nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests
commit 02dfeb11581e0d1eff8dbeeb7a05f57c92dc3101
parent 436e406fba7a982d6c191835681b60f4323d849f
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Sat, 25 May 2024 22:27:13 +0200

feat(jenkins): configure docker plugins and examples

On Jenkins server:
* Change UTC timezone to local timezone
* Disable usage statistics

Configure Docker workflow/pipeline plugin that relies on Nomad jobs to
spawn the Docker containers.

Add Docker plugin (docker cloud) usage examples (not active).

Diffstat:

Mhcl/default/jenkins/jenkins.nomad | 11+++++++++--


Mhcl/default/jenkins/templates/jenkins.yaml.tmpl | 47++++++++++++++++++++++++++++++++++++++++-------


2 files changed, 49 insertions(+), 9 deletions(-)

diff --git a/hcl/default/jenkins/jenkins.nomad b/hcl/default/jenkins/jenkins.nomad
@@ -48,6 +48,7 @@ job "jenkins" {
 
       config {
         image = "docker.io/jenkins/jenkins:lts-jdk17"
+        force_pull = true
         command = "jenkins-plugin-cli"
         args = [
           "--plugins",
@@ -56,7 +57,8 @@ job "jenkins" {
           "git",
           "hashicorp-vault-plugin",
           "nomad",
-          "docker-plugin",
+          "docker-workflow", # spawn Jenkins agents in Nomad jobs
+          #"docker-plugin", # spawn Jenkins agents in Docker containers
           "--plugin-download-directory",
           "/var/jenkins_home/plugins",
         ]
@@ -84,7 +86,7 @@ job "jenkins" {
       }
 
       env {
-        JAVA_OPTS = "-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"
+        JAVA_OPTS = "-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false -Dorg.apache.commons.jelly.tags.fmt.timeZone=Europe/Zurich -Dhudson.model.UsageStatistics.disabled=true"
       }
 
       config {
@@ -94,6 +96,10 @@ job "jenkins" {
         volumes = [
           # mount the templated config from the task directory to the container
           "local/jenkins.yaml:/var/jenkins_home/jenkins.yaml",
+          # Required to test the functionality of the socket in the settings on
+          # the Jenkins controller (only for Docker cloud, docker-plugin)
+          # https://jenkins.in0rdr.ch/manage/cloud/docker/configure
+          #"/run/user/1312/podman/podman.sock:/home/jenkins/agent/podman.sock"
         ]
       }
 
@@ -115,6 +121,7 @@ job "jenkins" {
 
       config {
         image = "docker.io/library/nginx:stable-alpine"
+        force_pull = true
         ports = ["https"]
         volumes = [
           # mount the templated config from the task directory to the container
diff --git a/hcl/default/jenkins/templates/jenkins.yaml.tmpl b/hcl/default/jenkins/templates/jenkins.yaml.tmpl
@@ -46,7 +46,7 @@ jenkins:
               ],
               "TaskGroups": [
                 {
-                  "Name": "jenkins-worker-taskgroup",
+                  "Name": "jenkins-podman-worker-taskgroup",
                   "Count": 1,
                   "RestartPolicy": {
                     "Attempts": 0,
@@ -56,20 +56,27 @@ jenkins:
                   },
                   "Tasks": [
                     {
-                      "Name": "jenkins-worker",
+                      "Name": "jenkins-podman-worker",
                       "Driver": "podman",
+                      "User": "1312",
                       "Config": {
-                        "image": "docker.io/jenkins/inbound-agent:latest"
+                        "volumes": [
+                          "/run/user/1312/podman/podman.sock:/home/jenkins/agent/podman.sock",
+                          "/home/jenkins/workspace:/home/jenkins/workspace"
+                        ],
+                        "force_pull": true,
+                        "image": "127.0.0.1:5000/jenkins-inbound-agent:latest"
                       },
                       "Env": {
                         "JENKINS_URL": "http://{{ env "NOMAD_ADDR_jenkins" }}",
                         "JENKINS_AGENT_NAME": "%WORKER_NAME%",
                         "JENKINS_SECRET": "%WORKER_SECRET%",
-                        "JENKINS_TUNNEL": "{{ env "NOMAD_ADDR_jnlp" }}"
+                        "JENKINS_TUNNEL": "{{ env "NOMAD_ADDR_jnlp" }}",
                       },
                       "Resources": {
                         "CPU": 500,
-                        "MemoryMB": 256
+                        "MemoryMB": 512,
+                        "MemoryMaxMB": 1024
                       }
                     }
                   ],
@@ -80,9 +87,35 @@ jenkins:
               ]
             }
           }
-        labels: "nomad"
+        labels: "nomad podman" # use the 'podman' label in the Jenkins pipeline spec
         numExecutors: 1
-        prefix: "jenkins"
+        prefix: "jenkins-podman"
         reusable: true
       tlsEnabled: false
       workerTimeout: 1
+  # Configuration example for the Docker cloud to spawn Jenkins agents directly
+  # in Docker containers without intermediary Nomad jobs:
+  # - https://plugins.jenkins.io/docker-plugin/#plugin-content-jcasc-plugin
+  #- docker:
+  #    name: "docker"
+  #    containerCap: 3
+  #    dockerApi:
+  #      connectTimeout: 23
+  #      dockerHost:
+  #        uri: "unix:///home/jenkins/agent/podman.sock"
+  #      readTimeout: 43
+  #    errorDuration: 313
+  #    templates:
+  #    - connector:
+  #        jnlp:
+  #          jenkinsUrl: "http://{{ env "NOMAD_ADDR_jenkins" }}"
+  #          user: "1312"
+  #      dockerTemplateBase:
+  #        image: "127.0.0.1:5000/jenkins-inbound-agent:latest"
+  #        environment:
+  #        - JENKINS_TUNNEL={{ env "NOMAD_ADDR_jnlp" }}
+  #        - DOCKER_HOST=unix:///home/jenkins/agent/podman.sock
+  #      labelString: "podman"
+  #      name: "alpine-jdk21"
+  #      pullTimeout: 171
+  #      remoteFs: "/home/jenkins/agent"