- Single Source of truth for Jenkins and job/pipelines configuration
- Automatically managed lifecycle
- Straightforward deployment using Kubernetes’ CR or Helm Charts
- Security Hardening out of the box
- Jenkins customization via configuration-as-code yaml and job-dsl files
- Test different configurations in safe environment
- Utilize blue-green deployment for safe upgrades in production environments
- Minimal downtime
- GitOps declarative configuration for Jenkins and jobs/pipelines
- Use separate CI/CD instances for different teams
- Store secrets and credentials as Kubernetes resources
- Painless configuration rollbacks
- Uncomplicated way to recreate whole instance from scratch
- Good visibility (logs in kubernetes pods)
- Remote backups on s3 compatible storage
The diagram below shows the recommended architecture for running Jenkins on Kubernetes.
You should be aware of the following aspects of the design:
- Both the Jenkins master and agent processes have a corresponding Role-Based Authorization Strategy (RBAC) model
- Kubernetes Plugin is used to scale Jenkins agents
- There is one dedicated Seed Job Agent for creating Jenkins jobs
- A backup process is running in a sidecar container
- Authn & Authz are based on GitHub OAuth
- Backup files are uploaded to external storage, such as Azure Storage Blob
- DSL Pipelines and Job Definitions are versioned in GitHub (GitOps model)
- Secure access to the Jenkins instance is provided via VPN or Bastion Host
- Lifecycle Management is handled by the Kubernetes Operator
Talk with a technical expert
Not sure which solution is the best for you? Talk to our expert. No contract, no commitment, just a conversation. Barłomiej will contact you within 24 hours.
We have broad experience with the Cloud Native landscape, ranging from building platforms to large-scale cloud transformations.
Our team consists of Azure and Kubernetes certified experts, who actively participate in the Jenkins community.