Rancher is a cluster management tool which allows users to manage all their clusters (e.g. Kubernetes clusters) through a single UI. But how can we configure Jenkins to use the Kubernetes cluster behind Rancher?
- CloudBees CI (CloudBees Core) on traditional platforms - Client controller
- CloudBees Jenkins Platform - Client controller
- CloudBees Jenkins Distribution
- Jenkins LTS
- Rancher configuration (Steps 0-7)
- Jenkins configuration (Steps 8-12)
- Validation (Steps 13)
Rancher offers Authorized Cluster Endpoints which allows direct access to Kubernetes.
0. Go to your Rancher instance, Cluster and select a Cluster.
1. On the top right of the page are two links,
Launch kubectl and
Kubeconfig File. Select
2. A shell opens up in a window within Rancher. Run the command:
kubectl get pods
to confirm that kubectl can access Kubernetes through Rancher.
3. Once confirmed, access the kubectl configuration file:
Note the two settings,
certificate-authority and save them in text files (to use in a later step, step #11).
4. For the certificate-authority reference, print the contents with the command:
and save the resulting certificate. Close the kubectl window.
5. Within Rancher, go to the top right to the User drop down and select
API & Keys.
Add Key, in the Description field enter
jenkins-api-key, choose an expiry, choose your cluster for scope, and
7. Save the access key (i.e. username) and secret key (i.e. password).
8. Go to Jenkins, and ensure the Kubernetes Plugin is installed.
Note: Kubernetes Plugin will be used to integrate Jenkins with Rancher 2.x.
Rancher Plugin can only be used for Rancher 1.x aka Rancher Server.
9. Go to
Add cloud, select
11. Use the following settings:
Kubernetes URL: [server field from step #3]
Kubernetes server certificate key: [certificate authority field from step #4]
Credentials: [see step #12]
Add Credential, and user the following settings:
Kind: Username with password
Username: [access key from step #6]
Password: [secret key from step #6]
13. Finally, click
Test Connection to verify successful connectivity, and Save the configuration.
1a. Instead of
Launch kubectl select
2a. Save the
certificate-authority-data for the cluster (not for the worker node).
3a. On a Mac, decode the
certificate-authority-data by copying the string and from a terminal window run the command
echo $CERTIFICATE_AUTHORITY_DATA | base64 -D
Save the resulting certificate. Close the Kubeconfig window.