IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
IntroductionSystem requirementsVerifying Docker imagesInstalling operations centerInstalling client controllersInstalling build agentsVerifying build componentsVerifying WAR files
IntroductionInstallation on CloudBees CI on modern cloud platforms (active/active)Installation for CloudBees CI on traditional platforms (active/active)Specific High Availability (active/passive) installation for CloudBees CI on traditional platforms
IntroductionPipeline termsPipeline project typesCloudBees Pipeline benefits
IntroductionUsing Pipeline development utilitiesDetermining plugin compatibilityPipeline best practices
IntroductionPrerequisitesCreating your first PipelineCreating Pipelines in SCMCreating Pipelines in Web UIUsing Pipeline as Code
IntroductionConfig Adv ScriptedConfig Build StageConfig Deploy StageConfig Optional Step ArgsConfig Test StageCreating JenkinsfileCustomizing ParametersHandling FailuresString InterpolationUsing Multiple AgentsWorking With The Env
IntroductionManaging artifactsTracing artifactsTriggering jobs with a simple webhookRestoring filesVisualizing PipelineInserting checkpointsSecuring PipelinesConfiguring Pipelines with user-scoped credentialsUsing Pipeline PoliciesSpecifying a matrix of one or more dimensionsConverting a Freestyle project to a Declarative Pipeline
IntroductionRestarting aborted buildsLong-running buildsSkip next buildConsolidated Build View pluginCloudBees Quiet Start pluginCloudBees Template pluginCloudBees Git Validated Merge pluginCloudBees Workspace Caching
IntroductionTrigger a job with a notification event using Cross Team CollaborationEnable external notification events with external HTTP endpointsCluster-wide copy artifactsCluster-wide job triggers
IntroductionSetting up a Pipeline Template CatalogDefining Pipeline Template CatalogsSetting Up A Pipeline TemplateUsing parameters in template.yamlManaging multibranch Pipeline options in template.yamlManaging Pipeline Template Catalogs in bulkExample full Maven/Java app Jenkinsfile
IntroductionUsing Declarative Pipeline syntaxUsing Scripted Pipeline syntax
IntroductionBranch SourceBitbucketGitBranch Property StrategyExamples
CloudBees Docker Build and Publish pluginCloudBees Docker TraceabilityDocker Pipeline pluginCloudBees Docker Hub/Registry Notification plugin
Introduction
IntroductionGetting startedNavigating the operations centerProvisioning managed controllers in multiple Kubernetes clustersProvisioning agents in a separate Kubernetes cluster from a managed controllerProvisioning a controller in a different namespace than the operations centerProvisioning a controller in a different OpenShift project than the operations centerManaging controllersManaging controllers in specific Kubernetes namespacesManaging agentsShared agentsShared configurationShared cloud configurationTrigger restrictionsChanging NFS storage locationQuiet startMove/Copy/PromoteCluster operationsInbound agentsUsing KanikoUsing Buildkit (docker buildx)Sidecar injector for self-signed certificates on KubernetesSidecar injector for self-signed certificates on OpenShiftUsing auto-scaling nodes on EKSUsing auto-scaling nodes on GKECloudBees Amazon Web Services Deploy EngineAmazon Web Services CLI PluginCloud Foundry CLI PluginIntegrate OpenShift CLIServiceNow integrationCreating projects based on GitHub repository structureUsing GitHub App authenticationWikiText plugin
IntroductionGetting startedNavigating the Operations CenterManaging client controllersManaging agentsShared agentsShared configurationShared cloud configurationTrigger restrictionsQuiet startMove/Copy/PromoteCluster operationsJava web start agentsServiceNow integrationCreating projects based on GitHub repository structureUsing GitHub App authenticationWikiText plugin
IntroductionTrust modelPod Security AdmissionCentrally managing security for controllersCyberark Credential Provider PluginHashiCorp Vault PluginEnabling advanced use cases: cross controller triggers and bulk operationsRestricting access and delegating administration with Role-Based Access ControlCreating secure folders with Role-Based Access Control Auto ConfigurerRestricting job triggersSetting up operations center access controlsSetting up access controls on connected controllersTesting the SSH connection to an agentConfiguring restricted credentials with the CloudBees Restricted Credentials pluginFoldersFolders PlusInjecting secrets into buildsManaging build agents with Nodes Plus pluginExtended security settingsEnhanced credentials maskingUnderstanding Beekeeper security warningsPreventing unauthorized interaction between buildsSecurity recommendationsUsing single sign-on (SSO)operations center specific permissionsAuthentication mappingExample configurationsDelegating administrationData collection for the CloudBees Analytics PluginExternal secrets managementReplacing an expired certificateList of URLs that need accessBlocking access to URL patterns using the CloudBees Request Filter PluginServing resources from JenkinsVerifying Helm Charts Published with a Signature
IntroductionConfiguring network requirementsCentrally managing security for controllersCyberark Credential Provider PluginHashiCorp Vault PluginEnabling advanced use cases: cross-controller triggers and bulk operationsRestricting access and delegating administration with Role-Based Access ControlCreating secure folders with Role-Based Access Control Auto ConfigurerRestricting job triggersTesting the SSH connection to an agentConfiguring restricted credentials with the CloudBees Restricted Credentials pluginFoldersFolders PlusInjecting secrets into buildsManaging build agents with Nodes Plus pluginUnderstanding Beekeeper security warningsPreventing unauthorized interaction between buildsSecurity recommendationsExtended security settingsUsing single sign-on (SSO)Operations Center specific permissionsAuthentication mappingExample configurationsDelegating administrationData collection for the CloudBees Analytics PluginExternal secrets managementList of URLs that need accessBlocking access to URL patterns using the CloudBees Request Filter PluginServing resources from Jenkins
IntroductionExplaining $JENKINS_HOMEBest practices for backup and restoreBacking up manuallyRestoring manuallyRestoring credentialsUsing the CloudBees Backup PluginScheduling your backups in the CloudBees Backup PluginRestoring from CloudBees Backup PluginBackup and restore on KubernetesBackup and restore on AWSUsing Velero for backup and restore of Kubernetes clustersUsing cluster operations to run backups
IntroductionGetting the CLI toolUsing the CLI toolExamples of usageConfiguring multiple client controllersConfiguring an alias for the Jenkins CLI toolConfiguring the Jenkins CLI tool to work with non-TrustStore SSL certificatesCasC bundle management on operations center
CloudBees Inactive Items Plugin
Jenkins Health Advisor by CloudBees
CloudBees Pull Request Builder for GitHub plugin
Count and monitor user licenses with the CloudBees User Activity Monitoring plugin
Support policies

