Installation

This document describes installation procedure of self-hosted Operator Service for Jenkins®.

Installation of a self-hosted Operator Service for Jenkins happens with Helm Chart.

When purchasing the Operator Service for Jenkins, client is given a personalized token with a password and name of the registry to access the Operator’s image.

First create namespaces of choice to deploy Operator and Jenkins in.

$ kubectl create ns <operator-namespace>
$ kubectl create ns <jenkins-namespace>

Second create a secret for downloading the Enterprise image by exchanging the placeholders in the below code:

$ kubectl create secret docker-registry license-secret \
--namespace <operator-namespace> \
--docker-server=<registry-name> \
--docker-username=<token-name> \
--docker-password=<password>

This secret must reside in the same namespace as Operator and be named image-secret in order to fetch the image.

Third create a secret with the license information.

apiVersion: v1
kind: Secret
metadata:
  name: <custom-name>
stringData:
  clientName: "<your-name>"
  licenseKey: "<your-license-key>"

By default the Operator will look for a secret named “license”, but you can use custom name by specifying it in the flag in the Operator command:

-license-secret=<custom-name>

Next, prepare your custom values.yaml file where you specify all desired the configurations both for the Operator and all the available Custom Resources. Don’t forget to exchange the jenkins namespace with the one you have just created. You can copy and customize the default file:

# Jenkins Operator Helm chart

# Jenkins instance configuration
jenkins:
  # enabled can enable or disable the Jenkins instance
  # Set to false if you have configured CR already and/or you want to deploy an operator only
  enabled: true

  # apiVersion is the version of the CR manifest
  # The recommended and default value is "jenkins.io/v1alpha2"
  # See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/v0.1.x/migration-guide-v1alpha1-to-v1alpha2/ for more migration guide
  apiVersion: jenkins.io/v1alpha2

  # name of resource
  # The pod name will be jenkins-<name> (name will be set as suffix)
  name: jenkins

  # namespace is the namespace where the resources will be deployed
  # It's not recommended to use default namespace
  # Create new namespace for jenkins (called e.g. jenkins)
  namespace: default

  # labels are injected into metadata labels field
  labels: {}

  # annotations are injected into metadata annotations field
  annotations: {}

  # image is the name (and tag) of the Jenkins instance
  # Default: jenkins/jenkins:lts
  # It's recommended to use LTS (tag: "lts") version
  image: jenkins/jenkins:2.277.4-lts-alpine

  # env contains jenkins container environment variables
  env: []

  # imagePullPolicy defines policy for pulling images
  imagePullPolicy: Always

  # priorityClassName indicates the importance of a Pod relative to other Pods
  # See: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
  priorityClassName: ""

  # disableCSRFProtection can enable or disable operator built-in CSRF protection
  # Set it to true if you are using OpenShift Jenkins Plugin
  # See https://github.com/jenkinsci/kubernetes-operator/pull/193 for more info
  disableCSRFProtection: false

  # imagePullSecrets is used if you want to pull images from private repository
  # See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configuration/#pulling-docker-images-from-private-repositories for more info
  imagePullSecrets: []

  # notifications is feature that notify user about Jenkins reconcilation status
  # See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/notifications/ for more info
  notifications: []

  # basePlugins are plugins installed and required by the operator
  # Shouldn't contain plugins defined by user
  # You can change their versions here
  # See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/customization/#install-plugins for more details
  #
  # Example:
  #
  # basePlugins:
  # - name: kubernetes
  #   version: 1.29.0
  # - name: workflow-job
  #   version: "2.40"
  # - name: workflow-aggregator
  #   version: "2.6"
  # - name: git
  #   version: 4.5.0
  # - name: job-dsl
  #   version: "1.77"
  # - name: configuration-as-code
  #   version: "1.47"
  # - name: kubernetes-credentials-provider
  #   version: 0.15
  # - name: simple-theme-plugin
  #   version: "0.6"
  basePlugins:
    - name: kubernetes
      version: "1.29.0"
    - name: workflow-job
      version: "2.40"
    - name: workflow-aggregator
      version: "2.6"
    - name: git
      version: "4.5.0"
    - name: job-dsl
      version: "1.77"
    - name: configuration-as-code
      version: "1.47"
    - name: kubernetes-credentials-provider
      version: "0.15"
    - name: simple-theme-plugin
      version: "0.6"

  # plugins are plugins required by the user
  # You can define plugins here
  # See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/customization/#install-plugins for more details
  #
  # Example:
  #
  # plugins:
  # - name: jacoco
  #   version: "3.1.1"
  plugins: []

  # seedJobs is placeholder for jenkins seed jobs
  # For seed job creation tutorial, check https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configuration/#prepare-job-definitions-and-pipelines
  # See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configuration/#configure-seed-jobs for additional info
  # Example:
  #
  # seedJobs:
  #  - id: jenkins-operator
  #    targets: "cicd/jobs/*.jenkins"
  #    description: "Jenkins Operator repository"
  #    repositoryBranch: master
  #    repositoryUrl: https://github.com/jenkinsci/kubernetes-operator.git
  seedJobs: []

  # Resource limit/request for Jenkins
  # See https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ for details
  resources:
    limits:
      cpu: 1500m
      memory: 3Gi
    requests:
      cpu: 1
      memory: 500Mi

