Planning for CloudBees CI on modern cloud platforms

5 minute read

The CloudBees CI on modern cloud platforms planning guide provides guidance on the requirements for installing and using CloudBees CI on modern cloud platforms.

CloudBees recommends that you review this guide and ensure all of the recommendations are met before you attempt to install CloudBees CI on modern cloud platforms. Ensuring that your environment is configured correctly will facilitate a successful installation.

System requirements

When planning for installation, you should understand the system requirements and infrastructure.

Kubernetes cluster prerequisites per cloud provider

Kubernetes and containerization knowledge prerequisites

CloudBees CI on modern cloud platforms is a stateful containerized application that is composed of multiple Kubernetes resources, such as Ingress, persistent volumes, and service accounts. Because of this, it is necessary to have a solid understanding of these resources.

CloudBees CI managed controllers deploy container-based ephemeral agents on demand to complete jobs, which means a strong knowledge of containerization is vital in order to create, use and maintain such containers.

CloudBees recommends that your team becomes proficient with Kubernetes. The Cloud Native Computing Foundation (CNCF) offers training that can help you understand the architecture and concepts of Kubernetes.

Kubernetes in production

Running Kubernetes in production at a large scale goes beyond CloudBees CI and your team needs to account for considerations, such as cluster monitoring, governance, logging, security and resiliency. We recommend that you follow the recommendations of your Kubernetes provider. Refer to the following article about this topic from public cloud providers:

Planning recommendations

Review the following information to ensure your environment is configured correctly prior to installing CloudBees CI on modern cloud platforms.

Table 1. Planning recommendations
Recommendation More information

Have a Kubernetes cluster in place.

A Kubernetes cluster is required. If you do not have a cluster in place, consider the time needed to set up a cluster and factor that into your installation timeline.

Verify you are using a supported version of Kubernetes.

See Supported platforms for CloudBees CI on modern cloud platforms.

Ensure you have support from your Kubernetes vendor.

CloudBees cannot provide Kubernetes support.

Decide whether the team that is responsible for maintaning CloudBees CI on modern cloud platforms will be the same team that is responsible for maintaining the Kubernetes cluster.

The team should be knowledgable in Kubernetes. If you will use a different team, make sure both teams are available to work with CloudBees.

Determine if CloudBees CI on modern cloud platforms will run on a dedicated Kubernetes cluster or with other applications.

A dedicated Kubernetes cluster is preferred. If you cannot have a dedicated Kubernetes cluster, CloudBees CI on modern cloud platforms must have its own namespace.

Determine what physical or virtual resources comprise your cluster and if auto-scaling is enabled. If auto-scaling is not enabled, determine the number and size of the servers that comprise the cluster.

Auto-scaling is highly recommended to help with CPU and memory consumption. VMware Tanzu Kubernetes Grid Integrated Edition and OpenShift do not offer auto-scaling if running on-premises, so a larger infrastructure will be required in the beginning or more nodes/capacity will need to be added manually. For more information, see Cluster sizing and scaling.

Verify that the servers in the CloudBees CI on modern cloud platforms cluster have direct external Internet access, or that an HTTP proxy is available.

Internet access is needed for plugin management, the CloudBees Advisor plugin, and the CloudBees Assurance Program.

If you use a private Docker registry, ensure you have the address and credentials for the registry.

Access to the registry is needed so images can be downloaded and added to it.

Verify you have an NGINX Ingress Controller or that you can set one up.

An NGINX Ingress Controller is required, unless you use either EKS or OpenShift. Note that Helm charts can optionally install the NGINX Ingress Controller.

If you have a load balancer installed, verify that it points to worker nodes on the port of the Ingress service and that it has health checks.

CloudBees recommends terminating on the load balancer so that the load balancer’s performance is affected and not the operations center or the controller host.

The DNS entry should point to the Ingress Controller that was created. The external load balancer needs to drive traffic to the Ingress Controller.

The load balancer should have one of the following: a Kubernetes component, F5 and HA proxy, or worker nodes in a round-robin arrangement. For more information, see the Kubernetes documentation.

Determine if SSL certificates are required for your environment and if so, where they will be obtained from.

CloudBees recommends using publicly signed certificates.

Find out if you have a default storage class defined for your cluster.

If you are installing CloudBees CI on modern cloud platforms on premises, CloudBees strongly recommends using NFS for your storage class. CloudBees currently defaults to special classes on both GKE and AKS.

If you’re using EKS, ensure that the storage class that is intended to be used by CloudBees CI on modern cloud platforms can dynamically create persistent volumes. If it does not, make sure you have a process for creating volumes as needed.

A storage class and a storage claim will be required. SSD is recommended. For more information, see Kubernetes on AWS EKS - Configuring persistent storage.

Verify that you have at least one authenticated user in your cluster with permissions to create Role and RoleBinding objects during installation.

This is required only during installation.

Determine the number of teams and the total number of users that will be using CloudBees CI on modern cloud platforms.

The CloudBees Professional Services team uses this information for sizing purposes.

Determine if you will connect any external client controllers to the cluster.

CloudBees suggests that you have external controllers only to aid in the migration from Jenkins to CloudBees CI on modern cloud platforms.

Determine if you need to connect any external agents, such as agents for Microsoft Windows or Mac, to CloudBees CI on modern cloud platforms.

If you have existing external agents, you can switch over and point them to the cluster. Ephemeral agents are recommended.

Decide which authentication provider you will use.

Active Directory and SAML work well.

For Active Directory or LDAP, you need to have the server, port, and bind information on hand during CloudBees CI on modern cloud platforms installation. In addition, you should ensure that the firewall is open to allow traffic to the authentication server. It is recommended to have your networking team available during installation.

The SAML plugin can be used with Okta. It is recommended to have to the person who uses the Okta management console available during CloudBees CI on modern cloud platforms installation.

Ensure that CloudBees CI on modern cloud platforms will have network and authentication access to the necessary build tool services.

For example Subversion, Clearcase, Git, Nexus, etc.

If you are currently running Jenkins installations that you plan to migrate to CloudBees CI on modern cloud platforms, determine the number of controllers and agents.

CloudBees needs this information for sizing.