Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Situation Awareness
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive

Configuring Jenkins Agent

Updated on 2025-01-08 GMT+08:00

After Jenkins is installed, the following information may display, indicating that Jenkins uses a Master for local build and Agents are not configured.

If you install Jenkins using a Master, you can build a pipeline after performing operations in Installing and Deploying Jenkins Master. For details, see Using Jenkins to Build a Pipeline.

If you install Jenkins using a Master and Agents, you can select either of the following solutions to configure Agents.

  • Fixed Agent: The Agent container keeps running and occupying cluster resources after a job is built. This configuration is simple.
  • Dynamic Agent: An Agent container is dynamically created during job build and is killed after the job is built. In this way, resources can be dynamically allocated and the resource utilization is high. This configuration is complex.

In this section, the Agent is containerized using the jenkins/inbound-agent:4.13.3-1 image.

Adding a Fixed Agent to Jenkins

  1. Log in to the Jenkins dashboard, click Manage Jenkins on the left, and choose System Configuration > Manage nodes and clouds.
  2. Click New Node on the left, enter the node name fixed-agent (which can be customized), and select Permanent Agent for Type.

  3. Specify the following node information:

    • Number of executors: The default value is 1. Set this parameter as required.
    • Remote root directory: Enter /home/jenkins/agent.
    • Launch method: Select Launch agent by connecting it to the controller.

    Retain the values for other parameters and click Save.

  4. In the Nodes page, click the new node. The Agent status is disconnected, and the method for connecting the node to Jenkins is provided. This command applies to VM installation. In this example, container-based installation is used. Therefore, you only need to copy the secret, as shown in the following figure.

  5. Log in to the CCE console, click the target cluster. Choose Workloads > Deployments and click Create Workload on the right.
  6. Configure basic workload parameters.

    • Workload Name: agent (user-defined)
    • Namespace: Select the namespace where Jenkins will be deployed. You can create a namespace.
    • Pods: Set it to 1.

  7. Configure basic container parameters.

    • Image Name: Enter jenkins/inbound-agent:4.13.3-1. The image version may change with time. Select an image version as required or use the latest version.
    • CPU Quota: In this example, set Limit to 2 cores.
    • Memory Quota: Set Limit to 2048 MiB.
    • Privileged Container: must be enabled so that the container can obtain permissions on the host. Otherwise, Docker commands cannot be executed in the container.

    Retain the default values for other parameters.

  8. Run the following commands to configure the environment variables:

    • JENKINS_URL: Jenkins access path, which should be the address of port 8080 configured in 6. (Both ports 8080 and 50000 must be enabled.) In this example, the cluster IP address and port 8080 and cluster IP address and port 50000 are used, for example, http://10.247.222.254:8080.
    • JENKINS_AGENT_NAME: name of the Agent set in 2. In this example, the value is fixed-agent.
    • JENKINS_SECRET: secret copied from 4.
    • JENKINS_AGENT_WORKDIR: remote work directory configured in 3, that is, /home/jenkins/agent.

  9. Add permissions to the Jenkins container so that Docker commands can be executed in the Jenkins container.

    1. Ensure that Privileged Container is enabled in 3.
    2. Click Data Storage, click Add Volume, select hostPath, and mount the host path to the corresponding container path.
      Table 1 Mounting path

      Storage Type

      Host Path

      Mounting Path

      hostPath

      /var/run/docker.sock

      /var/run/docker.sock

      hostPath

      /usr/bin/docker

      /usr/bin/docker

      hostPath

      /usr/lib64/libltdl.so.7

      /usr/lib/x86_64-linux-gnu/libltdl.so.7

      hostPath

      /usr/bin/kubectl

      /usr/local/bin/kubectl

      After the mounting is complete, the page shown in Figure 1 is displayed.
      Figure 1 Mounting the host paths to the corresponding container paths

    3. In Security Context, set User ID to 0 (user root).
      Figure 2 Configuring the user

  10. Retain the default settings for Advanced Settings and click Create Workload.
  11. Go to the Jenkins page and refresh the node status to In sync.

    NOTE:

    After the Agent is configured, you are advised to set the number of concurrent build jobs of the Master to 0. That is, you use the Agent for build. For details, see Modifying the Number of Concurrent Build Jobs.

Setting a Dynamic Agent for Jenkins

  1. Install the plug-in.

    On the Jenkins dashboard page, click Manage Jenkins on the left and choose System Configuration > Manage Plugins. On the Available tab, search for Kubernetes and install Kubernetes CLI and Kubernetes.

    The plug-in version may change with time. Select a plug-in version as required.