Pre-installation requirements for AKS

3 minute read

For details about supported platforms for CloudBees CI on modern cloud platforms, such as supported Kubernetes, Helm, and NFS versions, refer to Supported platforms for CloudBees CI on modern cloud platforms.

Installing cbsupport

Before installing CloudBees CI on modern cloud platforms, you should install the cbsupport command-line tool. You can use cbsupport to collect data commonly required for supporting CloudBees products. You can then send that data to the CloudBees Support team to troubleshoot any issues with your CloudBees CI on modern cloud platforms solution.

For instructions on how to install cbsupport, refer to the cbsupport CLI documentation.

AKS requirements

Before you can install CloudBees CI on AKS using the CloudBees installer, you must have the following items configured correctly. Failure to complete the pre-installation checklist correctly may lead to installation errors and delayed installation.

  • Install and configure a currently supported version of Kubernetes on your local computer or bastion host.

  • Set up an AKS cluster with the following requirements:

    • Runs a currently supported version of Kubernetes.

    • Has nodes that have at least 2 CPUs and 4 GiBs of memory, so nodes have 1 full CPU/1GiB available after running a controller with default settings.

    • Uses an instance type that allows premium disks (for example: Standard_D4s_v3). CloudBees CI has been tested with the Azure Disks Container Storage Interface (CSI) driver.

    • Has network access to container images, either a public Docker Hub or a private Docker Registry).

  • Create a CloudBees CI namespace in the cluster with permissions to create Role and RoleBinding objects.

  • Define a Kubernetes cluster Default Storage Class.

Storage requirements

Dynamic provisioning is required to create persistent volumes. If you don’t enable dynamic provisioning, you will have to manually create a persistent volume.

Because Jenkins is highly dependent upon the filesystem, the underlying storage provider must provide minimal input/output operations per second (IOPS) and latency.

Reference: Storage options for applications in Azure Kubernetes Service (AKS)

Make sure to use premium disks (for example: Standard_D4s_v3). CloudBees CI has been tested with the Azure Disks Container Storage Interface (CSI) driver.

Table 1. Storage recommendations for AKS
Single AZ Multiple AZ High Availability (HA)

Azure Disk

Azure Files (CIFS)

Azure Files (NFS)

Install High Availability on AKS

High Availability installation on Azure Kubernetes Service requires a new storage class.

  1. Set a storage class with ReadWriteMany access mode.

    1. The default storage classes in Azure Files use Common Internet File System (CIFS) protocols, which are not compatible with CloudBees CI. Instead, set up a new storage class using the Network File System (NFS).

    2. For more information, refer to the Azure documentation on NFS file shares.

    3. To create the storage class, use the following script:

      kubectl apply -f - <<EOF
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: azurefile-csi-premium-nfs
parameters:
  skuName: Premium_LRS
  protocol: nfs
provisioner: file.csi.azure.com
reclaimPolicy: Delete
volumeBindingMode: Immediate
allowVolumeExpansion: true
EOF

Ingress requirements

CloudBees CI creates one Ingress object for the operations center and one for each controller. If you do not use subdomains, the operations center and controllers share the same hostname by default. Therefore, you must use an Ingress controller that supports multiple Ingresses using the same hostname.

Inbound agents use WebSockets to connect to controllers, so the Ingress controller and the corresponding load balancer should support WebSockets.

If you use TCP to connect to inbound agents, the only supported Ingress controller is NGINX Ingress Controller.

If you use the NGINX Ingress Controller, an IngressClass object is required. The CloudBees CI on modern cloud platforms installation will fail without one. For more information, refer to What is an IngressClass and why is it important for users of Ingress NGINX Controller now?

Creating your AKS cluster

To create a Kubernetes cluster using Azure Kubernetes Service (AKS), refer to Create an Azure Container Service (AKS) cluster on the Microsoft Azure website.

More information on administering an AKS cluster is available from the full documentation.

More information on Kubernetes concepts is available from the Kubernetes site, including:

Introduction
Installing