In this article we will see how to combine Jenkins and Kubernetes to start your jobs in your cluster.
What is Jenkins ?
Jenkins is a free and popular Continuous integration system (CI). It’s written in Java and is compatible with a lot of plugins.
- A functional Jenkins
- The Kubernetes plugin
- A Kubernetes cluster
- Jenkins has to be accessible from your Kubernetes cluster by HTTP and by the port 5000 (TCP)
- The Kubernetes configuration file (.kube/config)
We will extract the keys from your kubectl configuration file, .kube/config and generate the pfx file for Jenkins. Don’t forget to save the password, you will need it in Jenkins.
CONFIG=".kube/config" echo -n $(cat $CONFIG | grep certificate-authority-data | cut -d: -f2) | base64 -d > ca.crt echo -n $(cat $CONFIG | grep client-certificate-data | cut -d: -f2) | base64 -d > client.crt echo -n $(cat $CONFIG | grep client-key-data | cut -d: -f2) | base64 -d > client.key openssl pkcs12 -export -out cert.pfx -inkey client.key -in client.crt -certfile ca.crt
You can remove the client keys but keep the ca.crt file, you will need it in the next step.
rm client.crt client.key
Go to Credentials, click on System in the left menu, Global credential (in the page’s body) and Add Credentials (in the left menu).
In Kind select Certificat. Select Upload PKCS#12 certificate and click on Upload certificate, pick your certificate file (cert.pfx) and upload it. Enter your certificate password, a description and validate.
Go to Manage Jenkins, and Configure System. In the Cloud part, click on Add a new cloud, and select Kubernetes.
Enter the following parameters:
- Kubernetes URL: your Kubernetes server API url, you can find it in .kube/config, line server
- Kubernetes server certificate key: the content of the previously generated file ca.crt
- Credentials: select your Kubernetes certificate, the one we have added previously
- Jenkins URL: the URL to access to your Jenkins server
Click on Add Pod Template to configure the pod who will be started by Jenkins.
- Name: jenkins-slave
Click on Add a container
- Name: jnlp
- Docker image: jenkins/jnlp-slave
- Command to run: Remove everything
- Arguments to pass to the command: Remove everything
- Check Allocate pseudo-TTY
It’s over, now you can run your Jenkins jobs on your Kubernetes cluster.