OpenShift CI/CD Operations
Internal
Overview
Set Up a Jenkins CI/CD Pipeline
Create Required Image Streams
Create Required Projects
Create the following projects:
1. A project for the CI/CD components, named "cicd":
oc new-project cicd --display-name="CI/CD pipeline with Jenkins"
2. A project to host development-stage containers and processes, named "dev":
oc new-project dev --display-name="Tasks - Dev"
3. A project to host publicly-accessible application produced by the CI/CD pipeline, named "stage":
oc new-project stage --display-name="Tasks - Stage"
Grant Jenkins Needed Privileges for the Projects that Require CI/CD Services
The Jenkins components need to access the OpenShift API for various operations: access container images, etc. so they need to be granted sufficient privileges to invoke the OpenShift API for the projects requiring CI/CD pipeline services - in our case "dev" and "stage":
oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n dev oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n stage
For more details, see
oc policy add-role-to-user edit system:service account:cicd:default -n cicd oc policy add-role-to-user edit system:service account:cicd:default -n dev oc policy add-role-to-user edit system:service account:cicd:default -n stage
Create the CI/CD Components
oc project cicd oc process -f ./cicd-template.yaml --param DEV_PROJECT=dev --param STAGE_PROJECT=stage \ | oc create -f -
A template example for OpenShift 3.5 is available at https://github.com/OpenShiftDemos/openshift-cd-demo/blob/ocp-3.5/cicd-template.yaml. A version is also available here: OpenShift CICD Template Example.
Note that "jenkins-persistent" and "jenkins-ephemeral" are available templates in the "openshift" project, they probably can be also used:
oc get templates -n openshift | grep jenkins
Configure Jenkins
oc project cicd oc set resources dc/jenkins --limits=memory=1Gi
Checkpoint
- Jenkins should start and be available at https://jenkins-cicd.apps.openshift.novaordis.io/
- Gogs should start and be available at https://gogs-cicd.apps.openshift.novaordis.io/
- Nexus should start and be available at https://nexus-cicd.apps.openshift.novaordis.io/