Reverse Proxy Installation and Setup

 

What is the Reverse Proxy?

For SaaS users, the Reverse Proxy provides a security layer to prevent you from opening a port to the outside world. The Reverse Proxy uses standard HTTPS request to the DeployHub SaaS  running on the Google GKE environment.  Nothing from the external Google side of the firewall is pushed to the local DeployHub Reverse Proxy. Instead the Reverse Proxy queries the DeployHub SaaS every minute to determine if a deployment is needed.

Once the Reverse Proxy determines that a deployment is needed, the Reverse Proxy will execute the deployment using all files on the inside of the firewall. The one-way communication is needed only to initiate the deployment, but all work is done local to your network.  On completion of the deployment, the logs are pushed back up to the DeployHub SaaS for viewing and audit.

continuous deployment-as-a-service

DeployHub Architecture with Reverse Proxy

 

Installing the Reverse Proxy

The Reverse Proxy runs as docker container.  In order to install it you need to have Docker up and running.

Docker Installation

  • Docker for RedHat
  • Require RHEL 64-bit 7.1 and higher on x86_64, s390x, or ppc64le (not ppc64).
  • Docker for Ubuntu
  • Requires 64-bit version of one of these Ubuntu versions:
    • Bionic 18.04 (LTS)
    • Artful 17.10
    • Xenial 16.04 (LTS)
    • Trusty 14.04 (LTS)
  • Docker for OS/X
  • Requires macOS El Capitan 10.11 and newer macOS releases are supported. We recommend upgrading to the latest version of macOS.

DeployHub Reverse Proxy Installation

  • Pull Quay.io
  • [shell]
    docker pull quay.io/deployhub/deployhub-rproxy[/shell]
  • Set your CLIENTID as environment variable
    • Linux and OS/X
    • [shell]export CLIENTID=”Client ID sent in welcome email”[/shell]
    • Windows
    • [shell]set CLIENTID=”Client ID sent in welcome email”[/shell]
  • ${IMAGE} = image id from the docker pull, do docker images to get the list of ids
    • Start the container
      • Linux and OS/X
      • [shell]docker run -d –hostname `hostname` -e CLIENTID=$CLIENTID ${IMAGE}[/shell]
      • Windows
      • [shell]docker run -d –hostname %COMPUTERNAME% -e CLIENTID=%CLIENTID% ${IMAGE}[/shell]
Volume to access Jenkins build results
        • Linux and OS/X
        • [shell]docker volume create –name jenkinsfs –opt type=nfs –opt device=:/var/jenkins/jobs –opt o=addr=192.168.0.101[/shell]
        • Windows
        • [shell]docker volume create –name jenkinsfs –driver local –opt type=cifs –opt device=//server/path/to/share –opt o=username=myuser,password=mypw,file_mode=0777,dir_mode=0777[/shell]
Start the container referencing Jenkins Workspaces
    • Linux and OS/X
    • [shell]docker run -d –hostname `hostname` -e CLIENTID=$CLIENTID -v jenkinsfs:/jenkins -v ~/.ssh:/keys:Z ${IMAGE}[/shell]
    • Windows
    • [shell]docker run -d –hostname %COMPUTERNAME% -e CLIENTID=%CLIENTID% -v jenkinsfs:/jenkins -v ~/.ssh:/keys:Z ${IMAGE}[/shell]
  • Volumes Used
    • jenkinsnfs:/jenkins is the Jenkins build results
    • ~/.ssh:/keys:Z users ssh keys made visible to the container for credentials
  • Notes
    • ${​CLIENTID} = client id assigned to your user id from the deployhub.com website or welcome email
    • ${IMAGE} = image id from the docker pull
    • NFS is share Jenkins Jobs directory
    • DeployHub will see the Jenkins File System Repository as /jenkins
    • DeployHub will see the ssh keys as /keys

Resources