Hey all,
New to the SonarQube product and AKS. Using the guides so far, I’ve managed to do a few successful deploys of the SonarQube app using Helm. This is my first venture into Kubernetes (AKS) and Helm. Using the listed documentation I’ve been able to deploy SonarQube to my Azure environment but now I would like to some advanced things and I am unsure how to proceed. During my first few test deployments, I learned how to deploy SonarQube and give it an external IP address for access from the web. What I would like to ideally do, is prevent access to the outside world and only provide access from inside my Azure environment (RFC 1918). I believe this involves creating the LoadBalancer as an “internal” or “private” load balancer in Azure. Using Helm and the values.yaml I’ve tried several things, but nothing seems to work. I have a few specific objectives with the internal deployment I want to achieve:
- Deploy and restrict access to internal systems only
- Deploy with a specific IP to a specific VNET and subnet
- Deploy and setup HTTPS access only (not necessary right now, future focused)
In my values.yaml, after reading a few articles, I’ve tried various iterations of the following configurations:
service:
type: LoadBalancer
externalPort: 9000
internalPort: 9000
labels:
annotations: {
service.beta.kubernetes.io/azure-load-balancer-internal: "true",
service.beta.kubernetes.io/azure-load-balancer-internal-subnet: "snet-prd-001"
}
loadBalancerIP: 10.100.71.5
Using the above, the objective is to deploy the loadbalancer internally with the IP address 10.100.71.5/26 to the “snet-prd-001” subnet (which belongs to a VNET already established in the subscription). The result of running this through Helm seems to be that the load balancer deployment never moves out of “pending” state:
PS C:\support\helm3\sonarqube\version_03> kubectl get service -n sonarqube
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
sonarqube-postgresql ClusterIP 10.0.67.98 <none> 5432/TCP 5m22s
sonarqube-postgresql-headless ClusterIP None <none> 5432/TCP 5m22s
sonarqube-sonarqube LoadBalancer 10.0.254.248 <pending> 9000:31839/TCP 5m22s
Does anyone know where I might be tripping up? Based on some other things I was reading, could it be that I need to deploy nginx as well? Currently I have nginx ingress deployment set to false and ingress configuration set to false because I am not really sure about it or what it does.
Any insight would be helpful and if I missed some documentation, just point me in the right direction! My GoogleFu with some of these subjects might nto be the best right now as I am still learning.