  # volumes used by Jenkins
  # By default, we are only using backup
  volumes:
    - name: backup # PVC volume where backups will be stored
      persistentVolumeClaim:
        claimName: jenkins-backup

  # volumeMounts are mounts for Jenkins pod
  volumeMounts: []

  # defines authorization strategy of the operator for the Jenkins API
  authorizationStrategy: createUser

  # securityContext for pod
  securityContext:
    runAsUser: 1000
    fsGroup: 1000

  # http Jenkins service
  # See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/schema/#github.com/jenkinsci/kubernetes-operator/pkg/apis/jenkins/v1alpha2.Service for details
  #service:
  # slave Jenkins service
  # See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/schema/#github.com/jenkinsci/kubernetes-operator/pkg/apis/jenkins/v1alpha2.Service for details
  #slaveService:
  
  # LivenessProbe for Jenkins Master pod
  livenessProbe:
    failureThreshold: 12
    httpGet:
      path: /login
      port: http
      scheme: HTTP
    initialDelaySeconds: 80
    periodSeconds: 10
    successThreshold: 1
    timeoutSeconds: 5
  # ReadinessProbe for Jenkins Master pod
  readinessProbe:
    failureThreshold: 3
    httpGet:
      path: /login
      port: http
      scheme: HTTP
    initialDelaySeconds: 30
    periodSeconds: 10
    successThreshold: 1
    timeoutSeconds: 1

  # backup is section for configuring operator's backup feature
  # By default backup feature is enabled and pre-configured
  # This section simplifies the configuration described here: https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configure-backup-and-restore/
  # For customization tips see https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/custom-backup-and-restore/
  backup:
    # enabled is enable/disable switch for backup feature
    # By default the feature is enabled
    enabled: true

    # image used by backup feature
    # By default using prebuilt backup PVC image by VirtusLab
    image: virtuslab/jenkins-operator-backup-pvc:v0.1.0

    # containerName is backup container name
    containerName: backup

    # interval defines how often make backup in seconds
    interval: 30

    # makeBackupBeforePodDeletion when enabled will make backup before pod deletion
    makeBackupBeforePodDeletion: true

    # backupCommand is backup container command
    backupCommand:
      - /home/user/bin/backup.sh

    # restoreCommand is backup restore command
    restoreCommand:
      - /home/user/bin/restore.sh

    getLatestAction:
      - /home/user/bin/get-latest.sh

    # pvc is Persistent Volume Claim Kubernetes resource
    pvc:
      # enabled is enable/disable switch for PVC
      enabled: true

      # size is size of PVC
      size: 5Gi

      # className is storageClassName for PVC
      # See https://kubernetes.io/docs/concepts/storage/persistent-volumes/#class-1 for more details
      className: ""

    # resources used by backup container
    resources:
      limits:
        cpu: 1500m
        memory: 1Gi
      requests:
        cpu: 100m
        memory: 256Mi

    # env contains container environment variables
    # PVC backup provider handles these variables:
    # BACKUP_DIR - path for storing backup files (default: "/backup")
    # JENKINS_HOME - path to jenkins home (default: "/jenkins-home")
    # BACKUP_COUNT - define how much recent backups will be kept
    env:
      - name: BACKUP_DIR
        value: /backup
      - name: JENKINS_HOME
        value: /jenkins-home
      - name: BACKUP_COUNT
        value: "3" # keep only the 3 most recent backups

    # volumeMounts holds the mount points for volumes
    volumeMounts:
      - name: jenkins-home
        mountPath: /jenkins-home # Jenkins home volume
      - mountPath: /backup # backup volume
        name: backup

  # configuration is section where we can configure Jenkins instance
  # See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/customization/ for details
  configuration:
    configurationAsCode: {}
    #    - configMapName: jenkins-casc
    #      content: {}
    groovyScripts: {}
    #    - configMapName: jenkins-gs
    #      content: {}

    # secretRefName of existing secret (previously created)
    secretRefName: ""

    # secretData creates new secret if secretRefName is empty and fills with data provided in secretData
    secretData: {}

# operator is section for configuring operator deployment
operator:
  replicaCount: 1

  # image is the name (and tag) of the Jenkins Operator image
  image: virtuslab/jenkins-operator:v0.5.0

  # imagePullPolicy defines policy for pulling images
  imagePullPolicy: IfNotPresent

  # imagePullSecrets is used if you want to pull images from private repository
  imagePullSecrets: []

  # nameOverride overrides the app name
  nameOverride: ""

  # fullnameOverride overrides the deployment name
  fullnameOverride: ""

  resources: {}
  nodeSelector: {}
  tolerations: []
  affinity: {}

Deploy Operator Service for Jenkins in the first one running Helm command:

$ helm install operator-service insert-here-chart-repo -n <operator-namespace>

At that moment, the Operator and Jenkins pods will start to appear. You can watch over the process by running:

$ kubectl get po --all-namespaces -w

Operator will keep on printing logs about reaching consecutive phases and announce itself Ready. Then you can start to use it freely.

To connect to the UI you can use:

$ kubectl -n <jenkins-namespace> port-forward <jenkins-pod> 8080:8080

At http://localhost:8080 (or with customized suffix) you will find the Jenkins UI.

Jenkins UI

What’s next?

For further information about customization and configuration of Jenkins please refer to the Getting Started section.