Files

Dustin C. Hatch 72d3f222c5 jenkins: Trust SSHCA for pyrocufflink.black

The new machines have names in the _pyrocufflink.black_ zone.  We need
to trust the SSHCA certificate to sign keys for these names in order to
connect to them and manage them with Ansible.

2024-11-26 03:35:21 +00:00

.gitignore

jenkins: Migrate to iSCSI persistent volume

2024-06-23 09:53:15 -05:00

iscsi-migrate.yaml

jenkins: Migrate to iSCSI persistent volume

2024-06-23 09:53:15 -05:00

iscsi.yaml

jenkins: Force iSCSI volume on specific nodes

2024-06-26 18:29:49 -05:00

jenkins.yaml

jenkins: Update to 2.426.2

2024-01-22 18:01:03 -06:00

kustomization.yaml

jenkins: Remove Argo CD sync hook

2024-07-04 06:53:58 -05:00

README.md

jenkins: Migrate to iSCSI persistent volume

2024-06-23 09:53:15 -05:00

secrets.yaml

jenkins: Add credentials to sign, publish RPMs

2023-11-10 15:31:55 -06:00

ssh_known_hosts

jenkins: Trust SSHCA for pyrocufflink.black

2024-11-26 03:35:21 +00:00

README.md

Jenkins in Kubernetes

Kubernetes Setup

Configure Jenkins resources:

ln imagepull-gitea jenkins/.dockerconfigjson
kubectl apply -k jenkins

Jenkins Setup

Install Kubernetes plugin.

Set TCP port for inbound agents setting (Manage Jenkins → Configure Global Security) to Fixed and enter 40414.

Configure Kubernetes (Manage Jenkins → Manage Nodes and Clouds → Configure Clouds:

Add a new cloud → Kubernetes
Enter a name
Kubernetes Cloud details...
- Kubernetes URL: (leave blank; will use Kubernetes service discovery)
- Kubernetes Namespace: jenkins-jobs
- Credentials: - none - (will use Service Account token)
- Jenkins tunnel: jenkins.jenkins.svc.cluster.local: (trailing colon!)

iSCSI Persistent Volume

Because of the large size of the Jenkins volume, it does not work well managed by Longhorn. Instead, we use a pre-provisioned iSCSI volume on the Synology NAS. This improves performance and avoids keeping multiple replicas of the Jenkins data, while still benefiting from snapshots, etc.