When you add a custom app to Crowd like Jenkins server. It asks for the app URL and it takes then it lookup the IP of that URL and it adds that IP to the app settings. In a docker/kubernetes world those IPs are not static anymore. How do others deal with apps having no-static IPs?
Hello Mark, for this case elastic api should be used and i recommend use AWS
To ensure connectivity to your docker containers, check :
-if security group(s) on the instance allow inbound traffic to the ports of interest.
-same, please check network ACL on your subnet if they do not block the connections - both inbound and outbound.
-ensure that the instance is in a public subnet and is reachable from the internet.
-check if you can connect to the containers from inside of the instance, to make sure that your application is working as expected
Alternatively, if you do not want to manage the instance and docker yourself, you can look into using AWS Fargate or Amazon ECS which will greatly simply management of your containers.
Hey Mark,
The easy and unsecure answer is adding 0.0.0.0/0 to the Crowd Application Remote Addresses - obviously not recommended though!
It's not clear where you're hosting your Docker/K8S, but using AWS terminology, if you run your cluster from a private VPC that has a NAT VPC gateway with a fixed Elastic IP, outbound traffic from any of the containers running within that environment will be seen to the internet as coming from the Elastic IP address - so that's the one you add to the Remote Addresses list.
Lots of factors could impact if/how this would work - so take the above with a grain of salt. YMMV.
CCM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.