Gateway objects

5 minute read

To communicate with a resource, workspace, or artifact repository server in another zone, a "gateway" must be created. A gateway object contains two resource (agent) machines, for example, GatewayResource1 and GatewayResource2—each configured to communicate with the other. One gateway resource resides in the source zone and the other in the target zone. A gateway is bidirectional and informs the CloudBees CD server that each gateway machine is configured to communicate with its other gateway machine (in another zone).

If your company requires the added security of a firewall between zones, gateway agents can be configured to communicate with/through the firewall. Gateway agents can be trusted or untrusted (meaning that they just use HTTPS).

This page displays all gateways currently defined in CloudBees CD and provides other gateway operations—create, edit, delete, and so on.

  • A firewall between zones— A gateway resource can be configured to communicate with an intermediary firewall in its path as a proxy to communicate with its peer on the other side of the gateway.

    If the actual gateway agents are behind a load balancer, do not register resources for them in CloudBees CD. The actual gateway agents should be pinged by CloudBees CD only via the load balancer.
  • Each gateway records the host/port combination each gateway agent/resource must use to communication with its peer on the other side of the gateway.

  • Multiple gateways can be defined for a zone if required. For example, you may have multiple resources in zoneA that need to communicate with each other, but some of those resources also need to communicate with zoneB, while others need to communicate with zoneC only. In this scenario, zoneA would require two gateways—one to zoneB and one to zoneC.

  • One resource can participate in multiple gateways. For example, assume we have 3 zones, zone1, zone2, and zone3, each created to contain agent/resource machines for a different, specific purpose (production, testing), but we want to share or pass data from a resource in zone1 to another resource in zone2 or zone3:

  • We need two gateways:

  • Gateway1 connects ResourceA in zone1 to ResourceC in zone3

  • Gateway2 connects ResourceA in zone1 to ResourceB in zone2

  • With this gateway-resource configuration, ResourceA can communicate directly with zone2 or zone3.

  • To create a new gateway, click the Create Gateway link.

  • The "star" icon allows you to save this gateway information to your Home page.

Column descriptions

Column Name Description / Action

Name

The gateway name specified when this gateway was created. Click a gateway name to see the Gateway Details panel for that gateway.

Enabled

A check mark in the box indicates that this gateway is enabled.

Resource 1

The first of two resources required to create a gateway. For actual gateway agents that are behind a load balancer, this is the resource for the inbound or outbound load balancer (not the actual agent).

Host 1

The external name that Resource 2 uses to communicate with Resource 1. This contains the host name or IP address of Resource 1. If this is blank, the Agent Host Name attribute in Resource 1’s definition is used at runtime.

Resource 2

The second of two resources required to create a gateway. For actual gateway agents that are behind a load balancer, this is the resource for the inbound or outbound load balancer (not the actual agent).

Host 2

The external name that Resource 1 uses to communicate with Resource 2. This contains the host name or IP address of Resource 2. If this is blank, the Agent Host Name attribute in Resource 2’s definition is used at runtime.

Description

(Optional) Plain text or HTML description for this object. If using HTML, you must surround your text with <html> …​ </html> tags. Allowable HTML tags are <a>, <b>, <br>, <div>, <dl>, <font>, <i>, <li>, <ol>, <p>, <pre>, <span>, <style>, <table>, <tc>, <td>, <th>, <tr>, and <ul>.

For example, the following HTML:

<p>
<span style="font-family: Arial;">
  <i>Note:</i> For more information about the <b>abc</b> object, see
         <a href="https://www.google.com/">\https://www.google.com</a>.
</span>
</p>

renders as follows:

<i>Note</i>: For more information about the <b>abc</b> object, see \https://www.google.com.

Actions

Delete —Use this link to delete the gateway on the same row.

Gateway Details Panel

This panel displays properties and access control privileges assigned to this gateway. Select the Properties tab to see any existing properties or to create properties for this gateway.

  • Edit —Click this link to display the Edit Gateway panel. On the Edit Gateway panel, you can change the gateway name or add or change the gateway description.

  • Access Control —Click this link to go to the Access Control page to set access privileges for this gateway.

Create Gateway Panel

Enter the following information:

Field Name Description / Action

Name

Name of your choice for this gateway. The name must be unique among other gateway names.

Description

(Optional) Plain text or HTML description for this object. If using HTML, you must surround your text with <html> …​ </html> tags. Allowable HTML tags are <a>, <b>, <br>, <div>, <dl>, <font>, <i>, <li>, <ol>, <p>, <pre>, <span>, <style>, <table>, <tc>, <td>, <th>, <tr>, and <ul>.

For example, the following HTML:

<p>
<span style="font-family: Arial;">
  <i>Note:</i> For more information about the <b>abc</b> object, see
         <a href="https://www.google.com/">\https://www.google.com</a>.
</span>
</p>

renders as follows:

<i>Note</i>: For more information about the <b>abc</b> object, see \https://www.google.com.

Enabled

Enables the gateway.

Resource 1

Name of your choice for the first of two required gateway resources. Do not include spaces in a resource name. For actual gateway agents that are behind a load balancer, specify the resource for the inbound or outbound load balancer (not the actual agent).

Host 1

Agent host name where Resource 1 resides. This external host name is used by Resource 2 to communicate with Resource 1. Specify only the host name or IP address of Resource 1. To use the host name from Resource 1’s definition, leave this field blank.

Port 1

Port number used by Resource 1. The default is the port number used by the resource.

Resource 2

Name of your choice for the second of two required gateway resources. Do not include spaces in a resource name. For actual gateway agents that are behind a load balancer, specify the resource for the inbound or outbound load balancer (not the actual agent).

Host 2

Agent host name where Resource 2 resides. This external host name is used by Resource 1 to communicate with Resource 2. Specify only the host name or IP address of Resource 2. To use the host name from Resource 2’s definition, leave this field blank.

Port 2

Port number used by Resource 2. The default is the port number used by the resource.

Click OK to see your new gateway displayed in the table.

Edit Gateway Panel

This panel is populated with previously supplied information to define the gateway. You can change any existing specifications or add new information. Click OK to save your changes.

Access Control Note

A gateway inherits privileges from the ZonesAndGateways ACL. See Access Control for more information.