3 minutes
Run Jenkins in K3s
Overview
Of course, you can also deploy Jenkins quickly and easily with the corresponding HELM chart, but the alternative way using native kubectl provides a better insight into the topic of Kubernetes.
To access Jenkins, we want to use the address https://k3s.home/jenkins/ (ensure DNS for k3s.home points to the address of your master node)
We need/create the following files
- namespace.yaml
- pvc.yaml
- deployment.yaml
- service.yaml
- ingress.yaml
Namespace
Let’s assume we want to deploy Jenkins into a namespace called cicd.
Start with creating the namespace by editing namespace.yaml
kind: Namespace
apiVersion: v1
metadata:
name: cicd
labels:
name: cicd
and apply kubectl apply -f namespace.yaml
PVC
To be able to save data permanently, a PVC is required for Jenkins, the initial size should not be too small (but can easily be expanded later).
We choose a initial size of 20GB.
Edit pvc.yaml
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-jenkins
namespace: cicd
spec:
storageClassName: nfs-storage
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
The defined storageClassName is depending on your setup. If storageClassName is not specified, the default class is automatically used (can be found out with kubectl get storageclasses).
Need more information about Storage Classes? This way to the official documentation.
Create the PV kubectl apply -f pvc.yaml
Deployment
The deployment will install Jenkins, which in the case of Kubernetes means that a corresponding Docker image is loaded and started.
edit deployment.yaml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: cicd
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
securityContext:
runAsUser: 0
containers:
- name: jenkins
image: jenkins/jenkins:lts-jdk17
env:
- name: JAVA_OPTS
value: "-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 -Dorg.jenkinsci.plugins.getclient.GitClient.untrustedSSL=true"
- name: JENKINS_OPTS
value: "--prefix=/jenkins"
resources:
requests:
memory: "2Gi"
cpu: "1000m"
limits:
memory: "3Gi"
cpu: "1500m"
imagePullPolicy: Always
ports:
- containerPort: 80
- containerPort: 50000
volumeMounts:
- name: jenkinshome
mountPath: /var/jenkins_home
volumes:
- name: jenkinshome
persistentVolumeClaim:
claimName: pvc-jenkins
and go kubectl apply -f deployment.yaml
Service
---
apiVersion: v1
kind: Service
metadata:
name: jenkins
namespace: cicd
spec:
selector:
app: jenkins
ports:
- name: jenkins-http
protocol: TCP
port: 8080
targetPort: 8080
- name: jenkins-jnpl
protocol: TCP
port: 50000
targetPort: 50000
type: ClusterIP
Make the service avaible in the cluster kubectl apply -f service.yaml
Ingress
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jenkins
namespace: cicd
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
spec:
rules:
- host: k3s.home
http:
paths:
- path: /jenkins
pathType: Prefix
backend:
service:
name: jenkins
port:
number: 8080
If your using k3s for your cluster, traefik comes along as your ingress controller and you can make your service accessible from the outside of your cluster by running kubectl apply -f ingress.yaml
If you like to access Jenkins over HTTP additional to HTTPS add web to the entrypoints
traefik.ingress.kubernetes.io/router.entrypoints: web, websecure
Use it
Now you can open the Jenkins-UI in your browser (eg. https://k3s.home/jenkins/)
You can always show the deployed settings with kubectl -n cicd describe [TYPE] [NAME] eg. when you like to see the information regarding your deployment jenkins kubectl -n cicd describe deployment jenkins or for ingress kubectl -n cicd describe ingress jenkin
All in one
To fire up Jenkins in your cluster run all in one
kubectl apply -f pvc.yaml && \
kubectl apply -f deployment.yaml && \
kubectl apply -f service.yaml && \
kubectl apply -f ingress.yaml