機雷がなんだ! 全速前進!

SEというかプログラマというか、日々のエンジニア生活の中で体験したことなどを中心に書き残しています。

Jenkins Xを触ってみた(前編)

少し時間が空いてしまいましたが、下記セミナーに参加してきてきました。

https://cloudbees.techmatrix.jp/wp-content/uploads/2019/05/jenkinsx_br2_20180628.png cloudbees.techmatrix.jp

せっかくなので、少し手を動かして Jenkins X を触ってみました。

Using the Google Cloud Shell

環境構築手順は下記の公式サイトを参考にしました。
https://jenkins-x.io/getting-started/create-cluster/#using-the-google-cloud-shell

Google Cloud Platform(GCP)を準備

まずはJenkinsXを動かすためGoogleクラウド環境を使えるようにします。
https://cloud.google.com/free/
GCP無料枠で12か月$300の無料クレジットで、あらゆるGCPプロダクトを試用することができます。

Google Cloud Shellへ接続する

GCPダッシュボードを表示し、初期表示プロジェクト(My First Project)画面右上のCloud Shellボタンを押してWebコンソールを表示します。

f:id:orinbou:20190716035315p:plain

あと、GKEでよく使うのは下記の画面ですね。

JenkinsXをインストールする

Google Cloud ShellのWebコンソールで下記コマンドを実行します。

gcp_user@cloudshell:~ (analog-campus-245615)$ curl -L https://github.com/jenkins-x/jx/releases/download/v2.0.413/jx-linux-amd64.tar.gz | tar xzv
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   612    0   612    0     0    717      0 --:--:-- --:--:-- --:--:--   717
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0LICENSE
README.md
changelog.md
jx
100 63.5M  100 63.5M    0     0  7725k      0  0:00:08  0:00:08 --:--:-- 11.5M

gcp_user@cloudshell:~ (analog-campus-245615)$ sudo mv jx /usr/local/bin

Google Cloud Shell は無料で利用できますが home ディレクトリ配下以外は永続化されないため注意してください(つまり本項でインストールした jx は永続化されません)

新規k8sクラスタを作成する

Google Cloud ShellのWebコンソールで下記コマンドを実行します。

gcp_user@cloudshell:~ (analog-campus-245615)$ jx create cluster gke --skip-login
Using the only Google Cloud Project analog-campus-245615 to create the cluster
Updated property [core/project].
? No cluster name provided so using a generated one: armmotley
? Defaulting to cluster type: Zonal
? Google Cloud Zone: asia-northeast1-a
? Defaulting to machine type: n1-standard-2
? Defaulting to minimum number of nodes: 3
? Defaulting to maxiumum number of nodes: 5
? Defaulting use of preemptible VMs: No
? Defaulting access to Google Cloud Storage / Google Container Registry: Yes
? Defaulting enabling Cloud Build, Container Registry & Container Analysis API's: Yes
? Defaulting enabling Kaniko for building container images: No
Creating cluster...
WARNING: In June 2019, node auto-upgrade will be enabled by default for newly created clusters and node pools. To disable it, use the `--no-enable-autoupgrade` flag.
WARNING: Starting in 1.12, new clusters will have basic authentication disabled by default. Basic authentication can be enabled (or disabled) manually using the `--[no-]enable-basic-auth` flag.
WARNING: Starting in 1.12, new clusters will not have a client certificate issued. You can manually enable (or disable) the issuance of the client certificate using the `--[no-]issue-client-certificate` flag.
WARNING: Starting in 1.12, default node pools in new clusters will have their legacy Compute Engine instance metadata endpoints disabled by default. To create a cluster with legacy instance metadata endpoints disabled in the default node pool, run `clusters create` with the flag `--metadata disable-legacy-endpoints=true`.
WARNING: The Pod address range limits the maximum size of the cluster. Please refer to https://cloud.google.com/kubernetes-engine/docs/how-to/flexible-pod-cidr to learn how to optimize IP address allocation.
This will enable the autorepair feature for nodes. Please see https://cloud.google.com/kubernetes-engine/docs/node-auto-repair for more information on node autorepairs.
Creating cluster armmotley in asia-northeast1-a...
..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................done.
Created [https://container.googleapis.com/v1/projects/analog-campus-245615/zones/asia-northeast1-a/clusters/armmotley].
To inspect the contents of your cluster, go to: https://console.cloud.google.com/kubernetes/workload_/gcloud/asia-northeast1-a/armmotley?project=analog-campus-245615
kubeconfig entry generated for armmotley.
NAME       LOCATION           MASTER_VERSION  MASTER_IP       MACHINE_TYPE   NODE_VERSION   NUM_NODES  STATUS
armmotley  asia-northeast1-a  1.12.8-gke.10   35.190.231.169  n1-standard-2  1.12.8-gke.10  3          RUNNING
Initialising cluster ...
? Select Jenkins installation type: Static Jenkins Server and Jenkinsfiles
Namespace jx created
Context "gke_analog-campus-245615_asia-northeast1-a_armmotley" modified.
Setting the docker registry organisation to analog-campus-245615 in the TeamSettings
Git configured for user: orinbou and email sarubobo.com@gmail.com
helm installed and configured
? No existing ingress controller found in the kube-system namespace, installing one: Yes
WARNING: failed to create system vault in namespace jx due to no "jx-vault-armmotley" vault found in namespace "jx"

