It is important to note that adding additional connectors in the server.xml file can also be done by using Additional ConfigMaps or Custom server XML.

  8. Now we can proceed to upgrade the Helm release using the command below:

    helm upgrade <release_name> atlassian-data-center/bamboo -n <namespace> -f <values-file>
  9. Once the Bamboo instance is up and running, use the command to verify the new the server.xml file:

    kubectl -n <namespace> exec -it <bamboo-pod> -- cat /opt/atlassian/bamboo/conf/server.xml
  10. Once this is verified, we can proceed to the next step.

Step 3: Creating the application Tunnel to your self managed instance

はじめる前に

Using the Create an application tunnel to your self-managed instance, create a tunnel from admin.atlassian.com:

  1. admin.atlassian.com に移動して、組織を選択します。

  2. [設定] > [アプリケーション トンネル] の順に移動します。

  3. [トンネルを作成] を選択します。

  4. A page providing more details about application tunnels will open up, select Create tunnel.
  5. A create tunnel page will open, provide your preferred tunnel name and your Bamboo Base URL as shown below:
  6. 次へ をクリックします。
  7. Copy the security key and proceed, it is likely you will get a redirection error if the Kubernetes instance can only be reached on a private network.
  8. Now go to your Bamboo instance's Administration > Application tunnel.
  9. Select Add security key.
  10. Your application tunnel should have the new tunnel in the CONNECTING status as shown below:
  11. Your tunnel is created. Wait until its status changes to CONNECTED. You can refresh the pages until they are showing CONNECTED: 
  12. Now Bamboo has transitioned from CONNECTING to CONNECTED.

Step 4: Creating a tunneled application link between a Bamboo Data Center in a Kubernetes cluster and Jira Cloud

Using the steps in the Create a tunneled application link page, we will proceed to create an application link between a Bamboo Data Center instance in a Kubernetes environment and Jira Cloud.

  1. Open your Atlassian Cloud product's administration page and navigate to application links. This is different from admin.atlassian.com, each product has its own administration.

    • Jira Cloud: Go to Administration > Products > Application links.

  2. Create a link as shown below:
  3. The Create link page will appear as shown below, select Tunneled application link and choose the name of the application tunnel created earlier:
  4. The Confirm URL page will pop up with URLs of the tunnel and the Display URL of the Bamboo instance as shown below:
  5. Select Continue.
  6. The Review link page will open up, check the "I am an administrator on both instances" option. This will make it possible for the Bamboo admins and Jira Cloud admins to collaborate without exchanging credentials.
  7. Select Continue. You’ll get a pop-up with a URL.

  8. This URL should be copied and shared with the administrator.
  9. Open the URL on a browser where the Bamboo instance can be accessed.
  10. Select Continue.
  11. The application links status in Jira Cloud and Bamboo Data Center will have a CONFIG ERROR status as shown below:

  12. To fix this, edit the application link in your Atlassian Cloud product. Set the local authentication to OAuth for both incoming and outgoing communication.
  13. Now click Save Changes.
  14. The status should now be CONNECTED for Bamboo Data Center instance and the Jira Cloud instance as well.
  15. You can verify that the application link was correctly created by viewing its details, both on the Jira Cloud and Bamboo Data Center instance.
最終更新日 2024 年 8 月 6 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.