Jenkins Setup – First Run
1. SSH to the Jenkins server
2. git clone https://github.com/project-sunbird/sunbird-devops.git
3. cd sunbird-devops && git checkout tags/release-1.14 -b release-1.14
4. cd deploy/jenkins
5. sudo bash jenkins-server-setup.sh
6. Once the jenkins-server-setup script completes, open jenkins in browser by typing domain-name:8080 / public-ip:8080
7. Enter the initial password. Follow the on screen instructions on details
8. Choose install suggested plugin
9. Create a admin user
10. Choose the default jenkins URL. You can either change this to your domain name or public IP. If in doubt, just use whatever is displayed on screen as this can be changed later if required in Jenkins configuration.
11. Switch back to the terminal session on the Jenkins server
12. sudo bash jenkins-plugins-setup.sh
13. Enter the URL as localhost:8080
14. Enter the admin username and password
15. Now go to Manage Jenkins -> Manage Plugins -> Update Center -> Check status of plugin install. If any plugins failed to install, install them manually by visiting the plugins section of Jenkins
16. Now switch back to the terminal session on the Jenkins server
17. cp envOrder.txt.sample envOrder.txt
18. vi envOrder.txt
19. Update the environment list as per your infrastructure in ascending order. For example if you have only dev and production, your envOrder.txt will look like
| dev=0 production=1 |
20. sudo bash jenkins-jobs-setup.sh
21. Follow the onscreen instruction of the script. Provide choice as yes for all questions. The options are case sensitive, the script will display the accepted options.
22. Once the script completes copying the job config, go to the browser and restart jenkins using public-ip:8080/restart OR domain-name:8080/restart
23. Go to http://<jenkins_domain>/credentials/store/system/domain/_/newCredentials
24. Select Username with Password
25. Enter the username and password of the github account. This github account will require a private repository which will contain the inventory and other secrets. Currently github signup and github private repository is free for all.
26. Create an empty private repository
27. Also keep your dockerhub credentials handy. You will require it in subsequent steps. Currently dockerhub signup is free for all.
28. You can leave the ID blank so that jenkins auto generates it or you can give the ID to some long unique string such as abcde-fghij-klmno
29. You can provide the description as private repo credentails and click OK.
30. If you have left the ID blank, then click on the credential which was just created and then clikc on update. Jenkins will display the auto generated id. Copy this and keep it handy. We will require this in subsequent steps.
31. Goto http://<jenkins_domain>/configure
32. Choose the check box named “Environment variables”
33. Click on Add and enter the following Name, Value pairs
Name | Value |
|---|---|
ANSIBLE_FORCE_COLOR | true |
ANSIBLE_HOST_KEY_CHECKING | false |
ANSIBLE_STDOUT_CALLBACK | debug |
hub_org | docker hub organization eg: In sunbird/player image, sunbird is the hub_org |
private_repo_branch | The branch name in the private repository which you would like to use. This branch will have the inventory and secrets |
private_repo_credentials | The autogenerated ID created by jenkins or unique string which you provided |
private_repo_url | The github URL to your private repo. You can visit your private repo and click on clone button, which will display the https URL to your private repository |
public_repo_branch | This is the branch or tag from where Jenkinsfile will be picked up. You can set this value as refs/tags/release-1.14 or provide the value of development branch like release-1.15. If you prefer building from tags, set this value for tags |
34. Scroll down to “Global Pipeline Libraries” section and click Add. Provide the values as below
| Name | Value |
|---|---|
| Name | deploy-conf |
| Default version | Tag name of the jenkins shared library. This should be same version as release. For example, if release is release-1.14, jenkins shared tag will be release-1.14-shared-lib |
| Retrieval method | Modern SCM |
| Source Code Management | Git |
| Project Repository | https://github.com/project-sunbird/sunbird-devops.git |
35. Click on Save.
36. Now go to Manage Jenkins -> Configure global security
37. Choose the “Markup Formatter” as “Safe HTML”
38. Go to Manage Jenkins -> Manager Nodes -> Click master -> Click Configure -> Provide labels as “build-slave”
39. Set the number of executors to a number like 15 if your system configuration is 16GB RAM and 4 core CPU. Adjust this number accordingly based on your system configuration
40. Restart jenkins
41. Switch back to the terminal session on Jenkins server
42. sudo su jenkins
43. mkdir -p /var/lib/jenkins/secrets && cd /var/lib/jenkins/secrets
44. touch deployer_ssh_key ops_ssh_key vault-pass
45. chmod 400 deployer_ssh_key ops_ssh_key vault-pass
46. The key which you used to login to the Jenkins server will be called as ops_ssh_key from now onwards. Example:
| ssh -i somekey.pem ubuntu@jenkins-server-ip Here somekey.pem is the key you used to login to the Jenkins server which will be called as ops_ssh_key |
47. Copy the contents of the key you used to connect to VM into ops_ssh_key file
48. Create a new ssh key on your local machine or any server. We will use this for a user named deployer (or any name you like)
49. ssh-keygen -f deployer_ssh_key (passphrase should be empty)
50. Copy the contents of the deployer_ssh_key into /var/lib/jenkins/secrets/deployer_ssh_key
51. If your github private repo consists of ansible encrypted files, then enter the decryption password in /var/lib/jenkins/secrets/vault-pass. If there are no encrypted files, then enter some random value like 12345 into the vault-pass file. This file cannot be empty.
52. Follow the next set of steps to create inventory, secrets and ansible hosts in the private repo.