Run the following commands to setup the Jenkins Helm chart.
helm repo add jenkins https://charts.jenkins.io
helm repo update
Run the following command to install Jenkins.
helm install jenkins jenkins/jenkins --namespace jenkins --create-namespace --set controller.javaOpts=-Dorg.jenkinsci.plugins.durabletask.BourneShellScript.LAUNCH_DIAGNOSTICS=true,controller.jenkinsUriPrefix=/jenkins
Run the following command to get the admin user name.
kubectl exec --namespace jenkins -it svc/jenkins -c jenkins -- /bin/cat /run/secrets/additional/chart-admin-username
Run the following command to get the admin user password.
kubectl exec --namespace jenkins -it svc/jenkins -c jenkins -- /bin/cat /run/secrets/additional/chart-admin-password
Run the following command to forward the Jenkins port locally.
kubectl --namespace jenkins port-forward svc/jenkins 8080:8080
Then access Jenkins in your browser: http://127.0.0.1:8080
Apply the following virtualservice to expose Jenkins through your ingress gateway.
# virtualservice.yaml
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
labels:
app.kubernetes.io/component: jenkins-controller
app.kubernetes.io/instance: jenkins
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: jenkins
name: jenkins
namespace: jenkins
spec:
gateways:
- gateway/istio-ingressgateway
hosts:
- localhost
- host.docker.internal
http:
- match:
- uri:
prefix: /jenkins/
name: http
rewrite:
uri: /jenkins/
route:
- destination:
host: jenkins.jenkins.svc.cluster.local
port:
number: 8080
subset: http
weight: 100
Apply the following destinationrule to expose Jenkins through your ingress gateway.
# destinationrule.yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
labels:
app.kubernetes.io/component: jenkins-controller
app.kubernetes.io/instance: jenkins
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: jenkins
name: jenkins
namespace: jenkins
spec:
host: jenkins.jenkins.svc.cluster.local
subsets:
- labels:
app.kubernetes.io/component: jenkins-controller
app.kubernetes.io/instance: jenkins
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: jenkins
name: http
trafficPolicy:
tls:
mode: DISABLE
Apply the following ServiceAccount and ClusterRoleBinding.
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins-slave
namespace: jenkins
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: jenkins-slave-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: jenkins-slave
namespace: jenkins