Kubernetes Jenkins Deployment Manifests, Images & Commands


Kubernetes Jenkins Environment Setup Commands 

kubectl scale deployment jenkins -n jenkins --replicas=0
kubectl set env deployment/jenkins -n jenkins JAVA_OPTS="-Xmx2048m -Xms1024m"
kubectl scale deployment jenkins -n jenkins --replicas=1
kubectl get all -n jenkins
kubectl exec -n jenkins deployment/jenkins -- cat /var/jenkins_home/secrets/initialAdminPassword

Kubernetes Continuous Deploy
https://updates.jenkins.io/download/plugins/kubernetes-cd/1.0.0/kubernetes-cd.hpi


Delete / Clean Up
kubectl delete deployment jenkins -n jenkins
kubectl delete svc jenkins -n jenkins
kubectl delete pv jenkins-pv
kubectl delete pvc jenkins-pvc -n jenkins

Jenkins Deployment Manifest
Now, let's create Jenkins Resources. Save the following YAML to a file named -> jenkins-deployment.yaml 

# ==========================================
# Jenkins Deployment on Kubernetes
# With Persistent Storage
# ==========================================

# Namespace
---
apiVersion: v1
kind: Namespace
metadata:
  name: jenkins

# ServiceAccount for Jenkins
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins
  namespace: jenkins

# RBAC - ClusterRole for Jenkins (to create pods for agents)
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: jenkins
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
- apiGroups: [""]
  resources: ["pods/exec"]
  verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
- apiGroups: [""]
  resources: ["pods/log"]
  verbs: ["get", "list", "watch"]
- apiGroups: [""]
  resources: ["secrets"]
  verbs: ["get", "list", "watch"]
- apiGroups: [""]
  resources: ["events"]
  verbs: ["get", "list", "watch"]

# RBAC - ClusterRoleBinding
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: jenkins
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: jenkins
subjects:
- kind: ServiceAccount
  name: jenkins
  namespace: jenkins

# PersistentVolume
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: jenkins-pv
  labels:
    type: local
spec:
  storageClassName: manual
  capacity:
    storage: 20Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  hostPath:
    path: /opt/jenkins/data
  nodeAffinity:
    required:
      nodeSelectorTerms:
      - matchExpressions:
        - key: kubernetes.io/hostname
          operator: In
          values:
          - data1  # Change to your desired node

# PersistentVolumeClaim
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: jenkins-pvc
  namespace: jenkins
spec:
  storageClassName: manual
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 20Gi

# Jenkins Deployment
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: jenkins
  namespace: jenkins
spec:
  replicas: 1
  selector:
    matchLabels:
      app: jenkins
  template:
    metadata:
      labels:
        app: jenkins
    spec:
      serviceAccountName: jenkins
      # Pin to specific node (optional)
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: kubernetes.io/hostname
                operator: In
                values:
                - data1  # Change to your desired node
      
      securityContext:
        fsGroup: 1000
        runAsUser: 1000
      
      containers:
      - name: jenkins
        image: jenkins/jenkins:lts
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 8080
          name: http
          protocol: TCP
        - containerPort: 50000
          name: agent
          protocol: TCP
        
        env:
	- name: DOCKER_HOST
          value: tcp://localhost:2375
        - name: JAVA_OPTS
          value: "-Xmx2048m -Xms1024m"
        #-Djenkins.install.runSetupWizard=false 
        #- name: JENKINS_OPTS
        #  value: "--httpPort=8080"
        
        volumeMounts:
        - name: jenkins-data
          mountPath: /var/jenkins_home
        
        resources:
          limits:
            memory: "3Gi"
            cpu: "2000m"
          requests:
            memory: "1Gi"
            cpu: "500m"
        
        livenessProbe:
          httpGet:
            path: /login
            port: 8080
          initialDelaySeconds: 120
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
        
        readinessProbe:
          httpGet:
            path: /login
            port: 8080
          initialDelaySeconds: 60
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 3
		  
	
      # Docker-in-Docker Sidecar Container
      - name: dind
        image: docker:24-dind
        securityContext:
          privileged: true
        env:
        - name: DOCKER_TLS_CERTDIR
          value: ""
        args:
        - "--host=tcp://0.0.0.0:2375"
        - "--host=unix:///var/run/docker.sock"
        ports:
        - containerPort: 2375
          name: docker
        volumeMounts:
        - name: docker-storage
          mountPath: /var/lib/docker
        resources:
          limits:
            memory: "2Gi"
            cpu: "1000m"
          requests:
            memory: "512Mi"
            cpu: "250m"
      
      volumes:
      - name: jenkins-data
        persistentVolumeClaim:
          claimName: jenkins-pvc
      - name: docker-storage
        emptyDir: {}

# Jenkins Service
---
apiVersion: v1
kind: Service
metadata:
  name: jenkins
  namespace: jenkins
  labels:
    app: jenkins
spec:
  type: ClusterIP
  selector:
    app: jenkins
  ports:
  - name: http
    port: 8080
    targetPort: 8080
    protocol: TCP
  - name: agent
    port: 50000
    targetPort: 50000
    protocol: TCP

Jenkins HTTP Route Manifest
Now, let's create the Jenkins HTTP Route. Save the following YAML to a file named -> jenkins-route.yaml 
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: jenkins-route
  namespace: jenkins
spec:
  parentRefs:
  - name: nginx-gateway
    namespace: nginx-gateway
  hostnames:
  - jenkins.kishoreweb.com 
  rules:
  - matches:
    - path:
        type: PathPrefix
        value: /
    backendRefs:
    - name: jenkins 
      port: 8080

Deploy Apply Commands 
kubectl apply -f jenkins-deployment.yaml
kubectl apply -f jenkins-route.yaml

Jenkins Pipeline Script Kubernetes Jenkins Deployment 
pipeline {

  environment {
    dockerimagename = "thakishore/nodeapp"
    dockerImage = ""
  }

  agent any

  stages {

    stage('Checkout Source') {
      steps {
        git credentialsId: 'github-credentials', 
            url: 'https://github.com/thakishorekumar/nodeapp.git',
            branch: 'master'  // or 'main' - check your default branch
      }
    }

    stage('Build image') {
      steps{
        script {
          dockerImage = docker.build dockerimagename
        }
      }
    }

    stage('Pushing Image') {
      environment {
               registryCredential = 'dockerhublogin'
           }
      steps{
        script {
          docker.withRegistry( 'https://registry.hub.docker.com', registryCredential ) {
            dockerImage.push("latest")
          }
        }
      }
    }

    stage('Deploying App to Kubernetes') {
      steps {
        script {
          kubernetesDeploy(configs: "deploymentservice.yml", kubeconfigId: "kubernetes")
        }
      }
    }

  }

}

Deployment Images

Step 1:


Step 2:


Step 3:


Step 4:


Step 5:


Step 6:


Step 7:


Step 8: