Install Jenkins on a Ubuntu server.
- OS: Ubuntu 16.04+
AWS ROUTE-53 & CERTBOT
The assumption is that AWS credentials exists in the environment (IAM Instance role or any boto auth method)
| VAR | Description |
|---|---|
| jenkins_dns_record | allows overriding of the DNS record used |
| jenkins_selfsigned | True/False if Certbot should generate a self-signed certificate for jenkins |
| certbot_cloudflare | True/False use cloudflare provider |
| certbot_route53 | True/False use route53 provider |
| certbot_renew | True/False renew existing certificates |
| aws_key_id | AWS Credentials override |
| aws_secret_key | AWS Credentials override |
| letsencrypt_live_base_path | lets encrypt live directory location |
| plugins | a list of jenkins plugins to install (use the ID of each plugin) |
| cloudflare | a dict specifiying credentials for cloudflare |
| jenkins_pkg_name | jenkins package name including the version (if desired) |
| jenkins_pkg_state | jenkins package state (Ansible apt package - state) |
| java_pkg_name | java package name including the version (if desired) |
| java_pkg_state | java package state (Ansible apt package - state) |
_pkg_name/state as strings to ease the usage of those variables from the cli
- Get a sorted list of plugins from Jenkins
#!groovy
Jenkins.instance.pluginManager.plugins.each{
plugin -> println ("${plugin.getShortName()}:${plugin.getVersion()}") }jenkins.java
jenkins.install
jenkins.configure
jenkins.plugins
jenkins.nginx
jenkins.nginx.installation
jenkins.nginx.sites
jenkins.nginx.sites.certbot
jenkins.nginx.sites.standalone
credentials-plugin
plain-credentials-plugin
kubernetes-plugin
kubernetes-credentials-plugin
kubernetes-cli-plugin
kubernetes-cd-plugin
kubernetes-pipeline-plugin
github-branch-source-plugin
github-branch-source
jenkins-configuration
- Disable Jenkins setup Wizard UI
Disable the wizard after a clean installation
- Set Java DNS TTL to 60 seconds
The Java virtual machine (JVM) caches DNS name lookups. When the JVM resolves a hostname to an IP address, it caches the IP address for a specified period of time, known as the time-to-live (TTL).
- Disable Multicasting
DNS Multi-cast logic is rarely used in Jenkins, but it always tries to start DNS Multicast on startup. It slows down the startup and usually leads to errors since Jenkins instances have no such permissions on default setups.
- Java Xmx (maximum Java heap size)
-Xmx option changes the maximum Heap Space for the VM. java -Xmx1024m means that the VM can allocate a maximum of 1024 MB
This value must a multiple of 1024 greater than 2MB. Append the letter k or K to indicate kilobytes, or m or M to indicate megabytes.
jvm-ttl
java-heap
java-permsize
java-net
java-cache-ttl
java_args
aws-java-dev-guide
aws-dns-ttl
dns-multicast
jenkins-linux-bestpractice
Install Jenkins using the default configuration (Self-signed certificate)
ansible-playbook jenkins-playbook.yml -i inventories/dev -u ansible --ssh-common-args "-i ~/.ssh/ansible-dev -o IPQoS=throughput -o ProxyCommand=ssh -W %h:%p -q -i ~/.ssh/id_rsa ${USER}@${BASTION}" -l 'tilix_dev_jenkins' -e env='dev'Install Jenkins using a specific version with a customised DNS record, ensuring certbot with route53 is used
ansible-playbook jenkins-playbook.yml -i inventories/dev -u ansible --ssh-common-args "-i ~/.ssh/ansible-dev -o IPQoS=throughput -o ProxyCommand=ssh -W %h:%p -q -i ~/.ssh/id_rsa ${USER}@${BASTION}" -l 'jenkins_dev' -e env='dev' -e jenkins_dns_record='jenkins-dev.example.io' -e certbot_route53='True' -e jenkins_pkg_name='jenkins=2.150.3'Install Jenkins plugins (Only)
ansible-playbook jenkins-playbook.yml -i inventories/dev -u ansible --ssh-common-args "-i ~/.ssh/ansible-dev -o IPQoS=throughput -o ProxyCommand=ssh -W %h:%p -q -i ~/.ssh/id_rsa ${USER}@${BASTION}" -e env='dev' --tags 'jenkins.plugins'