CloudNativeなCI/CDパイプラインの本命 Jenkins X の「Serverless Jenkins X Pipelines with Tekton」を試してみました。
ちなみに前回記事はこちら(↓)
orinbou.hatenablog.com
※前回は Jenkins installation type「Static Jenkins Server and Jenkinsfiles」でした。
Using the Google Cloud Shell
今回は環境構築手順は下記の公式サイトを参考にしました。
https://github.com/jenkins-x/jx/releases/tag/v2.0.968
※よく見たらこのバージョン正式リリースじゃなくてプレスリリース版ですね。 ^^;
github.com
Google Cloud Platform(GCP)を準備
GCPダッシュボードから、新規プロジェクト(jenkins-x-demo-serverless)を作成します。
プロジェクトを作成したら画面右上のCloud Shellボタンを押してWebコンソールを表示します。
JenkinsXをインストールする
Google Cloud ShellのWebコンソールで下記コマンドを実行します。
$ curl -L https://github.com/jenkins-x/jx/releases/download/v2.0.968/jx-linux-amd64.tar.gz | tar xzv
$ sudo mv jx /usr/local/bin
バージョンを確認してみます。
$ jx version
NAME VERSION
jx 2.0.968
Kubernetes cluster v1.13.11-gke.9
kubectl v1.13.11-dispatcher
helm client Client: v2.14.1+g5270352
git 2.11.0
Operating System Debian GNU/Linux 9.11 (stretch)
※Google Cloud Shell は無料で利用できますが home ディレクトリ配下以外は永続化されないため注意してください(つまり本項でインストールした jx は永続化されません)
Google Cloud ShellのWebコンソールで下記コマンドを実行します。
$ jx create cluster gke --skip-login
Google Cloud Projectを選択します。
? Google Cloud Project: [Use arrows to move, space to select, type to filter, ? for more help]
> jenkins-x-demo-serverless
jenkins-x-demo-static
Google Cloud Zoneを選択します。
? Google Cloud Project: jenkins-x-demo-serverless
Updated property [core/project].
? No cluster name provided so using a generated one: mindtranslucent
? Defaulting to cluster type: Zonal
? Google Cloud Zone: [Use arrows to move, space to select, type to filter, ? for more help]
asia-east1-b
asia-east1-c
asia-east2-a
asia-east2-b
asia-east2-c
> asia-northeast1-a
asia-northeast1-b
asia-northeast1-c
asia-northeast2-a
asia-northeast2-b
Select Jenkins installation type(今回は【Serverless Jenkins X Pipelines with Tekton】)を選択します。(←★ココ重要!!)
? Google Cloud Project: jenkins-x-demo-serverless
Updated property [core/project].
? No cluster name provided so using a generated one: mindtranslucent
? Defaulting to cluster type: Zonal
? Google Cloud Zone: asia-northeast1-a
? Defaulting to machine type: n1-standard-2
? Defaulting to minimum number of nodes: 3
? Defaulting to maximum number of nodes: 5
? Defaulting use of preemptible VMs: No
? Defaulting access to Google Cloud Storage / Google Container Registry: Yes
? Defaulting enabling Cloud Build, Container Registry & Container Analysis API's: Yes
? Defaulting enabling Kaniko for building container images: No
Creating cluster...
WARNING: In November 2019, node auto-upgrade will be enabled by default for newly created clusters and node pools. To disable it, use the `--no-enable-autoupgrade`flag.
WARNING: Currently VPC-native is not the default mode during cluster creation. In the future, this will become the default mode and can be disabled using `--no-enable-ip-alias` flag. Use `--[no-]enable-ip-alias` flag to suppress this warning.
WARNING: Starting in 1.12, default node pools in new clusters will have their legacy Compute Engine instance metadata endpoints disabled by default. To create a cluster with legacy instance metadata endpoints disabled in the default node pool, run `clusters create` with the flag `--metadata disable-legacy-endpoints=true`.
WARNING: Your Pod address range (`--cluster-ipv4-cidr`) can accommodate at most 1008 node(s).
This will enable the autorepair feature for nodes. Please see https://cloud.google.com/kubernetes-engine/docs/node-auto-repair for more information on node autorepairs.
Creating cluster mindtranslucent in asia-northeast1-a...
...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................done.
