Setting up Jenkins on Google Kubernetes Engine with Helm

Rohan Singh
Oct 31 · 6 min read

After publishing my last blog — Jenkins on Google Compute Engine, I got a demand to write the same blog but with Google Kubernetes Engine via Helm.

We are doing it the same in our organization, and recently I’ve done it for a project in my organization, so here it is!

Google Kubernetes Engine (GKE)

GKE is a perfect combination or I should say a blend of Iaas and PaaS making it as Kubernetes as a Service or Container as a Service which Google was using since 2003 as its internal orchestrator till 2015 when it gets open-source with a benefit of autoscaling of the cluster, integration of Stackdriver, fluentd, Prometheus, VPN etc. Kubernetes Engine enables rapid application development and iteration by making it easy to deploy, update, and manage our applications and services with no vendor lock-in which means you’re free to take your applications out of Kubernetes Engine and run them anywhere Kubernetes is supported, including on your own on-premises servers.

With containers, we just bundle our application code and its dependencies into a single unit which abstracts our application from any sort of infrastructure. Containers package our applications so they can run in any environment which might be UAT or production or staging. Container-based solutions give you the ability to manage applications.

Deploying Jenkins on Kubernetes Engine provides important benefits which don’t provide by standard VM-based deployment. When our build process uses containers, one virtual host can run jobs on multiple operating systems. Kubernetes Engine provides ephemeral build executors—these are only utilized when builds are actively running, which leaves resources for other cluster tasks such as batch processing jobs. Another benefit of ephemeral build executors is speed—they launch in a matter of seconds.

To start with this first we need to create a K8s cluster in GCP, to create run:

gcloud container clusters create jenkins-cluster \
— num-nodes 2 \
— zone us-central1-a \
— machine-type n1-standard-2 \
— scopes “https://www.googleapis.com/auth/source.read_write,cloud-platform"

Cluster creation will take some time.

Run this command to view the cluster list:

gcloud container clusters list

Your output should look similar to this:

Now, get the credentials for your cluster:

gcloud beta container clusters get-credentials jenkins-cluster --region us-central1 --project [PROJECT_NAME]

You will get this command in GKE Console just by clicking Connect button.

Your output should look similar to this:

Fetching cluster endpoint and auth data.
kubeconfig entry generated for jenkins-cluster.

Now we are done with K8s cluster, it’s time to install the Helm. Yay!

Helm, Yay!!!!

Helm

In a very simple term — Helm is a package manager which automates the process of installing, configuring, upgrading, and removing complex Kubernetes application. This is what NPM is for Nodejs, Maven is for Java, Hombrew for Mac, Chocolatey for Windows is!

Not so deep concepts!

An application in Kubernetes typically consists of at least two resource types:

  • deployment resource — describes a set of pods to be deployed together
  • services resource — defines endpoints for accessing the APIs in those pods.

The application can also include ConfigMaps, Secrets, and Ingress.

For any deployment, you need several Kubernetes commands (kubectl) to create and configure resources. Basically it’s manually creating each resource separately which is painful. A Helm chart defines several Kubernetes resources as a set. Helm can make deployments easier and repeatable because all resources for an application are deployed by running one command.

Helm has two elements, a client (Helm) and a server (Tiller). The server element runs inside a Kubernetes cluster and manages the installation of charts. With Helm, configuration settings are kept in values.yaml file separate from the manifest formats. You can change the configuration values according to your application need without touching the rest of the manifest.

To install Helm(v2.14.1) in your cluster, run:

wget https://storage.googleapis.com/kubernetes-helm/helm-v2.14.1-linux-amd64.tar.gz

To download your desired version, check Helm release page

To unpack it, run:

tar zxfv helm-v2.14.1-linux-amd64.tar.gz 
cp linux-amd64/helm .

To give yourself cluster administrator permission in the cluster’s RBAC, run:

kubectl create clusterrolebinding cluster-admin-role --clusterrole=cluster-admin --user=$(gcloud config get-value account)

To give Tiller cluster-admin role

kubectl create serviceaccount tiller-server --namespace kube-systemkubectl create clusterrolebinding tiller-admin-role --clusterrole=cluster-admin --serviceaccount=kube-system:tiller-server

You can do above 2 steps via yaml file too. Create the following tiller-rbac.yaml file: (Credit: Tim Berry)

apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system

Then apply it to your cluster with:

kubectl apply -f tiller-rbac.yaml

Now we are ready to set up the helm and install tiller. Run the following commands

helm init --service-account=tiller-server
helm repo update
helm version

Yay! we are done with Helm installation, now let’s move forward to install Jenkins

Jenkins

Jenkins is one of the most popular, free, open, Java coded CI/CD tool in the industry used by some big MNCs like Netflix, LinkedIn, eBay, Nintendo etc to small startups let flexibly orchestrate build, test, and deployment pipelines. Jenkins allows developers to iterate quickly on projects without worrying about overhead issues that can stem from continuous delivery. We integrate our Jenkins with source/version control system like Github, Gitlab, Bitbucket, and can execute Apache Ant, Apache Maven and sbt based projects as well as arbitrary shell scripts and Windows batch commands.

Run the following command to install Jenkins on Kubernetes cluster via Helm Chart by one shot:

helm install --name jenkins-tool stable/jenkins

It takes a couple of minutes to perform this step

To check running pods, run:

kubectl get pods

Your output looks like this:

Configure the Jenkins service account to be able to deploy to the cluster

kubectl create clusterrolebinding jenkins-deploy --clusterrole=cluster-admin --serviceaccount=default:jenkins-tool

Get your ‘admin’ user password by running:

printf $(kubectl get secret --namespace default jenkins-tool -o jsonpath=”{.data.jenkins-admin-password}” | base64 — decode);echo

Output like this will be shown:

Run below command to view service:

kubectl get svc

Your output will be like this:

Copy the External-IP:8080 and paste into your browser and Voila! Jenkins started. In signup page, enter admin in username and password you copied from 2nd last step.

This type page will come!!!

That’s how you set up Jenkins with GKE

Google Kubernetes Engine Docs

Kubernetes Docs

Jenkins Docs

Helm Docs

Helm Charts

Give it a clap, if you find it useful.

Follow us on Twitter 🐦 and Facebook 👥 and join our Facebook Group 💬.

To join our community Slack 🗣️ and read our weekly Faun topics 🗞️, click here⬇

If this post was helpful, please click the clap 👏 button below a few times to show your support for the author! ⬇

Faun

The Must-Read Publication for Aspiring Developers & DevOps Enthusiasts

Rohan Singh

Written by

#कलहंस | DevOps Engineer Intern @ Techolution | Living in ☁️ since Sept 2017 | https://rohansinghkalhans.web.app

Faun

Faun

The Must-Read Publication for Aspiring Developers & DevOps Enthusiasts

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade