OpenShift CI/CD Operations: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
(30 intermediate revisions by the same user not shown)
Line 2: Line 2:


* [[OpenShift Operations#Subjects|OpenShift Operations]]
* [[OpenShift Operations#Subjects|OpenShift Operations]]
* [[Jenkins and OpenShift]]
* [[OpenShift CI/CD Concepts#Overview|OpenShift CI/CD Concepts]]


=Overview=
=End-to-End Procedures=


=Setting Up a CI/CD Pipeline=
* [[OpenShift CI/CD Operations - Collocated Persistent Jenkins Set Up|Collocated Jenkins Deployment and Set Up]]
* [[CI/CD Infrastructure Setup]]


=Set Up a Jenkins CI/CD Pipeline=


==Create Required Image Streams==
{{Error|ALL THIS MUST BE REFACTORED}}


{{Internal|OpenShift_Image_and_ImageStream_Operations#Create_an_Image_Stream|Create an Image Stream}}
=Resources=


==Create Required Projects==
This is the memory consumption based on a test installation:
* jenkins/jenkins-jnlp pod: 880 MB
* nexus pod: 1.5 GB
* gogs pod: 140 MB
* gogs postgresql pod: 42 MB
* sonar pod: 2.0 GB
* sonar postgresql pod: 77 MB


Create the following projects:
=Set Up a CI/CD Pipeline=


1. A project for the CI/CD components, named "cicd":


oc new-project cicd --display-name="CI/CD pipeline with Jenkins"


2. A project to host development-stage containers and processes, named "dev":


oc new-project dev --display-name="Tasks - Dev"
=Configure the Jenkins Pipeline with Pipeline Plug-In=


3. A project to host publicly-accessible application produced by the CI/CD pipeline, named "stage":
New Item -> "hello-nodejs-pipeline" -> Pipeline -> OK


oc new-project stage --display-name="Tasks - Stage"
Pipeline -> Definition -> Pipeline script:
 
==Grant Jenkins Needed Privileges for the Projects that Require CI/CD Services==
 
For reasons behind these actions, see: {{Internal|Jenkins and OpenShift#Security_Considerations|Jenkins and OpenShift - Security Considerations}}
 
[[Oc_policy#add-role-to-user|oc policy add-role-to-user]] edit system:serviceaccount:cicd:jenkins -n dev
[[Oc_policy#add-role-to-user|oc policy add-role-to-user]] edit system:serviceaccount:cicd:jenkins -n stage
 
==Create the CI/CD Components==
 
oc project cicd
[[Oc process|oc process]] -f ./cicd-template.yaml --param DEV_PROJECT=dev --param STAGE_PROJECT=stage \
| oc create -f -


A template example for OpenShift 3.5 is available at https://github.com/OpenShiftDemos/openshift-cd-demo/blob/ocp-3.5/cicd-template.yaml. A version is also available here: [[OpenShift CICD Template Example]].
=Set up Continuous Delivery=


Note that "jenkins-persistent" and "jenkins-ephemeral" are available templates in the "openshift" project, they probably can be also used:
Set up a development, QA and production project.


oc get templates -n openshift | grep jenkins
<font color=red>TODO: Example: "Continuous Delivery Using OpenShift and Jenkins Pipeline Plug-in" 07 1 CD JEE Lab, Advanced Development on-line class.</font>


==Configure Jenkins==
=Troubleshooting=
 
oc project cicd
[[Oc_set#resources|oc set resources]] dc/jenkins --limits=memory=1Gi
 
=Checkpoint=
 
* Jenkins should start and be available at https://jenkins-cicd.apps.openshift.novaordis.io/
* Gogs should start and be available at https://gogs-cicd.apps.openshift.novaordis.io/
* Nexus should start and be available at https://nexus-cicd.apps.openshift.novaordis.io/
 
=Set Up a Jenkins CI/CD Pipeline based on jerkins-persistent Template=
 
<font color=red>TO PROCESS and INTEGRATE with [[OpenShift_CI/CD_Operations#Set_Up_a_Jenkins_CI.2FCD_Pipeline|Set Up a Jenkins CI/CD Pipeline]].</font>
 
