This topic describes how to deploy Jenkins, a continuous integration environment,
in a serverless Kubernetes cluster. This topic also provides step-by-step instructions
on how to build an application delivery pipeline that includes source code compilation,
image creation and pushing, and application deployment.
Prerequisites
Before you start, make sure that the following requirements are met:
Deploy Jenkins
- Run the following command to download the Jenkins package:
git clone https://github.com/AliyunContainerService/jenkins-on-serverless.git
cd jenkins-on-serverless
- Mount a persistent volume (PV) to the jenkins_home directory.
Serverless Kubernetes clusters do not support cloud disks. If you require persistent
storage, you must mount a Network File System (NFS) volume to the jenkins_home directory.
In addition, you must modify the
serverless-k8s-jenkins-deploy.yaml file, remove the following annotations, and set NFS parameters:
#volumeMounts:
# - mountPath: /var/jenkins_home
# name: jenkins-home
.....
#volumes:
# - name: jenkins-home
# nfs:
# path: /
# server:
- Run the following command to deploy Jenkins:
kubectl apply -f serverless-k8s-jenkins-deploy.yaml
- Log on to Jenkins.
- Log on to the ACK console.
- In the left-side navigation pane, click Clusters.
- On the Clusters page, find the cluster that you want to manage and click the cluster name or click
Applications in the Actions column.
- In the left-side navigation pane, click Services.
- Select Jenkins and click its external endpoint to log on.
- On the Jenkins logon page, enter the username and password. The default username and
password are both admin. We recommend that you change the username and password after
you log on.
Create a cluster certificate and an image repository certificate, and build and deploy
an application
- Set Kubernetes Cloud parameters to dynamically create a slave pod.
- In the left-side navigation pane, click Manage Jenkins.
- In the Manage Jenkins panel, click Configure System.
- In the Cloud section, set Kubernetes URL to the API server URL in KubeConfig.
- Click Add on the right side of Credentials.

Before you add a credential, go to the
Basic Information page of the serverless Kubernetes cluster and find
KubeConfig below
Configure the cluster credentials.

In the
Add Credentials dialog box, set the following parameters:

- Kind: Select Docker Host Certificate Authentication.
- Client Key: Enter the value of client-key-data obtained from KubeConfig.
- Client Certificate: Enter the value of client-certificate-data obtained from KubeConfig.
- ID: Enter the certificate ID. k8sCertAuth is entered in this example.
- Description: Enter a description.
- Click Add.
- Test the connectivity.
From the
Credentials drop-down list, select the newly added credential and click
Test Connection.

- Set Jenkins URL to the external endpoint of the Jenkins service and set Jenkins tunnel to the external endpoint of the jenkins-agent service.
- Click Save.
- To set permissions on the image repository, use kubectl to create a jenkins-docker-cfg
Secret in the serverless Kubernetes cluster.
An image repository provided by Alibaba Cloud in the China (Beijing) region is used
in this example.
docker login -u xxx -p xxx registry.cn-beijing.aliyuncs.com
# Output:
Login Succeeded
kubectl create secret generic jenkins-docker-cfg --from-file=/root/.docker/config.json
- Build demo-pipeline and access the application.
- On the Jenkins homepage, click demo-pipeline.
- In the left-side navigation pane, click Build with Parameters.
- Modify the parameters based on the image repository information. Set api_server_url to the API server URL in KubeConfig. The source code repository branch is serverless
and the image is registry.cn-beijing.aliyuncs.com/haoshuwei/jenkins-java-demo:serverless in this example.
- Click Build.
- Click Build History to check the result. The following figure shows that the build
is successful.
- Log on to the Container Service console to view the IP addresses of the services provided by the application.
Source code repository
Click Code repository to obtain the source code used in this topic.