Rancher is a cluster management tool which allows users to manage all their clusters (e.g. Kubernetes clusters) through a single UI. But how can we configure Jenkins to use the Kubernetes cluster behind Rancher?
- CloudBees Core on traditional platforms - Client Master
- CloudBees Jenkins Platform - Client Master
- CloudBees Jenkins Distribution
- Jenkins LTS
- Rancher configuration (Steps 0-7)
- Jenkins configuratiion (Steps 8-12)
- Validation (Steps 13)
Rancher offers Authorized Cluster Endpoints which allows direct access to Kubernetes.
- Go to your Rancher instance, Cluster and select a Cluster.
- On the top right of the page are two links,
Kubeconfig File. Select
- A shell opens up in a window within Rancher. Run the command:
kubectl get pods
to confirm that kubectl can access Kubernetes through Rancher.
- Once confirmed, access the kubectl configuration file:
Note the two settings,
certificate-authority and save them in text files (to use in a later step, step #11).
- For the certificate-authority reference, print the contents with the command:
and save the resulting certificate. Close the kubectl window.
- Within Rancher, go to the top right to the User drop down and select
API & Keys.
Add Key, in the Description field enter
jenkins-api-key, choose an expiry, choose your cluster for scope, and
- Save the access key (i.e. username) and secret key (i.e. password).
- Go to Jenkins, and ensure the Kubernetes Plugin is installed.
Note: Kubernetes Plugin will be used to integrate Jenkins with Rancher 2.x.
Rancher Plugin can only be used for Rancher 1.x aka Rancher Server.
- Go to
Add cloud, select
- Use the following settings:
Kubernetes URL: [server field from step #3]
Kubernetes server certificate key: [certificate authority field from step #4]
Credentials: [see step #12]
Add Credential, and user the following settings:
Kind: Username with password
Username: [access key from step #6]
Password: [secret key from step #6]
- Finally, click
Test Connectionto verify successful connectivity, and Save the configuration.
1a. Instead of
Launch kubectl select
2a. Save the
certificate-authority-data for the cluster (not for the worker node).
3a. On a Mac, decode the
certificate-authority-data by copying the string and from a terminal window run the command
echo $CERTIFICATE_AUTHORITY_DATA | base64 -D
Save the resulting certificate. Close the Kubeconfig window.