Created [https://container.googleapis.com/v1/projects/jenkins-x-demo-serverless/zones/asia-northeast1-a/clusters/mindtranslucent].
To inspect the contents of your cluster, go to: https://console.cloud.google.com/kubernetes/workload_/gcloud/asia-northeast1-a/mindtranslucent?project=jenkins-x-demo-serverless
kubeconfig entry generated for mindtranslucent.
NAME LOCATION MASTER_VERSION MASTER_IP MACHINE_TYPE NODE_VERSION NUM_NODES STATUS
mindtranslucent asia-northeast1-a 1.13.11-gke.9 34.84.28.226 n1-standard-2 1.13.11-gke.9 3 RUNNING
Initialising cluster ...
? Select Jenkins installation type: [Use arrows to move, space to select, type to filter]
> Serverless Jenkins X Pipelines with Tekton
Static Jenkins Server and Jenkinsfiles
Domainを設定(今回は未指定。空のままEnter続行)します。
WARNING: When using tekton, only kaniko is supported as a builder
Namespace jx created
Context "gke_jenkins-x-demo-serverless_asia-northeast1-a_mindtranslucent" modified.
Setting the docker registry organisation to jenkins-x-demo-serverless in the TeamSettings
Git configured for user: orinbou and email sarubobo.com@gmail.com
Helm installed and configured
? No existing ingress controller found in the kube-system namespace, installing one: Yes
Cloning the Jenkins X versions repo https://github.com/jenkins-x/jenkins-x-versions.git with ref refs/heads/master to /home/sarubobo_com/.jx/jenkins-x-versions
? A local Jenkins X versions repository already exists, pulling the latest: Yes
Note: this loadbalancer will fail to be provisioned if you have insufficient quotas, this can happen easily on a GKE free account.
To view quotas run: gcloud compute project-info describe
Waiting for external loadbalancer to be created and update the nginx-ingress-controller service in kube-system namespace
External loadbalancer created
Waiting to find the external host name of the ingress controller Service in namespace kube-system with name jxing-nginx-ingress-controller
You can now configure a wildcard DNS pointing to the new Load Balancer address 35.243.71.113
If you don't have a wildcard DNS setup then create a DNS (A) record and point it at: 35.243.71.113, then use the DNS domain in the next input...
If you do not have a custom domain setup yet, Ingress rules will be set for magic DNS nip.io.
Once you have a custom domain ready, you can update with the command jx upgrade ingress --cluster
? Domain [? for help] (35.243.71.113.nip.io)
GitHubユーザ名を設定します。
nginx ingress controller installed and configured
? Default enabling long term logs storage: Yes
No bucket name provided for long term storage, creating a new one
The bucket gs://mindtranslucent-lts-4f47dae0-dd2e-4bec-bb2a-ca735ac8a949 does not exist so lets create it
Set up a Git username and API token to be able to perform CI/CD
Creating a local Git user for GitHub server
? GitHub username: orinbou
GitHub連携用Tokenを設定します。
コンソールに表示されたURLをクリックしてGitHubのToken取得ページを開いてToken作成して設定します。
To be able to create a repository on GitHub we need an API Token
Please click this URL and generate a token
https://github.com/settings/tokens/new?scopes=repo,read:user,read:org,user:email,write:repo_hook,delete_repo
Then COPY the token and enter it below:
? API Token: ****************************************
Select the CI/CD pipelines Git server and user
? Do you wish to use GitHub as the pipelines Git server: Yes
Creating a pipelines Git user for GitHub server
To be able to create a repository on GitHub we need an API Token
Please click this URL and generate a token
https://github.com/settings/tokens/new?scopes=repo,read:user,read:org,user:email,write:repo_hook,delete_repo
Then COPY the token and enter it below:
? API Token: ****************************************
その後、いろいろ聞かれましたが基本Yesで設定しました。
Setting the pipelines Git server https://github.com and user name orinbou.
? A local Jenkins X versions repository already exists, pulling the latest: Yes
Enumerating objects: 1440, done.