Note: this loadbalancer will fail to be provisioned if you have insufficient quotas, this can happen easily on a GKE free account.
To view quotas run: gcloud compute project-info describe
Waiting for external loadbalancer to be created and update the nginx-ingress-controller service in kube-system namespace
External loadbalancer created

Waiting to find the external host name of the ingress controller Service in namespace kube-system with name jxing-nginx-ingress-controller
You can now configure a wildcard DNS pointing to the new Load Balancer address XXX.XXX.XXX.XXX
If you don't have a wildcard DNS setup then create a DNS (A) record and point it at: XXX.XXX.XXX.XXX, then use the DNS domain in the next input...

If you do not have a custom domain setup yet, Ingress rules will be set for magic DNS nip.io.
Once you have a custom domain ready, you can update with the command jx upgrade ingress --cluster
? Domain XXX.XXX.XXX.XXX.nip.io
nginx ingress controller installed and configured
? Default enabling long term logs storage: Yes
No bucket name provided for long term storage, creating a new one
The bucket gs://armmotley-lts-b31446e8-4216-4864-afc5-2d295030f503 does not exist so lets create it

Set up a Git username and API token to be able to perform CI/CD
? Do you wish to use orinbou as the local Git user for GitHub server: Yes
Select the CI/CD pipelines Git server and user
? Do you wish to use GitHub as the pipelines Git server: Yes
Setting the pipelines Git server https://github.com and user name orinbou.
Cloning the Jenkins X cloud environments repo to /home/sarubobo_com/.jx/cloud-environments
? A local Jenkins X cloud environments repository already exists, recreating with latest: Yes
Cloning the Jenkins X cloud environments repo to /home/sarubobo_com/.jx/cloud-environments
Enumerating objects: 1436, done.
Total 1436 (delta 0), reused 0 (delta 0), pack-reused 1436
? Defaulting workload build pack: Kubernetes Workloads: Automated CI+CD with GitOps Promotion
Setting the team build pack to kubernetes-workloads repo: https://github.com/jenkins-x-buildpacks/jenkins-x-kubernetes.git ref: master
Installing jx into namespace jx
Installing jenkins-x-platform version: 2.0.822

WARNING: waiting for install to be ready, if this is the first time then it will take a while to download images
Jenkins X deployments ready in namespace jx
Configuring the TeamSettings for ImportMode Jenkinsfile
Configure Jenkins API Token
Generating the API token...
Logged in admin to Jenkins server at http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io via legacy security realm
Enable CSRF protection at: http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io/configureSecurity/
Created user admin API Token for Jenkins server jenkins.jx.XXX.XXX.XXX.XXX.nip.io at http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io
Updating Jenkins with new external URL details http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io
Creating default staging and production environments
? Select the organization where you want to create the environment repository: orinbou
Using Git provider GitHub at https://github.com
Creating repository orinbou/environment-armmotley-staging
Creating Git repository orinbou/environment-armmotley-staging
Pushed Git repository to https://github.com/orinbou/environment-armmotley-staging

Creating staging Environment in namespace jx
Created environment staging
Namespace jx-staging created
Created Jenkins Project: http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io/job/orinbou/job/environment-armmotley-staging/

Note that your first pipeline may take a few minutes to start while the necessary images get downloaded!

Creating GitHub webhook for orinbou/environment-armmotley-staging for url http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io/github-webhook/
Using Git provider GitHub at https://github.com
Creating repository orinbou/environment-armmotley-production
Creating Git repository orinbou/environment-armmotley-production
Pushed Git repository to https://github.com/orinbou/environment-armmotley-production

Creating production Environment in namespace jx
Created environment production
Namespace jx-production created
Created Jenkins Project: http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io/job/orinbou/job/environment-armmotley-production/

Note that your first pipeline may take a few minutes to start while the necessary images get downloaded!

Creating GitHub webhook for orinbou/environment-armmotley-production for url http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io/github-webhook/

Jenkins X installation completed successfully


        ********************************************************

             NOTE: Your admin password is: XXXXXXXXXXXXXXXXXXXX

        ********************************************************


Your Kubernetes context is now set to the namespace: jx
To switch back to your original namespace use: jx namespace default
Or to use this context/namespace in just one terminal use: jx shell
For help on switching contexts see: https://jenkins-x.io/developing/kube-context/
To import existing projects into Jenkins:       jx import
To create a new Spring Boot microservice:       jx create spring -d web -d actuator
To create a new microservice from a quickstart: jx create quickstart
Fetching cluster endpoint and auth data.
kubeconfig entry generated for armmotley.
Context "gke_analog-campus-245615_asia-northeast1-a_armmotley" modified.
NAME              HOSTS                                      ADDRESS          PORTS   AGE
chartmuseum       chartmuseum.jx.XXX.XXX.XXX.XXX.nip.io       XXX.XXX.XXX.XXX   80      3m13s
docker-registry   docker-registry.jx.XXX.XXX.XXX.XXX.nip.io   XXX.XXX.XXX.XXX   80      3m13s
jenkins           jenkins.jx.XXX.XXX.XXX.XXX.nip.io           XXX.XXX.XXX.XXX   80      3m13s
nexus             nexus.jx.XXX.XXX.XXX.XXX.nip.io             XXX.XXX.XXX.XXX   80      3m13s

