Jenkins Administrator’s Guide: Install, manage, and scale a CI/CD build and release system to accelerate your product life cycle
- Length: 436 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2021-12-24
- ISBN-10: 1838824324
- ISBN-13: 9781838824327
- Sales Rank: #2089102 (See Top 100 Books)
Build and manage a production Jenkins instance, complete with CI/CD pipelines using GitHub and Docker Hub, Jenkins Configuration as Code, Shared Libraries, Script Security, and optimization guides
Key Features
- Set up production-grade Jenkins and CI/CD pipelines with GitHub and Docker Hub integrations
- Manage, protect, and upgrade a production Jenkins instance regardless of its size and the number of users
- Scale a Jenkins instance using advanced optimization tips, tricks, and best practices
Book Description
Jenkins is a renowned name among build and release CI/CD DevOps engineers because of its usefulness in automating builds, releases, and even operations. Despite its capabilities and popularity, it’s not easy to scale Jenkins in a production environment. Jenkins Administrator’s Guide will not only teach you how to set up a production-grade Jenkins instance from scratch, but also cover management and scaling strategies.
This book will guide you through the steps for setting up a Jenkins instance on AWS and inside a corporate firewall, while discussing design choices and configuration options, such as TLS termination points and security policies. You’ll create CI/CD pipelines that are triggered through GitHub pull request events, and also understand the various Jenkinsfile syntax types to help you develop a build and release process unique to your requirements. For readers who are new to Amazon Web Services, the book has a dedicated chapter on AWS with screenshots. You’ll also get to grips with Jenkins Configuration as Code, disaster recovery, upgrading plans, removing bottlenecks, and more to help you manage and scale your Jenkins instance.
By the end of this book, you’ll not only have a production-grade Jenkins instance with CI/CD pipelines in place, but also knowledge of best practices by industry experts.
What you will learn
- Set up a production-grade Jenkins instance on AWS and on-premises
- Create continuous integration and continuous delivery (CI/CD) pipelines triggered by GitHub pull request events
- Use Jenkins Configuration as Code to codify a Jenkins setup
- Backup and restore configurations and plan for disaster recovery
- Plan, communicate, execute, and roll back upgrade scenarios
- Identify and remove common bottlenecks in scaling Jenkins
- Use Shared Libraries to develop helper functions and create new DSLs
Who this book is for
This book is for both new Jenkins administrators and advanced users who want to optimize and scale Jenkins. Jenkins beginners can follow the step-by-step directions, while advanced readers can join in-depth discussions on Script Security, removing bottlenecks, and other interesting topics. Build and release CI/CD DevOps engineers of all levels will also find new and useful information to help them run a production-grade Jenkins instance following industry best practices.
Table of Contents
- Jenkins Infrastructure with TLS/SSL and Reverse Proxy
- Jenkins with Docker on HTTPS on AWS and inside a Corporate Firewall
- GitOps-Driven CI Pipelines with GitHub
- GitOps-Driven CD Pipelines with Docker Hub and More Jenkinsfile Features
- Headfirst AWS for Jenkins
- Jenkins Configuration as Code (JCasC)
- Backup and Restore and Disaster Recovery
- Upgrading the Jenkins Controller, Agents, and Plugins
- Reducing Bottlenecks
- Shared Libraries
- Script Security
Foreword Contributors About the authors About the reviewers Preface Who this book is for What this book covers To get the most out of this book Download the example code files Download the color images Conventions used Get in touch Reviews 1 Jenkins Infrastructure with TLS/SSL and Reverse Proxy Technical requirements Why Jenkins? Searching for answers online with Jenkins keywords Understanding the Jenkins architecture Controller Domain name, TLS/HTTPS, load balancer, and reverse proxy Agents Bringing it all together AWS: FAQs, routing rules, EC2 instances, and EIPs EC2 instance types and sizes Regions and Availability Zones Routing rules EC2 instances and EIPs Installing Docker on our VMs Acquiring domain names and TLS/SSL certificates Domain names TLS/SSL certificates Storage concerns IOPS benchmarks using fio EC2 and EBS The IT VM's disk NFS/SAN Physical disks Review Summary 2 Jenkins with Docker on HTTPS on AWS and inside a Corporate Firewall Technical requirements Running a Jenkins controller with Docker on HTTPS Custom image to match the UID/GID for a bind mount Running Jenkins Reverse proxy and TLS/SSL termination options TLS termination at the reverse proxy Terminating the TLS certificate directly on the Jenkins controller Installing plugins and configuring Jenkins Installing more plugins Configure System Configure Global Security Configure Global Credentials Installing even more plugins Attaching SSH and inbound agents SSH agent Inbound agent Labels and Usage Creating a secure Docker Cloud Generating a CA, server certificates, and client certificates Storing the certificates Configuring the Docker service Configuring Jenkins Summary 3 GitOps-Driven CI Pipeline with GitHub Technical requirements Project overview Creating two sets of projects and users in Jenkins Creating a static pipeline for build and unit tests Displaying test results and a code coverage report Creating a premerge CI pipeline with GitHub PR hooks GitHub personal access token GitHub Pull Request Builder System Configuration Configuring the premerge trigger Testing the premerge trigger Building the PR branch Building an arbitrary