CI/CD¶
Set up continuous integration and deployment with Jenkins.
Overview¶
Jenkins provides CI/CD capabilities with Kubernetes ephemeral agents. It supports container builds, testing, and automated deployment.
Access Jenkins¶
Jenkins is accessible at:
- Local: http://localhost:8080 (via port-forward)
Get admin password¶
Initial setup¶
- Log in to Jenkins UI
- Install suggested plugins
- Create admin user
- Configure Kubernetes cloud (pre-configured)
Kubernetes agents¶
Jenkins uses ephemeral Kubernetes pods as agents:
Kaniko agent¶
Build Docker images without Docker socket:
pipeline {
agent {
kubernetes {
label 'kaniko'
}
}
stages {
stage('Build') {
steps {
container('kaniko') {
sh '''
/kaniko/executor \
--context /workspace \
--destination nexus:5000/my-app:${BUILD_NUMBER} \
--destination nexus:5000/my-app:latest
'''
}
}
}
}
}
Maven agent¶
Build Java/Maven projects:
pipeline {
agent {
kubernetes {
label 'maven'
}
}
stages {
stage('Build') {
steps {
container('maven') {
sh 'mvn clean package'
}
}
}
stage('Publish') {
steps {
container('maven') {
sh '''
mvn deploy:deploy-file \
-Dfile=target/my-app.jar \
-DrepositoryId=nexus \
-Durl=http://nexus:8081/repository/maven-releases
'''
}
}
}
}
}
Python agent¶
Build and test Python applications:
pipeline {
agent {
kubernetes {
label 'python'
}
}
stages {
stage('Test') {
steps {
container('python') {
sh 'pip install -r requirements.txt'
sh 'pytest'
}
}
}
stage('Build') {
steps {
container('kaniko') {
sh '''
/kaniko/executor \
--context /workspace \
--destination nexus:5000/my-app:${BUILD_NUMBER}
'''
}
}
}
}
}
Complete pipeline example¶
pipeline {
agent {
kubernetes {
label 'kaniko'
}
}
environment {
NEXUS_REGISTRY = 'nexus:5000'
APP_NAME = 'my-app'
K8S_NAMESPACE = 'playpen-apps'
}
stages {
stage('Build') {
steps {
container('kaniko') {
sh '''
/kaniko/executor \
--context /workspace \
--destination ${NEXUS_REGISTRY}/${APP_NAME}:${BUILD_NUMBER} \
--destination ${NEXUS_REGISTRY}/${APP_NAME}:latest
'''
}
}
}
stage('Deploy') {
steps {
sh '''
kubectl set image deployment/${APP_NAME} \
${APP_NAME}=${NEXUS_REGISTRY}/${APP_NAME}:${BUILD_NUMBER} \
-n ${K8S_NAMESPACE} || \
kubectl apply -f deployment.yaml -n ${K8S_NAMESPACE}
'''
}
}
}
}
Nexus integration¶
Configure Nexus credentials¶
- Go to Jenkins → Manage Jenkins → Credentials
- Add credentials:
- Kind: Username with password
- Username: Nexus username
- Password: Nexus password
- ID:
nexus-credentials
Use credentials in pipeline¶
withCredentials([usernamePassword(
credentialsId: 'nexus-credentials',
usernameVariable: 'NEXUS_USER',
passwordVariable: 'NEXUS_PASS'
)]) {
sh '''
docker login -u $NEXUS_USER -p $NEXUS_PASS nexus:5000
'''
}
Webhook triggers¶
Configure Git webhooks to trigger pipelines automatically:
- In Jenkins, configure pipeline with "Build Triggers" → "GitHub hook trigger"
- In GitHub, add webhook URL:
http://your-jenkins-url/github-webhook/
Best practices¶
Use declarative pipelines¶
Prefer declarative syntax over scripted:
// Good
pipeline {
agent any
stages {
stage('Build') { ... }
}
}
// Avoid
node {
stage('Build') { ... }
}
Parallel execution¶
Run tests in parallel:
stage('Test') {
parallel {
stage('Unit') {
steps { sh 'pytest tests/unit' }
}
stage('Integration') {
steps { sh 'pytest tests/integration' }
}
}
}
Artifact archiving¶
Archive build artifacts:
Troubleshooting¶
Agent pod not starting¶
- Check Kubernetes cloud configuration
- Verify service account permissions
- Check pod logs:
kubectl logs -n playpen-platform <pod-name>
Build fails¶
- Check agent pod logs
- Verify Nexus connectivity
- Check image pull permissions
Next steps¶
- Learn about artifact management
- Configure platform services