OpenShift CI/CD Operations - Collocated Persistent Jenkins Set Up: Difference between revisions
Line 44: | Line 44: | ||
Successful run output: | Successful run output: | ||
<pre> | |||
--> Deploying template "openshift/jenkins-persistent" to project lab-nodejs | |||
Jenkins (Persistent) | |||
--------- | |||
Jenkins service, with persistent storage. | |||
NOTE: You must have persistent volumes available in your cluster to use this template. | |||
A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template. | |||
* With parameters: | |||
* Jenkins Service Name=jenkins | |||
* Jenkins JNLP Service Name=jenkins-jnlp | |||
* Enable OAuth in Jenkins=false | |||
* Jenkins JVM Architecture=i386 | |||
* Memory Limit=2Gi | |||
* Volume Capacity=2Gi | |||
* Jenkins ImageStream Namespace=openshift | |||
* Jenkins ImageStreamTag=jenkins:latest | |||
--> Creating resources ... | |||
route "jenkins" created | |||
persistentvolumeclaim "jenkins" created | |||
deploymentconfig "jenkins" created | |||
serviceaccount "jenkins" created | |||
rolebinding "jenkins_edit" created | |||
service "jenkins-jnlp" created | |||
service "jenkins" created | |||
--> Success | |||
Run 'oc status' to view your app. | |||
</pre> | |||
=Post-Install Adjustments= | =Post-Install Adjustments= |
Revision as of 02:26, 22 November 2017
Internal
Overview
This is the procedure to install a CI/CD pipeline based on Jenkins. The CI/CD pipeline will execute in the project that need CI/CD services: the Jenkins pod will be created in the same project it triggers builds and deployments for.
The pipeline is created based on the OpenShift "jenkins-persistent" template, available in the "openshift" project:
oc get templates -n openshift | grep jenkins
NAME DESCRIPTION PARAMETERS OBJECTS ... jenkins-persistent Jenkins service, with persistent storage.... 8 (all set) 7
No special service account will be created for Jenkins, it will be configured to use the default service account "system:service account:<project-name>:default"
Grant Required Permissions
Jenkins components need to access the OpenShift API, so the service account that will run the Jenkins pod ("system:service account:<project-name>:default") must be given appropriate permissions:
oc policy add-role-to-user admin system:service account:<project-name>:default
More details about Jenkins security considerations:
Provision a Persistent Volume
"jenkins-persistent" requires a persistent volume, which must be provisioned before the installation.
Deploy Jenkins
Jenkins instance won't be integrated into the OAuth infrastructure, so authentication must be done independently (admin/password).
Make sure to specify a volume capacity in sync with the capacity of the persistent volume that was provisioned for Jenkins.
oc new-app jenkins-persistent -p MEMORY_LIMIT=2Gi -p VOLUME_CAPACITY=2Gi -p ENABLE_OAUTH=false
Successful run output:
--> Deploying template "openshift/jenkins-persistent" to project lab-nodejs Jenkins (Persistent) --------- Jenkins service, with persistent storage. NOTE: You must have persistent volumes available in your cluster to use this template. A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template. * With parameters: * Jenkins Service Name=jenkins * Jenkins JNLP Service Name=jenkins-jnlp * Enable OAuth in Jenkins=false * Jenkins JVM Architecture=i386 * Memory Limit=2Gi * Volume Capacity=2Gi * Jenkins ImageStream Namespace=openshift * Jenkins ImageStreamTag=jenkins:latest --> Creating resources ... route "jenkins" created persistentvolumeclaim "jenkins" created deploymentconfig "jenkins" created serviceaccount "jenkins" created rolebinding "jenkins_edit" created service "jenkins-jnlp" created service "jenkins" created --> Success Run 'oc status' to view your app.
Post-Install Adjustments
OpenShift Pipeline
New Item -> "hello-nodejs-pipeline" -> Pipeline -> OK
Pipeline -> Definition -> Pipeline script:
node {
stage ("Build") {
echo '*** Build Starting ***'
openshiftBuild apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', bldCfg: 'hello-nodejs', buildName: '', checkForTriggeredDeployments: 'false', commitID: '', namespace: '', showBuildLogs: 'false', verbose: 'false', waitTime: ''
openshiftVerifyBuild apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', bldCfg: 'hello-nodejs', checkForTriggeredDeployments: 'false', namespace: '', verbose: 'false'
echo '*** Build Complete ***'
}
stage ("Deploy") {
echo '*** Deployment Starting ***'
openshiftDeploy apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'hello-nodejs', namespace: '', verbose: 'false', waitTime: ''
openshiftVerifyDeployment apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'hello-nodejs', namespace: '', replicaCount: '1', verbose: 'false', verifyReplicaCount: 'false', waitTime: ''
echo '*** Deployment Complete ***'
}
stage ("Verify") {
echo '*** Service Verification Starting ***'
openshiftVerifyService apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', namespace: '', svcName: 'hello-nodejs', verbose: 'false'
echo '*** Service Verification Complete ***'
}
}
Adjust Readiness Probe Timeout
oc set probe dc jenkins --readiness --initial-delay-seconds=500