Ranger4 DevOps Blog

Jenkins On-Premise Solutions in the Context of Large Installations

Posted by Felix Belzunce Arcos on Tue, Sep 16, 2014 @ 10:09 am

Jenkins Enterprise By CloudBees (Jenkins Enterprise) provides more than 20 enterprise plugins related to high availability, large installations, security and optimized utilization. Those plugins usually solve most of the pain points which come up when using Jenkins Open Source for enterprise purposes.

CloudBees also offers Jenkins Operations Center by CloudBees (Jenkins Operations Center) which helps to manage different Jenkins Enterprise instances from the same dashboard. It has also the ability to create shared slaves, shared clouds or to push security configurations to all the Jenkins Enterprise masters attached amongst other important features.

In this article, we will talk about four typical problems that Jenkins administrators face with large installations and how CloudBees addresses them.

Problem 1. Working With Several Jenkins Instances

  • Need individual access to each Jenkins instance

Jenkins Operations Center allows you to use a single dashboard to access all the Jenkins Enterprise client masters attached to it and makes it possible to easily navigate across them without having to remember the individual URLs. Moreover, thanks to the CloudBees Monitoring plugin, you can monitor the behaviour and the health of all your architecture, from Jenkins Operations Center to the downstream masters.

Jenkins Operations Centre resized 600

  • Plugin versions compliance and compatibility

Incompatibility among plugins can break your configuration. A good practice is to use a Jenkins test instance to validate a plugin before promoting it to the custom Update Center.

Using the Custom update Center Plugin, you can define an enterprise update center on Jenkins Operations Center, which will only filter the plugins that the downstream masters are allowed to install. This will ensure compliance among masters.

The Plugin-Usage plugin might also be helpful to detect what plugins are not needed so that you can uninstall them. Having only the plugins you really need and getting rid of all the others is a good practice to reduce incompatibility issues.

  • No simple way to detect when an instance goes down

The monitoring plugin on Jenkins Operations Center makes you able to create alerts when an unexpected behaviour is detected. For instance you could trigger an alert when one of your Jenkins client masters goes down. Notification by mail is also possible if you provide an SMTP server.

Jenkins Alerts resized 600

  • Cannot share slaves among Jenkins masters

Shared slaves and shared cloud are Jenkins Operations Center key features which make you able to share slaves amongst all the Jenkins Enterprise instances that you have tied to the Jenkins Operations Center master. In this way, you are able to better distribute the build load. It also optimizes the usage of your resources since nodes that were used by one instance only, are now shared amongst all of them.

JOC resized 600

Problem 2: Manual Replication of Similarities and Common Scenarios

It is possible that many jobs or folders have the same configuration in terms of scripts, build steps or properties. Making a change to one of those would probably require you to manually replicate this change in all the objects that share the same configuration.

The manual process is tedious and error prone. CloudBees suggests, for such use cases, the Template plugin to capture the similarities of configuration and templatize jobs, folders and/or build steps.

Problem 3: Bad Commits

Bad commits can significantly increase the downtime for large and distributed teams.

The Validated Merge plugin by Jenkins Enterprise prevents downtime due to bad commits by letting Jenkins act as an intermediary git repository. Developers push their changes to this repository instead of committing to the tip so that Jenkins can run the tests and the build. If and only if the execution is successful the code is committed into the team repository.

In this way bad commits only impact the developer and not the whole team.

Problem 4: Overall Permissions of Jenkins Users

Without any permission rules applied on your Jenkins instances, you are letting users, belonging to different teams or projects, have access to all the jobs of your Jenkins instance.

Such an open setup allows users with overall permissions to see information that you might rather restrict from them - like access to any secret projects, workspaces, credentials or scripts.

The Role-Based Access Control plugin addresses this problem allowing users to set-up permissions at folder or job level in order to grant the access to the job or the folder to specific groups of users only. Basically, it allows you to isolate team/projects and even define secret projects or folders. 

Topics: Jenkins, CloudBees