Deploy CloudBees CI to AWS EKS Clusters with this add-on.
This AWS Partner Addon aims to ease the adoption and experimentation of CloudBees CI enterprise features by:
- Encapsulating the Deployment of CloudBees CI Modern in AWS EKS into a Terraform module.
- Providing a series of Blueprints implementing the mentioned CloudBees CI Addon module on top of AWS Terraform EKS Addons which are aligned with EKS Best Practices Guides.
There are examples of implementation included in the blueprint folder but the simplest example of usage is as follows:
module "eks_blueprints_addon_cbci" {
source = "REPLACE_ME"
hostname = "example.domain.com"
cert_arn = "arn:aws:acm:us-east-1:0000000:certificate/0000000-aaaa-bbb-ccc-thisIsAnExample"
temp_license = {
first_name = "Foo"
last_name = "Bar"
email = "foo.bar@acme.com"
company = "Acme Inc."
}
}By default, it uses a minimum required configuration described in values.yml.
If you would like to override any defaults with the chart, you can do so by passing the helm_config variable.
Tip
Blueprints lifecycle (deploy > validate > destroy) can be orchestrated via the companion Makefile.
Blueprint deploy and destroy phases use the same tooling requirement per AWS EKS Blueprints - Getting Started Guide - Prerequisites.
Nevertheless, the Blueprint validate phase might require additional toolings like jq and velero.
Note
There is a companion Dockerfile to run the blueprints in a containerized Dev environment ensuring dependecies are met. It can be built by using the Makefile target make dRun.
Make sure to export your required AWS Environment Variables to your CLI before getting started (eg. AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY or AWS_PROFILE).
These blueprints rely on an existing Hosted Zone in AWS Route53. If you don't have one, you can create one by following the AWS Route53 documentation.
The two main components of CloudBees CI, Operations Center and Managed Controllers, use a file system to persist data. Data is stored in a folder called Jenkins Home that can be configured to be stored in Amazon EBS or EFS:
- Amazon EBS volumes are scoped to a particular Availability Zone to offer high-speed, low-latency access to the EC2 instances they are connected to. If an Availability Zone fails, an EBS volume becomes inaccessible due to file corruption, or there is a service outage, the data on these volumes will become inaccessible. Operations Center and Managed Controller pods require this persistent data and have no mechanism to replicate the data, so we recommend frequent backups for Amazon EBS.
- Amazon EFS file systems are scoped to an AWS Region and can be accessed from any Availability Zone in the Region the file system was created in. Using Amazon EFS as a storage class for the Operations Center and Managed Controller allows pods to be rescheduled successfully onto healthy nodes in the event of an Availability Zone outage. Amazon EFS file systems may increase the cost of the deployment compared to the Amazon EBS option, but provide greater fault tolerance.
Important
CloudBees HA (active-active) requires Amazon EFS. See CloudBees CI EKS Storage Requirements.
Note
For more information on pricing, see the Amazon EBS pricing page and the Amazon EFS pricing page.
This module runs with a Trial License for CloudBees CI.
Check out CloudBees CI License Expiration FAQ once the trial has expired to define our next steps.
CloudBees CI Add-on uses for its resources definition helms release which makes it compatible AWS EKS Blueprint v4 and AWS EKS Blueprint v5 (Additional info at v4 to v5 migration guide).
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cert_arn | Certificate ARN from AWS ACM | string |
n/a | yes |
| hosted_zone | Route53 Hosted zone name | string |
n/a | yes |
| temp_license | Temporary license details | map(string) |
n/a | yes |
| helm_config | CloudBees CI Helm chart configuration | any |
{ |
no |
| secrets_file | Secrets file yml path containing the secrets names:values to create the Kubernetes secret cbci-secrets. It can be mounted for Casc | string |
"secrets-values.yml" |
no |
| Name | Description |
|---|---|
| cbci_domain_name | Route 53 Domain Name to host CloudBees CI Services. |
| cbci_liveness_probe_ext | Operation Center Service External Liveness Probe for CloudBees CI Add-on. |
| cbci_liveness_probe_int | Operation Center Service Internal Liveness Probe for CloudBees CI Add-on. |
| cbci_namespace | Namespace for CloudBees CI Addon. |
| cbci_oc_ing | Operation Center Ingress for CloudBees CI Add-on. |
| cbci_oc_pod | Operation Center Pod for CloudBees CI Add-on. |
| cbci_oc_url | Operation Center URL for CloudBees CI Add-on using Subdomain and Certificates. |
| merged_helm_config | (merged) Helm Config for CloudBees CI |
Cloudbees' slack channel #cbci-eks-blueprints