How to integrate Jenkins with Rancher

Issue

Rancher is a cluster management tool which allows users to manage all their clusters (e.g. Kubernetes clusters) through a single UI. But how can we configure Jenkins to use the Kubernetes cluster behind Rancher?

Environment

Resolution

  • Rancher configuration (Steps 0-7)
  • Jenkins configuratiion (Steps 8-12)
  • Validation (Steps 13)

Rancher configuration

Rancher offers Authorized Cluster Endpoints which allows direct access to Kubernetes.

  1. Go to your Rancher instance, Cluster and select a Cluster.

  1. On the top right of the page are two links, Launch kubectl and Kubeconfig File. Select Launch kubectl.

  1. A shell opens up in a window within Rancher. Run the command:
kubectl get pods

to confirm that kubectl can access Kubernetes through Rancher.

  1. Once confirmed, access the kubectl configuration file:
cat ~/.kube/config

Note the two settings, server and certificate-authority and save them in text files (to use in a later step, step #11).

  1. For the certificate-authority reference, print the contents with the command:
cat /nonexistent/.kube/certs/ca.crt

and save the resulting certificate. Close the kubectl window.

  1. Within Rancher, go to the top right to the User drop down and select API & Keys.
  2. Add Key, in the Description field enter jenkins-api-key, choose an expiry, choose your cluster for scope, and Create.
  3. Save the access key (i.e. username) and secret key (i.e. password).

Jenkins configuration

  1. Go to Jenkins, and ensure the Kubernetes Plugin is installed.

Note: Kubernetes Plugin will be used to integrate Jenkins with Rancher 2.x.
Rancher Plugin can only be used for Rancher 1.x aka Rancher Server.

  1. Go to Manage Jenkins, Configure System.
  2. Add cloud, select Kubernetes.
  3. Use the following settings:

Name: kubernetes
Kubernetes URL: [server field from step #3]
Kubernetes server certificate key: [certificate authority field from step #4]
Credentials: [see step #12]

  1. Add Credential, and user the following settings:
    Kind: Username with password
    Username: [access key from step #6]
    Password: [secret key from step #6]

Validation

  1. Finally, click Test Connection to verify successful connectivity, and Save the configuration.

Alternative (Rancher configuration steps)

1a. Instead of Launch kubectl select Kubeconfig File.

2a. Save the server and certificate-authority-data for the cluster (not for the worker node).

3a. On a Mac, decode the certificate-authority-data by copying the string and from a terminal window run the command

echo $CERTIFICATE_AUTHORITY_DATA | base64 -D

Save the resulting certificate. Close the Kubeconfig window.

Reference

Have more questions?

0 Comments

Please sign in to leave a comment.