Book Image

Jenkins Administrator's Guide

By : Calvin Sangbin Park, Lalit Adithya, Sam Gleske
Book Image

Jenkins Administrator's Guide

By: Calvin Sangbin Park, Lalit Adithya, Sam Gleske

Overview of this book

Jenkins is a renowned name among build and release CI/CD DevOps engineers because of its usefulness in automating builds, releases, and even operations. Despite its capabilities and popularity, it's not easy to scale Jenkins in a production environment. Jenkins Administrator's Guide will not only teach you how to set up a production-grade Jenkins instance from scratch, but also cover management and scaling strategies. This book will guide you through the steps for setting up a Jenkins instance on AWS and inside a corporate firewall, while discussing design choices and configuration options, such as TLS termination points and security policies. You’ll create CI/CD pipelines that are triggered through GitHub pull request events, and also understand the various Jenkinsfile syntax types to help you develop a build and release process unique to your requirements. For readers who are new to Amazon Web Services, the book has a dedicated chapter on AWS with screenshots. You’ll also get to grips with Jenkins Configuration as Code, disaster recovery, upgrading plans, removing bottlenecks, and more to help you manage and scale your Jenkins instance. By the end of this book, you’ll not only have a production-grade Jenkins instance with CI/CD pipelines in place, but also knowledge of best practices by industry experts.

Related Content you might be interested in

Current Title:

Small book image
Jenkins Administrator's Guide
Calvin Sangbin Park | Lalit Adithya | Sam Gleske
Dec, 2021 | 436 pages
Small book image
Jenkins Fundamentals
Arnold Okoth | Joseph Muli
Aug, 2018 | 234 pages
Small book image
Learning Continuous Integration with Jenkins
Nikhil Pathania
Jan, 2024 | 396 pages
Small book image
Continuous Delivery with Docker and Jenkins, 3rd Edition
Rafał Leszko
May, 2022 | 374 pages
Table of Contents (13 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Reviews
1
1 Jenkins Infrastructure with TLS/SSL and Reverse Proxy
1 Jenkins Infrastructure with TLS/SSL and Reverse Proxy
Technical requirements
Why Jenkins?
Searching for answers online with Jenkins keywords
Understanding the Jenkins architecture
AWS: FAQs, routing rules, EC2 instances, and EIPs
Installing Docker on our VMs
Acquiring domain names and TLS/SSL certificates
Storage concerns
Summary
Free Chapter
2
2 Jenkins with Docker on HTTPS on AWS and inside a Corporate Firewall
2 Jenkins with Docker on HTTPS on AWS and inside a Corporate Firewall
Technical requirements
Running a Jenkins controller with Docker on HTTPS
Reverse proxy and TLS/SSL termination options
Installing plugins and configuring Jenkins
Attaching SSH and inbound agents
Creating a secure Docker Cloud
Summary
3
3 GitOps-Driven CI Pipeline with GitHub
3 GitOps-Driven CI Pipeline with GitHub
Technical requirements
Project overview
Creating two sets of projects and users in Jenkins
Creating a static pipeline for build and unit tests
Displaying test results and a code coverage report
Creating a premerge CI pipeline with GitHub PR hooks
Requiring a successful build for a merge
Summary
4
4 GitOps-Driven CD Pipeline with Docker Hub and More Jenkinsfile Features
4 GitOps-Driven CD Pipeline with Docker Hub and More Jenkinsfile Features
Technical requirements
Project overview
Packaging the Docker image and running integration tests
Versioning Git and Docker using Semantic Versioning
Using more Jenkinsfile features with DooD and bare-metal agents
Creating a static pipeline for packaging, integration tests, and delivery
Creating a postmerge CD pipeline with a GitHub webhook and polling
Summary
5
5 Headfirst AWS for Jenkins
5 Headfirst AWS for Jenkins
Technical requirements
Logging in to AWS
Navigating the AWS console
EC2 instances and EIPs
Let's Encrypt
Setting up an application ELB for the AWS Jenkins controller
Other DNS providers
Summary
6
6 Jenkins Configuration as Code (JCasC)
6 Jenkins Configuration as Code (JCasC)
Technical requirements
Downloading and understanding the current configuration
Converting controller configuration to JCasC
Converting agent configuration to JCasC
Converting Docker cloud configuration to JCasC
Converting the pipeline configurations to JCasC
Redeploying Jenkins using JCasC
Reverting back to the original Jenkins
Retrospective
Advanced: CasC Plugin – Groovy Scripting Extension
Summary
7
7 Backup and Restore and Disaster Recovery
7 Backup and Restore and Disaster Recovery
Technical requirements
A small change for testing backup and restore
Backup strategies
Deciding which files to back up and at what frequency
Backing up and restoring with the ThinBackup plugin
Disaster recovery from a user mistake
Disaster recovery from an infrastructure failure
Summary
8
8 Upgrading the Jenkins Controller, Agents, and Plugins
8 Upgrading the Jenkins Controller, Agents, and Plugins
Technical requirements
Understanding the challenges of plugin version management
Upgrade strategies
Upgrading plugins using Plugin Manager
Upgrading the controller
Summary
9
9 Reducing Bottlenecks
9 Reducing Bottlenecks
Technical requirements
Recommendations for hosting Jenkins to avoid bottlenecks
Quick performance improvements in an existing Jenkins instance
Improving Jenkins uptime and long-term health
Controller bottlenecks created by an agent
Other ways to reduce agent log output
Summary
10
10 Shared Libraries
10 Shared Libraries
Technical requirements
Understanding the directory structure
Creating a shared library
Providing shared libraries
Using shared libraries
Use cases
Summary
11
11 Script Security
11 Script Security
Technical requirements
Administrator versus non-administrator
Outside the Groovy sandbox
Inside the Groovy sandbox
Approve assuming permission check
Thoughts on disabling Script Security
Summary
12
Index
Index

Converting agent configuration to JCasC

Similar to the controller configuration, let's identify all the changes we've made for agent configuration, then find out how to apply the same changes using JCasC by looking up the relevant section of jenkins.yaml.

This time I won't repeat the same steps, but instead discuss the meaning of the entries more in depth:

  • Save the SSH private key as a credential in the Jenkins credentials store:
redentials:
  system:
    domainCredentials:
    - credentials:
      - basicSSHUserPrivateKey:
          description: "firewalled-agent-robot_acct-priv"
          id: "firewalled-agent-robot_acct-priv"
          privateKeySource:
            directEntry:
              privateKey: "{AQAAABAu4YD...UN8IhfZyc5nQi}"
          scope: SYSTEM
          username: "robot_acct"

As discussed before, privateKey is stored as an encrypted value, and only the current Jenkins has the...

Previous Section
End of Section 5
Next Section