OpenShift CI/CD Operations: Difference between revisions
Line 67: | Line 67: | ||
oc policy add-role-to-user admin system:serviceaccount:lab-nodejs:default | oc policy add-role-to-user admin system:serviceaccount:lab-nodejs:default | ||
<span id="new-app-jenkins-persistent"></span> | |||
oc new-app jenkins-persistent -p MEMORY_LIMIT=2Gi -p VOLUME_CAPACITY=2Gi -p ENABLE_OAUTH=false | oc new-app jenkins-persistent -p MEMORY_LIMIT=2Gi -p VOLUME_CAPACITY=2Gi -p ENABLE_OAUTH=false | ||
Revision as of 00:08, 22 November 2017
Internal
Overview
Set Up a Jenkins CI/CD Pipeline
Create Required Image Streams
Create Required Projects
Create the following projects:
1. A project for the CI/CD components, named "cicd":
oc new-project cicd --display-name="CI/CD pipeline with Jenkins"
2. A project to host development-stage containers and processes, named "dev":
oc new-project dev --display-name="Tasks - Dev"
3. A project to host publicly-accessible application produced by the CI/CD pipeline, named "stage":
oc new-project stage --display-name="Tasks - Stage"
Grant Jenkins Needed Privileges for the Projects that Require CI/CD Services
For reasons behind these actions, see:
oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n dev oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n stage
Create the CI/CD Components
oc project cicd oc process -f ./cicd-template.yaml --param DEV_PROJECT=dev --param STAGE_PROJECT=stage \ | oc create -f -
A template example for OpenShift 3.5 is available at https://github.com/OpenShiftDemos/openshift-cd-demo/blob/ocp-3.5/cicd-template.yaml. A version is also available here: OpenShift CICD Template Example.
Note that "jenkins-persistent" and "jenkins-ephemeral" are available templates in the "openshift" project, they probably can be also used:
oc get templates -n openshift | grep jenkins
Configure Jenkins
oc project cicd oc set resources dc/jenkins --limits=memory=1Gi
Checkpoint
- Jenkins should start and be available at https://jenkins-cicd.apps.openshift.novaordis.io/
- Gogs should start and be available at https://gogs-cicd.apps.openshift.novaordis.io/
- Nexus should start and be available at https://nexus-cicd.apps.openshift.novaordis.io/
Set Up a Jenkins CI/CD Pipeline based on jerkins-persistent Template
TO PROCESS and INTEGRATE
This procedure sets up Jenkins infrastructure in a target project, and Jenkins runs as "system:serviceaccount:<project-name>:default"
oc policy add-role-to-user admin system:serviceaccount:lab-nodejs:default
oc new-app jenkins-persistent -p MEMORY_LIMIT=2Gi -p VOLUME_CAPACITY=2Gi -p ENABLE_OAUTH=false
--> Deploying template "openshift/jenkins-persistent" to project lab-nodejs Jenkins (Persistent) --------- Jenkins service, with persistent storage. NOTE: You must have persistent volumes available in your cluster to use this template. A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template. * With parameters: * Jenkins Service Name=jenkins * Jenkins JNLP Service Name=jenkins-jnlp * Enable OAuth in Jenkins=false * Jenkins JVM Architecture=i386 * Memory Limit=2Gi * Volume Capacity=2Gi * Jenkins ImageStream Namespace=openshift * Jenkins ImageStreamTag=jenkins:latest --> Creating resources ... route "jenkins" created persistentvolumeclaim "jenkins" created deploymentconfig "jenkins" created serviceaccount "jenkins" created rolebinding "jenkins_edit" created service "jenkins-jnlp" created service "jenkins" created --> Success Run 'oc status' to view your app.
Adjust Readiness Probe Timeout
oc set probe dc jenkins --readiness --initial-delay-seconds=500
OpenShift Pipeline
New Item -> "hello-nodejs-pipeline" -> Pipeline -> OK
Pipeline -> Definition -> Pipeline script:
node {
stage ("Build") {
echo '*** Build Starting ***'
openshiftBuild apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', bldCfg: 'hello-nodejs', buildName: '', checkForTriggeredDeployments: 'false', commitID: '', namespace: '', showBuildLogs: 'false', verbose: 'false', waitTime: ''
openshiftVerifyBuild apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', bldCfg: 'hello-nodejs', checkForTriggeredDeployments: 'false', namespace: '', verbose: 'false'
echo '*** Build Complete ***'
}
stage ("Deploy") {
echo '*** Deployment Starting ***'
openshiftDeploy apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'hello-nodejs', namespace: '', verbose: 'false', waitTime: ''
openshiftVerifyDeployment apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'hello-nodejs', namespace: '', replicaCount: '1', verbose: 'false', verifyReplicaCount: 'false', waitTime: ''
echo '*** Deployment Complete ***'
}
stage ("Verify") {
echo '*** Service Verification Starting ***'
openshiftVerifyService apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', namespace: '', svcName: 'hello-nodejs', verbose: 'false'
echo '*** Service Verification Complete ***'
}
}