PreReq
The prerequisites to installing Jenkins-x 3 in an On-Prem (HomeLab) environment are below.
- k8s and networking
- MetalLB
- Default Storage Class
- Octant (not required, just nice to have)
After the above are functioning, Jenkins-x 3 can be installed. Below is the TL:DR for installing;
Line by line
Lines 1 & 2 are to get the jx binary.
Line 3 is a command to upgrade the jx binary, if needed.
Line 4 upgrades the plugins, duh
Line 5 needs a bit of background.
Jenkins-x 3 will be installed from a generated Jenkins-x 3(jx3) repo in your own GitHub account. The Getting Started guide has a handy button to generate the repro from a template but before I did that, I logged out of my personal GitHub account and created a new one for testing. To install jx3, a personal access token is required. This handy link will create the token with the needed permissions.
After the repository is generated, copy the ssh clone URL and clone this repo to your master server.cd
into that directory
Line 7 & 8 is to edit the jx-requirements.yml
file, adding the domain information for the webhook.
I’ve enabled wildcard subdomain on
jx.docure.ai
and have a wildcard certificate. I only havehttps
(i.e port 443) available through pfSense so HAProxy is offloading thessl
certificate. Inorder to make this work, I have configured thejx-requirements.yml
file as below.
ingress:
domain: jx.docure.ai
externalDNS: false
namespaceSubDomain: -jx.
tls:
email: ""
enabled: false
production: false
This will allow hook-jx.jx.docure.ai
to find it’s destination.
I tested setting
tls: enabled: true
but this does not supportssl offloading
out of the box so I left it off. The result is that thewebhook
fails the first time it fires. Simply changing thewebhook
tohttps
and selectingredelivery
fixes the issue;
Lines 9 - 14 are steps needed to install KuberHealthy. Since this is a new install, lines 9 & 10 are not needed but lines 11 - 14 are needed. The results of these commands (11 - 14) are that the helmfile.yaml
is updated in the repositories:
and releases:
sections as seen below respectively.
- name: kuberhealthy
url: https://comcast.github.io/kuberhealthy/helm-repos
- chart: kuberhealthy/kuberhealthy
- chart: jx3/jx-kh-check
- chart: jx3/jx-kh-check
name: health-checks-jx
- chart: jx3/jx-kh-check
name: health-checks-install
Line 15 is important because it pushes these changes to the jtf-ops git repo.
If you are pushing to GitHub for the first time on your master k8s server, you will need to configure git to use an
ssh
key. There are a bunch of videos and references on how to do this. Here is a link to the GitHub Docs AN SSH KEY IS NOT REQUIRED FOR JENKINS-X. It is just nice to have.
Line 16 executes the process to install Jenkins-x . jx admin operator
installs the git operator which pulls the git repo and creates a Job per commit to clone git and run the install/upgrade. For more details checkout How it works
When
jx admin operator
is executed, you need to enter the user name, in this casejtf-ops
is the user name and then the generated token.
After this process finishes successfully, I changed the webhook
to use https
as detailed above.
The jx admin operator
made changes to the cloned jtf-ops
repository and pushed back to GitHub. To get all of these changes on my local clone, I executed git pull
Executing jx health get status --all-namespaces --watch
will eventually display the below.
Octant with the jx plugins
Below is an image of the Health checks for Jenkins-x installed into Octant