Your Jenkins jobs on Kubernetes

Posted by

In this article we will see how to combine Jenkins and Kubernetes to start your jobs in your cluster.

What is Jenkins ?

Jenkins is a free and popular Continuous integration system (CI). It’s written in Java and is compatible with a lot of plugins.


  • A functional Jenkins
  • The Kubernetes plugin
  • A Kubernetes cluster
  • Jenkins has to be accessible from your Kubernetes cluster by HTTP and by the port 5000 (TCP)
  • The Kubernetes configuration file (.kube/config)

Secured authentication

We will extract the keys from your kubectl configuration file, .kube/config and generate the pfx file for Jenkins. Don’t forget to save the password, you will need it in Jenkins.

echo -n $(cat $CONFIG | grep certificate-authority-data | cut -d: -f2) | base64 -d > ca.crt
echo -n $(cat $CONFIG | grep client-certificate-data | cut -d: -f2) | base64 -d > client.crt
echo -n $(cat $CONFIG | grep client-key-data | cut -d: -f2) | base64 -d > client.key
openssl pkcs12 -export -out cert.pfx -inkey client.key -in client.crt -certfile ca.crt

You can remove the client keys but keep the ca.crt file, you will need it in the next step.

rm client.crt client.key

Go to Credentials, click on System in the left menu, Global credential (in the page’s body) and Add Credentials (in the left menu).

In Kind select Certificat. Select Upload PKCS#12 certificate and click on Upload certificate, pick your certificate file (cert.pfx) and upload it. Enter your certificate password, a description and validate.

Cloud configuration

Go to Manage Jenkins, and Configure System. In the Cloud part, click on Add a new cloud, and select Kubernetes.

Enter the following parameters:

  • Kubernetes URL: your Kubernetes server API url, you can find it in .kube/config, line server
  • Kubernetes server certificate key: the content of the previously generated file ca.crt
  • Credentials: select your Kubernetes certificate, the one we have added previously
  • Jenkins URL: the URL to access to your Jenkins server

Click on Add Pod Template to configure the pod who will be started by Jenkins.

  • Name: jenkins-slave

Click on Add a container

  • Name: jnlp
  • Docker image: jenkins/jnlp-slave
  • Command to run: Remove everything
  • Arguments to pass to the command: Remove everything
  • Check Allocate pseudo-TTY


It’s over, now you can run your Jenkins jobs on your Kubernetes cluster.

Leave a Reply

Your email address will not be published. Required fields are marked *