This procedure sets up Jenkins infrastructure in a target project, and Jenkins runs as "system:serviceaccount:<project-name>:default"
 
oc policy add-role-to-user admin system:serviceaccount:lab-nodejs:default
 
<span id="new-app-jenkins-persistent"></span>
oc new-app jenkins-persistent -p MEMORY_LIMIT=2Gi -p VOLUME_CAPACITY=2Gi -p ENABLE_OAUTH=false
 
<pre>
--> Deploying template "openshift/jenkins-persistent" to project lab-nodejs
 
    Jenkins (Persistent)
    ---------
    Jenkins service, with persistent storage.
 
    NOTE: You must have persistent volumes available in your cluster to use this template.
 
    A Jenkins service has been created in your project.  Log into Jenkins with your OpenShift account.  The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.
 
    * With parameters:
        * Jenkins Service Name=jenkins
        * Jenkins JNLP Service Name=jenkins-jnlp
        * Enable OAuth in Jenkins=false
        * Jenkins JVM Architecture=i386
        * Memory Limit=2Gi
        * Volume Capacity=2Gi
        * Jenkins ImageStream Namespace=openshift
        * Jenkins ImageStreamTag=jenkins:latest
 
--> Creating resources ...
    route "jenkins" created
    persistentvolumeclaim "jenkins" created
    deploymentconfig "jenkins" created
    serviceaccount "jenkins" created
    rolebinding "jenkins_edit" created
    service "jenkins-jnlp" created
    service "jenkins" created
--> Success
    Run 'oc status' to view your app.
</pre>
 
====Adjust Readiness Probe Timeout====
 
  [[Oc_set#probe|oc set probe]] dc jenkins --readiness --initial-delay-seconds=500
 
 
====OpenShift Pipeline====
 
New Item -> "hello-nodejs-pipeline" -> Pipeline -> OK
 
Pipeline -> Definition -> Pipeline script:


<syntaxhighlight lang='groovy'>
* [[OpenShift Jenkins fails to Communicate with Maven slaves]]
node {
  stage ("Build") {
    echo '*** Build Starting ***'
    openshiftBuild apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', bldCfg: 'hello-nodejs', buildName: '', checkForTriggeredDeployments: 'false', commitID: '', namespace: '', showBuildLogs: 'false', verbose: 'false', waitTime: ''
    openshiftVerifyBuild apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', bldCfg: 'hello-nodejs', checkForTriggeredDeployments: 'false', namespace: '', verbose: 'false'
    echo '*** Build Complete ***'
  }
  stage ("Deploy") {
    echo '*** Deployment Starting ***'
    openshiftDeploy apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'hello-nodejs', namespace: '', verbose: 'false', waitTime: ''
    openshiftVerifyDeployment apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'hello-nodejs', namespace: '', replicaCount: '1', verbose: 'false', verifyReplicaCount: 'false', waitTime: ''
    echo '*** Deployment Complete ***'
  }
  stage ("Verify") {
    echo '*** Service Verification Starting ***'
    openshiftVerifyService apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', namespace: '', svcName: 'hello-nodejs', verbose: 'false'
    echo '*** Service Verification Complete ***'
  }
}
</syntaxhighlight>

Latest revision as of 23:53, 8 December 2017

Internal

End-to-End Procedures



ALL THIS MUST BE REFACTORED

Resources

This is the memory consumption based on a test installation:

  • jenkins/jenkins-jnlp pod: 880 MB
  • nexus pod: 1.5 GB
  • gogs pod: 140 MB
  • gogs postgresql pod: 42 MB
  • sonar pod: 2.0 GB
  • sonar postgresql pod: 77 MB

Set Up a CI/CD Pipeline

Configure the Jenkins Pipeline with Pipeline Plug-In

New Item -> "hello-nodejs-pipeline" -> Pipeline -> OK

Pipeline -> Definition -> Pipeline script:

Set up Continuous Delivery

Set up a development, QA and production project.

TODO: Example: "Continuous Delivery Using OpenShift and Jenkins Pipeline Plug-in" 07 1 CD JEE Lab, Advanced Development on-line class.

Troubleshooting