Total 1440 (delta 0), reused 0 (delta 0), pack-reused 1440
Configuring Kaniko service account mindtranslucent-ko for project jenkins-x-demo-serverless
Unable to find service account mindtranslucent-ko, checking if we have enough permission to create
Creating service account mindtranslucent-ko
Assigning role roles/storage.admin
Assigning role roles/storage.objectAdmin
Assigning role roles/storage.objectCreator
Downloading service account key
Setting up prow config into namespace jx
Installing tekton into namespace jx
? A local Jenkins X versions repository already exists, pulling the latest: Yes
WARNING: waiting for install to be ready, if this is the first time then it will take a while to download images
Jenkins X deployments ready in namespace jx
Configuring the TeamSettings for ImportMode YAML
Creating default staging and production environments
? Select the organization where you want to create the environment repository: orinbou
Using Git provider GitHub at https://github.com
? Using Git user name: orinbou
? Using organisation: orinbou
Creating repository orinbou/environment-mindtranslucent-staging
Creating Git repository orinbou/environment-mindtranslucent-staging
Pushed Git repository to https://github.com/orinbou/environment-mindtranslucent-staging
Creating staging Environment in namespace jx
Created environment staging
Namespace jx-staging created
Creating GitHub webhook for orinbou/environment-mindtranslucent-staging for url http://hook.jx.35.243.71.113.nip.io/hook
Using Git provider GitHub at https://github.com
? Using Git user name: orinbou
? Using organisation: orinbou
Creating repository orinbou/environment-mindtranslucent-production
Creating Git repository orinbou/environment-mindtranslucent-production
Pushed Git repository to https://github.com/orinbou/environment-mindtranslucent-production
Creating production Environment in namespace jx
Created environment production
Namespace jx-production created
Creating GitHub webhook for orinbou/environment-mindtranslucent-production for url http://hook.jx.35.243.71.113.nip.io/hook
Jenkins X installation completed successfully
********************************************************
NOTE: Your admin password is: XXXXXXXXXXXXXXXXXXXX
********************************************************
Your Kubernetes context is now set to the namespace: jx
To switch back to your original namespace use: jx namespace default
Or to use this context/namespace in just one terminal use: jx shell
For help on switching contexts see: https://jenkins-x.io/developing/kube-context/
To import existing projects into Jenkins: jx import
To create a new Spring Boot microservice: jx create spring -d web -d actuator
To create a new microservice from a quickstart: jx create quickstart
Fetching cluster endpoint and auth data.
kubeconfig entry generated for mindtranslucent.
Context "gke_jenkins-x-demo-serverless_asia-northeast1-a_mindtranslucent" modified.
NAME HOSTS ADDRESS PORTS AGE
chartmuseum chartmuseum.jx.XXX.XXX.XXX.XXX.nip.io XXX.XXX.XXX.XXX 80 2m57s
deck deck.jx.XXX.XXX.XXX.XXX.nip.io XXX.XXX.XXX.XXX 80 2m56s
hook hook.jx.XXX.XXX.XXX.XXX.nip.io XXX.XXX.XXX.XXX 80 2m57s
nexus nexus.jx.XXX.XXX.XXX.XXX.nip.io XXX.XXX.XXX.XXX 80 2m57s
tide tide.jx.XXX.XXX.XXX.XXX.nip.io XXX.XXX.XXX.XXX 80 2m57s
セットアップ完了したJenkinsX環境
GKEクラスタ画面でクラスタを確認できます。
GKEワークロード画面でワークロードを確認できます。
作成したクラスタは、マシンタイプ【n1-standard-2(vCPU x 2、メモリ 7.5 GB)】の3つのVMインスタンスで構成されていますね。
セットアップが完了した環境へは下記のようなURLでWebブラウザからアクセスできます。
※ID/PWは、セットアップ時に表示されたもの(admin/XXXXXXXXXXXXXXXXXXXX)を使用します。
また、GitHubに新規リポジトリが作成されていることが確認できます。
新規プロジェクトを作成する(quickstart:spring boot)
Google Cloud ShellのWebコンソールで下記コマンドを実行します。