branch Requiring a successful build for a merge Summary 4 GitOps-Driven CD Pipeline with Docker Hub and More Jenkinsfile Features Technical requirements Project overview Packaging the Docker image and running integration tests Versioning Git and Docker using Semantic Versioning Using more Jenkinsfile features with DooD and bare-metal agents agent none, buildDiscarder options, and credentials in environment variables Using a custom Dockerfile for a dockerfile agent and running Groovy code in a script block Docker-outside-of-Docker in Jenkins Variable handling, Docker Hub login, and docker push Bare-metal agents, Groovy language features, and alternate ways to run Docker and handle credentials post Saving the files, making a PR, and merging Creating a static pipeline for packaging, integration tests, and delivery Creating a postmerge CD pipeline with a GitHub webhook and polling Configuring the postmerge trigger Testing the postmerge trigger Summary 5 Headfirst AWS for Jenkins Technical requirements Logging in to AWS Navigating the AWS console Important notes EC2 instances and EIPs Step 1 – Create an SSH key pair Step 2 – Create a security group Step 3 – Create an EC2 instance Step 4 – Create and attach an EIP Let's Encrypt Manual verification Automated verification for AWS Route 53 Setting up an application ELB for the AWS Jenkins controller Step 1 – Create a TLS certificate in AWS Certificate Manager Step 2 – Create a security group Step 3 – Create an ALB Other DNS providers Summary 6 Jenkins Configuration as Code (JCasC) Technical requirements Downloading and understanding the current configuration User passwords aren't codified Secrets aren't portable Most entries are auto-generated defaults Converting controller configuration to JCasC Converting agent configuration to JCasC Converting Docker cloud configuration to JCasC Converting the pipeline configurations to JCasC Redeploying Jenkins using JCasC Reverting back to the original Jenkins Retrospective Advanced: CasC Plugin – Groovy Scripting Extension Summary 7 Backup and Restore and Disaster Recovery Technical requirements A small change for testing backup and restore Backup strategies Snapshotting the entire disk as an image Saving the directory content as files Backing up a large Jenkins instance Deciding which files to back up and at what frequency Directories for live backup Backing up and restoring with the ThinBackup plugin Moving the backup archives out of the disk Experimenting with ThinBackup Restoring a backup using ThinBackup Configuring ThinBackup Disaster recovery from a user mistake Disaster Recovery Disaster recovery from an infrastructure failure Summary 8 Upgrading the Jenkins Controller, Agents, and Plugins Technical requirements Understanding the challenges of plugin version management Upgrading to the next immediate LTS version of Jenkins Upgrading while skipping many versions of LTS releases Pitfalls of preinstalling failed plugins Upgrade strategies Upgrade strategy for a small- to medium-scale Jenkins instance Upgrade strategy for a large-scale Jenkins instance Upgrading plugins using Plugin Manager Upgrading the controller Announcing the upgrade plans to the users Building a new controller image Pre-upgrade checklist Finally, the actual upgrade Summary 9 Reducing Bottlenecks Technical requirements Recommendations for hosting Jenkins to avoid bottlenecks General server recommendations How to keep Jenkins memory footprint light Memory and garbage collection tuning Periodic triggers versus webhook triggers297 Tracking operational costs in the cloud Quick performance improvements in an existing Jenkins instance GitHub Pull Request Builder plugin boot optimization Frontpage load delay due to the "weather" health display Pipeline speed/durability settings Improving Jenkins uptime and long-term health What is a periodic maintenance job and how do you create one? Terminating long-running pipelines Releasing stale locks in lockable resources from force killing builds Log cleanup for beginners Log cleanup for multibranch pipeline job types Avoiding and reducing the use of echo step CPU bottleneck: NonCPS versus CPS pipeline as code Pre-compiling all NonCPS code as an external jar Including a NonCPS library as a plugin Controller bottlenecks created by an agent Defining agent and controller interaction bottlenecks Agent booting start up bottleneck Stashing and archiving artifacts Storing controller and agent logs in CloudWatch Pipeline Logging over CloudWatch plugin Controller logging over CloudWatch AWS IAM roles for controller and agent CloudWatch logging Other ways to reduce agent log output Strategy – Writing logs to the agent disk Drawbacks: Writing logs to the agent disk Summary 10 Shared Libraries Technical requirements Understanding the directory structure Creating a shared library Providing shared libraries Folder-level shared libraries Global shared libraries Using shared libraries Static loading Dynamic loading Use cases Code reuse via global variables – Pre-formatted Slack messages Advanced – Custom DSL Summary 11 Script Security Technical requirements Administrator versus non-administrator Outside the Groovy sandbox Direct pipeline Global shared library Inside the Groovy sandbox Approve assuming permission check Identity crisis – everyone is a SYSTEM user380 Where the SYSTEM user can do things What the SYSTEM user can do everywhere Understanding why the Authorize Project plugin is needed Configuring the Authorize Project plugin Thoughts on disabling Script Security Summary Index
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Jenkins Administrator’s Guide: Install, manage, and scale a CI/CD build and release system to accelerate your product life cycle
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.