    • Kubernetes Plugin: 3734.v562b_b_a_627ea_c

      It is used to run dynamic Agents in the Kubernetes cluster, create a Kubernetes pod for each started Agent, and stop the pod after each build is complete.

    • Kubernetes CLI Plugin: 1.10.3

      kubectl can be configured for jobs to interact with Kubernetes clusters.

    NOTE:

    The Jenkins plugins are provided by the plugin maintainer and may be iterated due to security risks.

  2. Add cluster access credentials to Jenkins.

    Add cluster access credentials to Jenkins in advance. For details, see Setting Cluster Access Credentials.

  3. Configure basic cluster information.

    On the Jenkins dashboard page, click Manage Jenkins on the left and choose System Configuration > Manage nodes and clouds. Click Configure Clouds on the left to configure the cluster. Click Add a new cloud and select Kubernetes. The cluster name can be customized.

  4. Enter Kubernetes Cloud details.

    Set the following cluster parameters and retain the values for other parameters, as shown in Figure 3.
    • Kubernetes URL: cluster API server address. You can enter https://kubernetes.default.svc.cluster.local:443.
    • Credentials: Select the cluster credential added in 2. You can click Test Connection to check whether the cluster is connected.
    • Jenkins URL: Jenkins access path. Enter the IP address of port 8080 set in 6 (ports 8080 and 50000 must be enabled for the IP address, that is, the intra-cluster access address), for example, http://10.247.222.254:8080.
    Figure 3 Example

  5. Pod Template: Click Add Pod Template > Pod Template details and set pod template parameters.

    • Set the basic parameters of the pod template, as shown in Figure 4.
      • Name: jenkins-agent
      • Namespace: cicd
      • Labels: jenkins-agent
      • Usage: Select Use this node as much as possible.
      Figure 4 Basic parameters of the pod template
    • Add a container. Click Add Container > Container Template. Figure 5 shows the parameters.
      • Name: The value must be jnlp.
      • Docker image: jenkins/inbound-agent:4.13.3-1. The image version may change with time. Select an image version as required or use the latest version.
      • Working directory: /home/jenkins/agent is selected by default.
      • Command to run/Arguments to pass to the command: Delete the existing default value and leave these two parameters empty.
      • Allocate pseudo-TTY: Select this parameter.
      • Select Run in privileged mode and set Run As User ID to 0 (root user).
      Figure 5 Container template parameters
    • Add a volume: Choose Add Volume > Host Path Volume to mount the host path in Table 2 to the corresponding path of the container.
      Table 2 Mounting path

      Storage Type

      Host Path

      Mounting Path

      hostPath

      /var/run/docker.sock

      /var/run/docker.sock

      hostPath

      /usr/bin/docker

      /usr/bin/docker

      hostPath

      /usr/lib64/libltdl.so.7

      /usr/lib/x86_64-linux-gnu/libltdl.so.7

      hostPath

      /usr/bin/kubectl

      /usr/local/bin/kubectl

      After the mounting is complete, the page shown in Figure 6 is displayed.

      Figure 6 Mounting the host paths to the corresponding container paths
    • Run As User ID: 0 (root user)
    • Workspace Volume: working directory of the agent. Persistence is recommended. Select Host Path Workspace Volume and set Host path to /home/jenkins/agent.

  6. Click Save.

    NOTE:

    After the Agent is configured, you are advised to set the number of concurrent build jobs of the Master to 0. That is, you use the Agent for build. For details, see Modifying the Number of Concurrent Build Jobs.

Setting Cluster Access Credentials

The certificate file that can be identified in Jenkins is in PKCS#12 format. Therefore, convert the cluster certificate to a PFX certificate file in PKCS#12 format.

  1. Log in to the CCE console and click the cluster name to access the cluster console. Choose Overview in the navigation pane. On the page displayed, locate the Connection Information area, and download the cluster certificate. The certificate contains ca.crt, client.crt, and client.key files.

  2. Log in to a Linux host, place the three certificate files in the same directory, and use OpenSSL to convert the certificate into a cert.pfx certificate. After the certificate is generated, the system prompts you to enter a custom password.

    openssl pkcs12 -export -out cert.pfx -inkey client.key -in client.crt -certfile ca.crt

  3. On the Jenkins console, choose Manage Jenkins > Manage Credentials and click Global. You can also create a domain.

  4. Click Add Credential.

    • Kind: Select Certificate.
    • Scope: Select Global.
    • Certificate: Select Upload PKCS#12 certificate and upload the cert.pfx file generated in 2.
    • Password: The password customized during cert.pfx conversion.
    • ID: Set this parameter to k8s-test-cert, which can be customized.

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback