The goal of this getting started guide is to help teams set up jenkins continuous integration (ci) servers and discover how to get a newly deployed ci infrastructure fully operational. jenkins is a leading open source ci server. it’s flexible, provides hundreds of plugins to support building, testing, and deployment, and is capable of automating any project. Jenkins CI infrastructure can be deployed on-premises, in the cloud using configuration management tools, and a third-party vendor. For the purpose of this article, let’s assume our jenkins ci servers are deployed in the cloud and focus on configuring the jenkins web interface. I will go over various processes and steps to set up a new jenkins ci server for production.
recommended best practices for ci architecture
Don’t jump headlong into configuring and building a pipeline without planning, designing, and setting standards for your ci architecture. taking the time to think about infrastructure first will allow for a stable and restorable infrastructure. Let’s go over some recommended best practices to consider in your future ci pipeline.
Reading: How to connect to jenkins server
backup ci server (failsafe)
It may seem obvious. recommends setting up a backup process for the jenkins configuration. write a jenkins job to use the thinbackup plugin or the s3 plugin to push the jenkins configuration to an amazon s3 (cloud storage).
These are recommendations to keep in mind: set environment variables (ie shadow passwords, ssh keys, api keys, etc.); security: create generic reusable jobs, naming conventions (ie jobs and environment variables); keep the jobs small: modulation, scalable infrastructure that allows automatic scaling of slave nodes.
Be conservative with your use of plugins. in my experience plugins change all the time and get brittle. For the discovery mode of finding the right plugins for your ci framework, I recommend evaluating whether you can write the same functionality yourself rather than relying on third-party plugins. just minimize the use of your plugin. having an update process is important. do not test updates on live production ci server. set up a test environment to test any new plugins or new versions of jenkins using existing jobs before applying a change to your production server.
configuration management tools
I highly recommend using a configuration management tool to automate the process for speed, scale, repeatability, and consistency. I recommend using the scalr and chef tool solutions.
Consider creating github webhooks for version control repositories. I recommend using artifacts (cloud storage) for ci artifacts.
the basics of setting up a jenkins master server
In this section of the guide, I’ll walk you through a few steps to configure and manage Jenkins.
discover, install and manage plugins
jenkins has hundreds of useful plugins. plugins will eliminate the need to create custom scripts to solve common problems with minimal pain. just remember that plugins change often and become brittle. minimize your plugin usage if possible.
- Navigate to Jenkins Web Interface > Login as Admin > Manage Jenkins > Manage Plugins > Available (Tab)
- Select checkbox for all the plugins you want to install
- Select “Download now and install after restart” at the bottom of the page.
- After Jenkins finishes restarting, the installed plugins will appear under Manage Plugins > Installed (Tab)
here are some jenkins plugin recommendations:
- git: allows you to integrate github to clone the repository
- github pull request generator: creates pull requests in github and report the results
- swarm: allows slaves to automatically discover the nearby jenkins master and join it automatically
- sauce on demand – allows you to integrate sauce labs selenium testing with jenkins
- pipeline – set of plugins that allows you to orchestrate automation, simple or complex
- thinbackup – allows posting build notifications to a slack channel
- thinbackup – simply backs up global and job-specific settings
configure system settings
As a jenkins administrator, the system settings page is a critical configuration section. this page represents a variety of sections, each of which maps to a different configuration area of the jenkins generic configuration, which defines global environment variables and most installed plugins are configured on this page.
- Navigate to Jenkins Web Interface > Login as Admin > Manage Jenkins > Configure System
- Configure the root directory for workspace and build record.
- Set the Jenkins Master executors to 0, setting up separate cloud instances to be the workers; Jenkins Master will only be the orchestrator.
- Set environment variables (i.e. SLACK_TOKEN, SAUCE_API_KEY).
- Configure the installed plugins (i.e. GitHub, Sauce Labs, Slack, etc.); typically involves adding API keys or shared secrets.
configure global settings
out of the box, jenkins will allow anyone to run anything as the jenkins user along with admin permissions, which is bad. I suggest enabling Lightweight Directory Access Protocol (ldap), which allows you to use the corporate service. users can login to jenkins with their usual company login credentials.
- Navigate to Jenkins Web Interface > Login as Admin > Manage Jenkins > Configure Global Security
- Select checkbox to enable security.
- Set TCP port for JNLP slave agents to 9000.
- Select LDAP from the Access Control (Security Realm) section and enter your LDAP server address:
- Select matrix-based security from the Access Control (Authorization) section
- Select the checkbox for Prevent Cross Site Request Forgery Exploits, and Enable Slave -> Master Access Control
add node (slave)
There are several ways to add and configure a farm of slave nodes. in all cases, a build, test, or deployment job runs on a slave node. when it comes to creating multiple slave nodes, it’s usually a simple process.
advanced: we create a farm in scalr with a master jenkins server and at least a handful of slave nodes to build and test the application. we use the swarm plugin to allow slave nodes to automatically discover a nearby jenkins master and automatically join. you can also manually run a curl command and add slave nodes to the jenkins master. It’s clear as mud, right? In simple terms, a slave node is a machine configured to clone source code, compile, run tests, or whatever tools are needed. lastly, the build results are stored in the jenkins master, and artifacts should always end up in the artifact store (ie the artifact) and not in the jenkins master.
- verify that the new node is online.
- navigate to the jenkins web interface > login as administrator > manage jenkins > manage nodes
jenkins is a very flexible application that implies a lot of control for administrators. It’s easy to see by accessing the Jenkins admin page that we’ve only scratched the surface, but we’ve laid a solid foundation for continuing to learn how to configure and manage Jenkins.
let’s go on time! ready to create a ci pipeline
Now that Jenkins is configured, you’re ready to host or maintain a ci pipeline. I recommend checking out the jenkins documentation to get started with the pipeline to create and deploy your first ci pipeline.
The main motivation behind this article is to help everyone identify the basic configuration and best practices to configure the jenkins master and slave architecture, then have the incentive and convenience to participate in the ci architecture, as well as enforce discipline by assigning blame if the build, deployment, or test fails.
interested in learning more? come visit sauce labs at jenkins world 2016.
greg sypolt (@gregsypolt) is a senior engineer at gannett – usa today network and co-founder of quality element. he is a passionate automation engineer looking to optimize the quality of software development, while training team members on how to write great automation scripts and helping the testing community become better testers. Greg has spent most of his career working on software quality, concentrating on web browsers, APIs, and mobile devices. For the past 5 years, he has focused on building and deploying automated testing strategies, frameworks, tools and platforms, and continuous integration.