AKS installation
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
Amazon EKS installation
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
GKE installation
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
Kubernetes installation
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
OpenShift installation
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
TKGI installation
IntroductionPre-installation requirementsInstallingVerifying Docker imagesUninstalling
Traditional platforms installation
IntroductionSystem requirementsVerifying Docker imagesInstalling operations centerInstalling client controllersInstalling build agentsVerifying build componentsVerifying WAR filesHigh availability
Modern cloud platforms
IntroductionGetting startedNavigating the operations centerProvisioning managed controllers in multiple Kubernetes clustersProvisioning agents in a separate Kubernetes cluster from a managed controllerProvisioning a controller in a different namespace than the operations centerProvisioning a controller in a different OpenShift project than the operations centerManaging controllersManaging controllers in specific Kubernetes namespacesManaging agentsShared agentsShared configurationShared cloud configurationTrigger restrictionsChanging NFS storage locationQuiet startMove/Copy/PromoteCluster operationsInbound agentsUsing KanikoSidecar injector for self-signed certificates on KubernetesSidecar injector for self-signed certificates on OpenShiftUsing auto-scaling nodes on EKSUsing auto-scaling nodes on GKEAmazon Web Services CLI PluginCloud Foundry CLI PluginIntegrate OpenShift CLIServiceNow integrationCreating projects based on GitHub repository structureUsing GitHub App authentication
Traditional platforms
IntroductionGetting startedNavigating the Operations CenterManaging client controllersManaging agentsShared agentsShared configurationShared cloud configurationTrigger restrictionsQuiet startMove/Copy/PromoteCluster operationsJava web start agentsServiceNow integrationCreating projects based on GitHub repository structureUsing GitHub App authentication
Modern cloud platforms
IntroductionTrust modelCentrally managing security for controllersCyberark Credential Provider PluginEnabling advanced use cases: cross controller triggers and bulk operationsRestricting access and delegating administration with Role-Based Access ControlCreating secure folders with Role-Based Access Control Auto ConfigurerRestricting jobs to run as a specific user using Role-Based Access Control and Authorize Project pluginSetting up operations center access controlsSetting up access controls on connected controllersTesting the SSH connection to an agentConfiguring restricted credentials with the CloudBees Restricted Credentials pluginFolders PlusInjecting secrets into buildsManaging build agents with Nodes Plus pluginExtended security settingsEnhanced credentials maskingUnderstanding Beekeeper security warningsPreventing unauthorized interaction between buildsSecurity recommendationsUsing single sign-on (SSO)operations center specific permissionsAuthentication mappingExample configurationsDelegating administrationData collection for the CloudBees Analytics PluginExternal secrets managementReplacing an expired certificateList of URLs that need accessBlocking access to URL patterns using the CloudBees Request Filter PluginServing resources from JenkinsVerifying Helm Charts Published with a Signature
Traditional platforms
IntroductionConfiguring network requirementsCentrally managing security for controllersCyberark Credential Provider PluginEnabling advanced use cases: cross-controller triggers and bulk operationsRestricting access and delegating administration with Role-Based Access ControlCreating secure folders with Role-Based Access Control Auto ConfigurerRestricting jobs to run as a specific user using Role-Based Access Control and Authorize Project pluginTesting the SSH connection to an agentConfiguring restricted credentials with the CloudBees Restricted Credentials pluginFolders PlusInjecting secrets into buildsManaging build agents with Nodes Plus pluginUnderstanding Beekeeper security warningsPreventing unauthorized interaction between buildsSecurity recommendationsExtended security settingsUsing single sign-on (SSO)Operations Center specific permissionsAuthentication mappingExample configurationsDelegating administrationData collection for the CloudBees Analytics PluginExternal secrets managementList of URLs that need accessBlocking access to URL patterns using the CloudBees Request Filter PluginServing resources from Jenkins

Pre-installation requirements for GKE

2 minute read

For details about supported platforms for CloudBees CI on modern cloud platforms, such as supported Kubernetes, Helm, and NFS versions, refer to Supported platforms for CloudBees CI on modern cloud platforms.

Installing cbsupport

Before installing CloudBees CI on modern cloud platforms, you should install the cbsupport command-line tool. You can use cbsupport to collect data commonly required for supporting CloudBees products. You can then send that data to the CloudBees Support team to troubleshoot any issues with your CloudBees CI on modern cloud platforms solution.

For instructions on how to install cbsupport, refer to the cbsupport CLI documentation.

GKE requirements

The following items are required to install CloudBees CI on modern cloud platforms on GKE:

  • On your local computer or a bastion host:

    • A Kubernetes client with a currently supported version of Kubernetes, installed and configured (kubectl). Beta releases are not supported.

    • gcloud (See Installing Google Cloud SDK for instructions).

  • A GKE cluster running a currently supported version of Kubernetes. Beta releases are not supported.

    • With nodes that have at least 2 CPUs, 4 GiBs of memory (so nodes have 1 full CPU / 1 GiB available after running a master with default settings).

    • The cluster must have network access to container images (public Docker Hub or a private Docker Registry).

  • A namespace in the cluster (provided by your admin) with permissions to create Role and RoleBinding objects.

  • Kubernetes cluster Default Storage Class defined and ready to use.

Storage requirements

Dynamic provisioning is required to create persistent volumes. If you don’t enable dynamic provisioning, you will have to manually create a persistent volume.

Because Jenkins is highly dependent upon the filesystem, the underlying storage provider must provide minimal input/output operations per second (IOPS) and latency.

Ingress requirements

CloudBees CI creates one Ingress object for the operations center and one for each controller. If you do not use subdomains, the operations center and controllers share the same hostname by default. Therefore, you must use an Ingress controller that supports multiple Ingresses using the same hostname. GKE Ingress is not supported for this reason.

Inbound agents use WebSockets to connect to controllers, so the Ingress controller and the corresponding load balancer should support WebSockets.

If you use TCP to connect to inbound agents, the only supported Ingress controller is NGINX Ingress Controller.

If you use the NGINX Ingress Controller, an IngressClass object is required. The CloudBees CI on modern cloud platforms installation will fail without one. For more information, refer to What is an IngressClass and why is it important for users of Ingress NGINX Controller now?

Creating your GKE Cluster

To create a Google Kubernetes Engine (GKE) cluster refer to the official Google documentation Create a GKE cluster.

More information on administering a Google Kubernetes cluster is available from the Kubernetes Engine How-to Guides.

More information on Kubernetes concepts is available from the Kubernetes site, including:

Introduction
Installing