Install Jenkins-x 3 On-Prem

Updated 2020-10-25

PreReq

The prerequisites to installing Jenkins-x 3 in an On-Prem (HomeLab) environment are below.

  1. k8s and networking
  2. MetalLB
  3. Default Storage Class
  4. Octant (not required, just nice to have)

After the above are functioning, Jenkins-x 3 can be installed. Below is the TL:DR for installing;


Line by line

Lines 1 & 2 are to get the jx binary.
Line 3 is a command to upgrade the jx binary, if needed.
Line 4 upgrades the plugins, duh
Line 5 needs a bit of background.

Jenkins-x 3 will be installed from a generated Jenkins-x 3(jx3) repo in your own GitHub account. The Getting Started guide has a handy button to generate the repro from a template but before I did that, I logged out of my personal GitHub account and created a new one for testing. To install jx3, a personal access token is required. This handy link will create the token with the needed permissions.
After the repository is generated, copy the ssh clone URL and clone this repo to your master server. cd into that directory

Line 7 & 8 is to edit the jx-requirements.yml file, adding the domain information for the webhook.

I’ve enabled wildcard subdomain on jx.docure.ai and have a wildcard certificate. I only have https (i.e port 443) available through pfSense so HAProxy is offloading the ssl certificate. Inorder to make this work, I have configured the jx-requirements.yml file as below.

ingress:
  domain: jx.docure.ai
  externalDNS: false
  namespaceSubDomain: -jx.
  tls:
    email: ""
    enabled: false
    production: false

This will allow hook-jx.jx.docure.ai to find it’s destination.

I tested setting tls: enabled: true but this does not support ssl offloading out of the box so I left it off. The result is that the webhook fails the first time it fires. Simply changing the webhook to https and selecting redelivery fixes the issue;

image

Lines 9 - 14 are steps needed to install KuberHealthy. Since this is a new install, lines 9 & 10 are not needed but lines 11 - 14 are needed. The results of these commands (11 - 14) are that the helmfile.yaml is updated in the repositories: and releases: sections as seen below respectively.

- name: kuberhealthy
  url: https://comcast.github.io/kuberhealthy/helm-repos
- chart: kuberhealthy/kuberhealthy
- chart: jx3/jx-kh-check
- chart: jx3/jx-kh-check
  name: health-checks-jx
- chart: jx3/jx-kh-check
 name: health-checks-install

Line 15 is important because it pushes these changes to the jtf-ops git repo.

If you are pushing to GitHub for the first time on your master k8s server, you will need to configure git to use an ssh key. There are a bunch of videos and references on how to do this. Here is a link to the GitHub Docs AN SSH KEY IS NOT REQUIRED FOR JENKINS-X. It is just nice to have.

Line 16 executes the process to install Jenkins-x . jx admin operator installs the git operator which pulls the git repo and creates a Job per commit to clone git and run the install/upgrade. For more details checkout How it works

When jx admin operator is executed, you need to enter the user name, in this case jtf-ops is the user name and then the generated token.

After this process finishes successfully, I changed the webhook to use https as detailed above.

The jx admin operator made changes to the cloned jtf-ops repository and pushed back to GitHub. To get all of these changes on my local clone, I executed git pull

Executing jx health get status --all-namespaces --watch will eventually display the below.

image

Octant with the jx plugins

Below is an image of the Health checks for Jenkins-x installed into Octant

image