Get Started w/ the Jenkins Operator v0.4.0 on Openshift 4
Jenkins in the past has been provided as a first class Build option alongside Dockerfile build and s2i build in Openshift. Currently, Jenkins is well integrated in the Openshift ecosystem and with the movement of everything towards Operators, it is only natural that Jenkins make the move as well.
We will go through the current Jenkins Operator specification and how you can migrate from your earlier workflow for Jenkins on Openshift to the Jenkins Operator with minimal changes to your current infrastructure.
What is the Jenkins Operator ?
The Jenkins Operator is a Kubernetes Operator which aims to carry out Day 2 operational tasks with minimal or no intervention allowing for automation of operational tasks which can be repetetive at times. Operations like SeedJobs creation and Backup management are aimed at being automated in this case.
The Jenkins Operator has initially been developed by VirtusLab and is now being adopted by us folks working at Red Hat on Openshift. With it’s strong backing from the community as well as it being a part of the JenkinsCI organization on Github, there lies a lot of potential to make this the defacto Jenkins Operator for people who cannot move to other CI/CD systems.
Your Traditional Jenkins Workflow on Openshift
If you already have Jenkins running in your Openshift Cluster, this is what your workflow might resemble from deploying to kickstarting a Jenkins Job.
- Deploy Jenkins via an Openshift Template
- Create a Jenkins Job from a BuildConfig
- Create Builds as instances of Runs for the Jenkins Job
As we move forward we will carry out the same with a Jenkins instance deployed via a Jenkins Operator and also look at how to install the Operator itself.
Deploying the Operator via Operator Lifecycle Manager
Installation
- Login to your Openshift Cluster.
- Go to
Operators
sub-menu in the burger menu and selectOperatorHub
and search forJenkins Operator
.
- Select
Jenkins Operator
and press theInstall
button and in the next page for the Subscription, click on theSubscribe
button for the Operator.
- Wait for the Operator to get installed and show up under your
Installed Operators
Create Jenkins
- To create a Jenkins instance, click on the Jenkins Operator as shown above and you would be presented with the menu below and then press on the
+ Create Instance
in the Jenkins resource shown below,Provided APIs
.
- You would be presented with the following option to make changes to the example. You can configure the size of the Jenkins as well as make other changes to the Instance via the YAML config. Press on
Create
once you are happy with the settings. Do remove thesecurityContext
under the spec to avoid any problems regarding the same. We are working on getting this removed from example.
- If everything goes well, a Jenkins Instance would be created and be shown here.
- Let’s login and check from the terminal.
$ oc login -u kubeadmin -p password
$ oc get pods -n jenkins-operator-test
NAME READY STATUS RESTARTS AGE
jenkins-example 1/1 Running 0 6m18s
jenkins-operator-5d7bf9c657-8g96b 1/1 Running 0 16m
Configuring additional necessary resources
Considering that the Jenkins instance is up and running let’s set it up to work with the right configuration necessary to run with Openshift.
- Add ClusterRole
edit
to the ServiceAccount used by the Jenkins instance created by the Operator.
$ oc adm policy add-cluster-role-to-user edit -z jenkins-operator-example -n jenkins-operator-test
- Expose the Service pointing to the Jenkins instance to be used as a Route so we can access the Jenkins instance from outside the Cluster Network.
Get the service which points to the Jenkins instance
$ oc get svc | grep jenkins-operator-httpjenkins-operator-http-example ClusterIP 172.30.54.123 <none> 8080/TCP 11m
Expose the Http Service pointing to the Jenkins instance via a Route
$ oc expose svc jenkins-operator-http-example
Update the Route to use TLS Edge Temination and set the HA Proxy timout
# TLS Edge Termination
$ oc patch route jenkins-operator-http-example -p '{"spec":{"tls":{"insecureEdgeTerminationPolicy":"Redirect","termination":"edge"}}}'# HA Proxy Timeout
$ oc annotate route jenkins-operator-http-example "haproxy.router.openshift.io/timeout"="4m"
- Configure Jenkins instance ServiceAccount to be used for the Redirection.
$ oc annotate sa jenkins-operator-example "serviceaccounts.openshift.io/oauth-redirectreference.jenkins"="{\"kind\":\"OAuthRedirectReference\",\"apiVersion\":\"v1\",\"reference\":{\"kind\":\"Route\",\"name\":\"jenkins-operator-http-example\"}}"
With the above you should be able to have a Jenkins working that will comply with Openshift Builds with which the jobs can be triggered as well.
Triggering Jenkins Jobs using the Openshift Builds
Simple example to create a BuildConfig with a Jenkinsfile Strategy would be to have a git repo with a Jenkinsfile at the root of the repo as it is given here
$ oc new-app https://github.com/waveywaves/nodejs-ex --context-dir openshift/pipelines
Upon doing the above, a BuildConfig would be created based on the Jenkinsfile strategy.
Above we can see the BuildConfig nodejs-ex
has been created by the oc new-app
command given above and the Build nodejs-ex-1
has also succeeded which is an instance of the same. This Build is responsible for deploying a NodeJS application including the creation of the BuildConfig, Deployment, Services and Route of the same which are prefixed with nodejs-example
in their names.
Let’s check the Build from Jenkins itself and see what exactly happened. We have the Route from before from when we exposed the Service which we are going to use to access the the Jenkins.
$ oc get route | grep jenkins-operator-http
After going to the Route and logging in via our Openshift Credentials, we should be able to see the Jenkins User Interface. Click on the folder with the name of the Namespace.
You should now be able to see the Jenkins Job that resembles the <namespace>/<build-config> name pattern pointing to our BuildConfig.
Once you click on the same you can see the Build and the different stages it has gone through. Click on the Build and then click on the Console Output
option given in the left column of the screen.
After doing that you can see the output of your Job Run and in times of failure you can check here, if the Build succeeded or not.
Conclusion
As of now the Operator provides basic functionality and few extra features like creation of SeedJobs and Backing Up Jenkins instances etc. But wouldn’t be considered production ready for Openshift.
The current state of support for the Operator in Openshift is Developer Preview only and is not completely supported yet. A lot of the features and improvements are still Work In Progress. We will keep updating the progress on this and let the world know the story of the Jenkins Operator ;)