今回アプリ名(GitHubリポジトリ名)を「environment-mindtranslucent-serverless」としました。
jx create quickstart
? A local Jenkins X versions repository already exists, pulling the latest: Yes
? select the quickstart you wish to create spring-boot-http-gradle
Using Git provider GitHub at https://github.com
? Do you wish to use orinbou as the Git user name? Yes
? Who should be the owner of the repository? orinbou
? Enter the new repository name: environment-mindtranslucent-serverless
Creating repository orinbou/environment-mindtranslucent-serverless
Generated quickstart at /home/sarubobo_com/environment-mindtranslucent-serverless
### NO charts folder /home/sarubobo_com/environment-mindtranslucent-serverless/charts/spring-boot-http-gradle
Created project at /home/sarubobo_com/environment-mindtranslucent-serverless
The directory /home/sarubobo_com/environment-mindtranslucent-serverless is not yet using git
? Would you like to initialise git now? Yes
? Commit message: Initial import
Git repository created
selected pack: /home/sarubobo_com/.jx/draft/packs/github.com/jenkins-x-buildpacks/jenkins-x-kubernetes/packs/gradle
replacing placeholders in directory /home/sarubobo_com/environment-mindtranslucent-serverless
app name: environment-mindtranslucent-serverless, git server: github.com, org: orinbou, Docker registry org: jenkins-x-demo-serverless
skipping directory "/home/sarubobo_com/environment-mindtranslucent-serverless/.git"
Pushed Git repository to https://github.com/orinbou/environment-mindtranslucent-serverless
Creating GitHub webhook for orinbou/environment-mindtranslucent-serverless for url http://hook.jx.35.243.71.113.nip.io/hook
Watch pipeline activity via: jx get activity -f environment-mindtranslucent-serverless -w
Browse the pipeline log via: jx get build logs orinbou/environment-mindtranslucent-serverless/master
You can list the pipelines via: jx get pipelines
When the pipeline is complete: jx get applications
For more help on available commands see: https://jenkins-x.io/developing/browsing/
Note that your first pipeline may take a few minutes to start while the necessary images get downloaded!
GitHubに新規リポジトリが作成されていることが確認できます。
https://github.com/orinbou/environment-mindtranslucent-serverless
上記リポジトリをローカルPCに clone して、masterブランチへpushもしくはpull requestによるマージが発生するとWebhookイベントにより自動的にGCP環境のJenkinsでビルドされデプロイまで自動的に実行されます。自動ビルド&デプロイはデフォルトでmasterブランチに対してのアクションのみです。前回のJenkins installation type「Static Jenkins Server and Jenkinsfiles」と同様に、masterブランチへpull requestを出した際、pull requestの動作確認用のワークロード(例:jx-orinbou-environment-mindtranslucent-serverless-pr-2)が起動しているため、ソースコードのレビューと一緒に動くアプリの確認もできます。
GitHubのPull-request画面
Pull-request動作確認用アプリ画面
PR動作確認用アプリのワークロードの様子
また、前回のJenkins installation type「Static Jenkins Server and Jenkinsfiles」では、pull requestをmasterへマージして動作確認用のGCPワークロードが不要になっても自動で削除してくれなかったのですが、今回のJenkins installation type「Serverless Jenkins X Pipelines with Tekton」では、しっかり削除までやってくれました。
ビルドの履歴はProw Status画面(deck.jx.XXX.XXX.XXX.XXX.nip.io)で確認できます。
さらに、下記URLで記載されているように
GitHubのPull-request画面などから、GitOpsによる操作(【例】テスト:/test、アサイン:/assign @orinbou)が可能です。
素晴らしい!イケてますね。これは本格的に使ってみたいですね。
ちなみにGitHubの画面から可能な操作の一覧は こちら です。
Jenkins X 構成要素(気になったもの)
今回試してみて気になった構成要素は下記のものになります。
また詳しく調べてみたいと思います。
Tekton Pipelines
test-infra/prow at master · kubernetes/test-infra · GitHub
さいごに
この記事を書くのに10月に開催された Jenkins Day Japan 2019 へ参加して得られた情報とモチベーションに(あと身内からのプレッシャーにもw)助けられました。通常のJenkinsを自動車、そして、クラウドネイティブなJenkins Xを鉄道に例えて分かりやすく説明してくれた川口耕介さんをはじめイベントのスピーカーの皆様、どうもありがとうございました。
cloudbees.techmatrix.jp
あと、Jenkins X のイメキャラ(おじさんからロボットへ)正式に変わったんですかね?w
おまけ
今回はGCPでJenkins Xをつかってk8sクラスタ(×2:jenkins-x-demo-static、jenkins-x-demo-serverless)を約2日間動かした料金は下記のとおりでした。
結構お高いので、不用意にクラスタを動かしっぱなしにしてしまわないよう十分ご注意を!!
参考