The prerequisites to installing Jenkins-x 3 in an On-Prem (HomeLab) environment are below.
After the above are functioning, Jenkins-x 3 can be installed. Below is the TL:DR for installing;
Line by line
Lines 1 & 2 are to get the jx binary.
Line 3 is a command to upgrade the jx binary, if needed.
Line 4 upgrades the plugins, duh
Line 5 needs a bit of background.
Jenkins-x 3 will be installed from a generated Jenkins-x 3(jx3) repo in your own GitHub account. The Getting Started guide has a handy button to generate the repro from a template but before I did that, I logged out of my personal GitHub account and created a new one for testing. To install jx3, a personal access token is required. This handy link will create the token with the needed permissions.
After the repository is generated, copy the ssh clone URL and clone this repo to your master server.
cdinto that directory
Line 7 & 8 is to edit the
jx-requirements.yml file, adding the domain information for the webhook.
I’ve enabled wildcard subdomain on
jx.docure.aiand have a wildcard certificate. I only have
https(i.e port 443) available through pfSense so HAProxy is offloading the
sslcertificate. Inorder to make this work, I have configured the
jx-requirements.ymlfile as below.
ingress: domain: jx.docure.ai externalDNS: false namespaceSubDomain: -jx. tls: email: "" enabled: false production: false
This will allow
hook-jx.jx.docure.ai to find it’s destination.
I tested setting
tls: enabled: truebut this does not support
ssl offloadingout of the box so I left it off. The result is that the
webhookfails the first time it fires. Simply changing the
redeliveryfixes the issue;
Lines 9 - 14 are steps needed to install KuberHealthy. Since this is a new install, lines 9 & 10 are not needed but lines 11 - 14 are needed. The results of these commands (11 - 14) are that the
helmfile.yaml is updated in the
releases: sections as seen below respectively.
- name: kuberhealthy url: https://comcast.github.io/kuberhealthy/helm-repos
- chart: kuberhealthy/kuberhealthy - chart: jx3/jx-kh-check - chart: jx3/jx-kh-check name: health-checks-jx - chart: jx3/jx-kh-check name: health-checks-install
Line 15 is important because it pushes these changes to the jtf-ops git repo.
If you are pushing to GitHub for the first time on your master k8s server, you will need to configure git to use an
sshkey. There are a bunch of videos and references on how to do this. Here is a link to the GitHub Docs AN SSH KEY IS NOT REQUIRED FOR JENKINS-X. It is just nice to have.
Line 16 executes the process to install Jenkins-x .
jx admin operator installs the git operator which pulls the git repo and creates a Job per commit to clone git and run the install/upgrade. For more details checkout How it works
jx admin operatoris executed, you need to enter the user name, in this case
jtf-opsis the user name and then the generated token.
After this process finishes successfully, I changed the
webhook to use
https as detailed above.
jx admin operator made changes to the cloned
jtf-ops repository and pushed back to GitHub. To get all of these changes on my local clone, I executed
jx health get status --all-namespaces --watch will eventually display the below.
Octant with the jx plugins
Below is an image of the Health checks for Jenkins-x installed into Octant