OpenShift CI/CD Operations - Collocated Persistent Jenkins Set Up: Difference between revisions
| Line 92: | Line 92: | ||
Access the UI at https://jenkins-lab7.apps.openshift.novaordis.io and log in with admin/password. | Access the UI at https://jenkins-lab7.apps.openshift.novaordis.io and log in with admin/password. | ||
For causes not yet elucidated yet, the Jenkins pod had to be deleted upon the first deployment in order to become accessible. | For causes not yet elucidated yet, the Jenkins pod had to be deleted upon the first deployment - and thus a redeployment be triggered - in order to become accessible. | ||
=Configure the Jenkins Pipeline= | =Configure the Jenkins Pipeline= | ||
{{Internal|OpenShift_CI/CD_Operations#Configure_the_Jenkins_Pipeline|Configure the Jenkins Pipeline}} | {{Internal|OpenShift_CI/CD_Operations#Configure_the_Jenkins_Pipeline|Configure the Jenkins Pipeline}} | ||
Revision as of 04:08, 22 November 2017
Internal
Overview
This is the procedure to install a CI/CD pipeline based on Jenkins. The CI/CD pipeline will execute in the project that need CI/CD services: the Jenkins pod will be created in the same project it triggers builds and deployments for.
The pipeline is created based on the OpenShift "jenkins-persistent" template, available in the "openshift" project:
oc get templates -n openshift | grep jenkins
NAME DESCRIPTION PARAMETERS OBJECTS ... jenkins-persistent Jenkins service, with persistent storage.... 8 (all set) 7
new-app procedure will create a special service account for Jenkins ("system:service account:<project-name>:jenkins") and it will give it the appropriate roles (/edit).
More details about Jenkins security considerations:
Provision a Persistent Volume
"jenkins-persistent" requires a persistent volume, which must be provisioned before the installation.
Create Jenkins Components
Jenkins instance won't be integrated into the OAuth infrastructure, so authentication must be done independently (admin/password).
Make sure to specify a volume capacity in sync with the capacity of the persistent volume that was provisioned for Jenkins.
oc new-app jenkins-persistent -p MEMORY_LIMIT=2Gi -p VOLUME_CAPACITY=2Gi -p ENABLE_OAUTH=false
Successful run output:
--> Deploying template "openshift/jenkins-persistent" to project lab7
Jenkins (Persistent)
---------
Jenkins service, with persistent storage.
NOTE: You must have persistent volumes available in your cluster to use this template.
A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.
* With parameters:
* Jenkins Service Name=jenkins
* Jenkins JNLP Service Name=jenkins-jnlp
* Enable OAuth in Jenkins=false
* Jenkins JVM Architecture=i386
* Memory Limit=1Gi
* Volume Capacity=2Gi
* Jenkins ImageStream Namespace=openshift
* Jenkins ImageStreamTag=jenkins:latest
--> Creating resources ...
route "jenkins" created
persistentvolumeclaim "jenkins" created
deploymentconfig "jenkins" created
serviceaccount "jenkins" created
rolebinding "jenkins_edit" created
service "jenkins-jnlp" created
service "jenkins" created
--> Success
Run 'oc status' to view your app.
Post-Install Adjustments
Adjust Readiness Probe Timeout
oc set probe dc jenkins --readiness --initial-delay-seconds=500
The same effect can be achieved with
oc edit dc/jenkins
and changing spec/template/spec/containers/name=jenkins/livenessProbe/initialDelaySeconds
Adjust Memory
oc set resources dc/jenkins --limits=memory=3Gi
Verification
Access the UI at https://jenkins-lab7.apps.openshift.novaordis.io and log in with admin/password.
For causes not yet elucidated yet, the Jenkins pod had to be deleted upon the first deployment - and thus a redeployment be triggered - in order to become accessible.