Jenkins: Puppetize and document the use of the fixed port 42585 for serving the API
During last upgrade (#17730 (closed)), a change in how JNLP in Jenkins controller makes URLs available to agents forced us to make several changes to our setup:
lizard's firewall to NAT incoming traffic to ports 80/443 from agents to the
- Configure unauthenticated non-public ports in
www.lizard(1180 and 11443) to handle TLS and reverse-proxy to
- Use a fixed port
42585for agents connecting to controller (instead of default Jenkins config of choosing a random port each time it starts).
lizards firewall to NAT incoming traffic to port
42585from agents to the
Note: port 80 can probably be removed from the setup above, as agents are connecting directly to 443.
This is a complicated setup and needs to be properly Puppetized and documented.
If we do #17798 first, then we have to adapt this issue accordingly.