セットアップ完了したJenkinsX環境

GCPKubernetes クラスタ画面でクラスタを確認できます。

f:id:orinbou:20190716035715p:plain

セットアップが完了した環境へは下記のようなURLでWebブラウザからアクセスできます。

名前 URL
chartmuseum http://chartmuseum.jx.XXX.XXX.XXX.XXX.nip.io/
docker-registry http://docker-registry.jx.XXX.XXX.XXX.XXX.nip.io/
jenkins http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io/
nexus http://nexus.jx.XXX.XXX.XXX.XXX.nip.io/

※ID/PWは、セットアップ時に表示されたもの(admin/XXXXXXXXXXXXXXXXXXXX)を使用します。

また、GitHubに新規リポジトリが作成されていることが確認できます。

新規プロジェクトを作成する(quickstart:spring boot)

Google Cloud ShellのWebコンソールで下記コマンドを実行します。

gcp_user@cloudshell:~ (analog-campus-245615)$ jx create quickstart
Using Git provider GitHub at https://github.com
? Do you wish to use orinbou as the Git user name? Yes
? Which organisation do you want to use? orinbou
? Enter the new repository name:  jx-create-quickstart-sample
Creating repository orinbou/jx-create-quickstart-sample
? select the quickstart you wish to create spring-boot-http-gradle
Generated quickstart at /home/sarubobo_com/jx-create-quickstart-sample
### NO charts folder /home/sarubobo_com/jx-create-quickstart-sample/charts/spring-boot-http-gradle
Created project at /home/sarubobo_com/jx-create-quickstart-sample
The directory /home/sarubobo_com/jx-create-quickstart-sample is not yet using git
? Would you like to initialise git now? Yes
? Commit message:  Initial import

Git repository created
selected pack: /home/sarubobo_com/.jx/draft/packs/github.com/jenkins-x-buildpacks/jenkins-x-kubernetes/packs/gradle
replacing placeholders in directory /home/sarubobo_com/jx-create-quickstart-sample
app name: jx-create-quickstart-sample, git server: github.com, org: orinbou, Docker registry org: analog-campus-245615
skipping directory "/home/sarubobo_com/jx-create-quickstart-sample/.git"
Pushed Git repository to https://github.com/orinbou/jx-create-quickstart-sample
Created Jenkins Project: http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io/job/orinbou/job/jx-create-quickstart-sample/

Watch pipeline activity via:    jx get activity -f jx-create-quickstart-sample -w
Browse the pipeline log via:    jx get build logs orinbou/jx-create-quickstart-sample/master
You can list the pipelines via: jx get pipelines
When the pipeline is complete:  jx get applications

For more help on available commands see: https://jenkins-x.io/developing/browsing/

Note that your first pipeline may take a few minutes to start while the necessary images get downloaded!

Creating GitHub webhook for orinbou/jx-create-quickstart-sample for url http://jenkins.jx.XXX.XXX.XXX.XXX.nip.io/github-webhook/

GitHubに新規リポジトリが作成されていることが確認できます。
https://github.com/orinbou/jx-create-quickstart-sample

あとは、上記リポジトリをローカルPCに clone して、masterブランチへpushもしくはpull requestによるマージが発生するとWebhookイベントにより自動的にGCP環境のJenkinsでビルドされデプロイまで自動的に実行されます。自動ビルド&デプロイはデフォルトでmasterブランチに対してのアクションのみです。驚いたのは、masterブランチへpull requestを出した際、pull requestの動作確認用のワークロード(例:jx-orinbou-jx-create-quickstart-sample-pr-1)が起動してすぐに動作確認できるようになっていた点です。とても便利です。

ちょっと残念だったのがpull requestをmasterへマージして動作確認用のGCPワークロードが不要になっても自動で削除してくれないところですね。GCP画面からいちいち選択して削除するのはダサいし、ヘビーに使う場合は管理が煩雑になりそう。不要ワークロードへの課金も心配です。

今回はJenkins installation typeを「Static Jenkins Server and Jenkinsfiles」にしましたが、次は「Serverless Jenkins X Pipelines with Tekton」にして試してみたいと思います。 下記URLに記載されている情報によると、Serverless Jenkins X Pipelines の方は、GitHub画面でBotと対話しながらより便利にGitOpsオペレーションができるっぽいので楽しみです。

上記URLのプロモーションを見ると、今回残念に感じた不要ワークロードの削除なんかもGitHubの画面からBotにやってもらえそう。

https://jenkins.io/images/jenkins-x-logo.png

参考