Skip to content

lamdor/cijug-jenkinsfile

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
jenkins/k8s
jenkins/k8s
 
 
k8s
k8s
 
 
project
project
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Jenkinsfile
Jenkinsfile
 
 
README.org
README.org
 
 
build.sbt
build.sbt
 
 
version.sbt
version.sbt
 
 

Repository files navigation

Continuous Deployment with Jenkins Pipeline

Prerequisites

Pretty much following https://cloud.google.com/solutions/jenkins-on-container-engine-tutorial

Start up a GKE cluster

Create the project

gcloud projects create rubbish-cijug --set-as-default

and have to go to https://console.cloud.google.com/compute/instances?project=rubbish-cijug to enable billing for the new project and start compute engine

Create the GKE cluster

gcloud compute networks create rubbish-cijug --mode auto

gcloud container clusters create rubbish-cijug \
  --network rubbish-cijug \
  --scopes "https://www.googleapis.com/auth/projecthosting,storage-rw"

gcloud container clusters list

Get kubectl credentials

gcloud container clusters get-credentials rubbish-cijug
kubectl cluster-info

Create the jenkins disk

gcloud compute images create jenkins-home-image --source-uri https://storage.googleapis.com/solutions-public-assets/jenkins-cd/jenkins-home-v3.tar.gz

gcloud compute disks create jenkins-home --image jenkins-home-image --zone us-central1-a

Deploy jenkins master onto it

create jenkins ns

kubectl create ns jenkins

create jenkins admin password secret

PASSWORD=`openssl rand -base64 15`; echo "Your password is $PASSWORD"; sed -i.bak s#CHANGE_ME#$PASSWORD# jenkins/k8s/options

kubectl create secret generic jenkins --from-file=jenkins/k8s/options --namespace=jenkins

deploy

kubectl apply -f jenkins/k8s/

kubectl get pods --namespace jenkins

kubectl get services --namespace jenkins

setup load balancer

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/tls.key -out /tmp/tls.crt -subj "/CN=jenkins/O=jenkins"
kubectl create secret generic tls --from-file=/tmp/tls.crt --from-file=/tmp/tls.key --namespace jenkins

kubectl apply -f jenkins/k8s/lb/ingress.yaml

kubectl describe ingress jenkins --namespace jenkins

Setup kubectl tool in Jenkins manager

Plugins

Update plugins in plugin manager

add more plugins

  • ansi color
  • slack
  • custom tools
  • blue ocean

Setup sbt

install sbt plugin

setup sbt tool

add docker registry secret

kubectl create secret generic docker-config-json --namespace=jenkins --from-file=$HOME/.docker/config.json

add to jenkins pod template as secret volume

add env namespaces

kubectl create ns staging
kubectl create ns production

Setup Github

setup Github server with new personal access token creds as username/password

setup jenkins public url

make sure that it can manage hooks

setup github-id-rsa cred file with ssh private key

setup an agent in jenkins

in jenkins ui, setup jnlp-persistent agent

run in jenkins

kubectl apply -f jenkins/k8s/agent/jnlp.yaml

kubectl get pods --namespace=jenkins

A history of Jenkins jobs

Freestyle job

Multijob

Pipeline

So how did I get here?

Jenkinsfile

Jenkins Pipeline is a suite of plugins which supports implementing and integrating continuous delivery pipelines into Jenkins. Pipeline provides an extensible set of tools for modeling simple-to-complex delivery pipelines “as code” via the Pipeline DSL.

Typically, this “Pipeline as Code” would be written to a Jenkinsfile and checked into a project’s source control repository,

Simple commands

  • echo
  • sh
  • dir
  • stage
  • node
  • input

All groovy

With a catch… It all has to be serializable.

  • Since jenkins can pause the pipeline

Since just groovy

  • try { ... } catch { ... } finally { ... }
  • if { ... } else { ... }
  • def blah()
  • "hello ${name}"

More commands

  • git / svn / cvs
  • timeout
  • tool
  • readFile
  • writeFile
  • catchError
  • waitUntil
  • retry

Commands added by plugins

Plenty more at https://jenkins.io/doc/pipeline/steps/

  • slackSend
  • ansiColor
  • junit

can always be checked out via Pipeline Reference in a job

Variables in scope

  • scm
  • currentBuild
  • ENV
  • params

Shared libraries

Can setup a repository to share groovy code between jobs

Can be checked in to SCM

Pipeline as code!

Declarative pipeline

NEW

adds pipeline to your Jenkinsfile

The App

  • simple scala app
  • just outputs the current version of app

Deployment

  • running this in kubernetes
  • two different namespaces
    • staging
    • production

deploy k8s resources to staging ns

kubectl apply -f k8s/ --namespace staging

Release

  • update version files
  • update k8s deployment image to version
  • git tag
  • build image
  • push

Github Multibranch

Jenkins automatically discovers branches and pull requests. Creates jobs for each!

**But I have all these pull requests!**

create a a job for our cijug-jenkinsfile repo

  • need to disable cert verification in the github settings!

Continuous Deployment

The pipeline

  • Run tests
  • Release (build image and tag)
  • Deploy to staging automatically
  • Ask if we want to deploy to prod
  • Deploy to production

Code

Concurrent pipelines

  • lock
  • milestone

Extras

Tips and tricks

currentBuild.displayName = releasedVersion

timeout(time: 7, unit: "days") {
  slackSend("Hey, authorize the deployment!")
  milestone()
  input("Promote to UAT?")
}

use groovy closures

def preparedTerraformNode(Closure body) {
  node("agent") {
    sh "go get ..."
    sh "go get ..."
    sh "go get ..."
    body()
  }
}

Blue Ocean

Blue Green Deployments

Smoke testing

Canary

Cleanup

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

2 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

16 tags

Packages

No packages published

Languages