This creates a platform in kubernetes to build, test and deploy an application.

• Jenkins Configuration as code using the jcasc plugin
• Reproducible platform
• Dynamic slaves for jenkins
• Visibility & Observability
• Decoupled service deployment (in kubernetes)

• docker (1.18.*)
• docker-compose (1.23.*)
• minikube
• kubectl (1.15.*)
• helm (v2.14.*)

• Jenkins
• Prometheus
• Grafana

Start a minikube instance

$ minikube start --memory 4096

Enable ingress addon

$ minikube addons enable ingress

Install tiller (make sure minikube is the current context by kubectl config current-context)

$ helm init (installs tiller in kube-system)

Please note values.yaml has been customized

$ cd kubernetes/monitoring

$ ./install_crd.sh (required because of this: https://github.com/helm/charts/tree/master/stable/prometheus-operator#helm-fails-to-create-crds)

$ ./install

Please note values.yaml has been customized

$ cd kubernetes/jenkins

creates a persistence volume & claim before for jenkins helm chart deployment $ kubectl apply -f manifests/pv.yaml $ kubectl apply -f manifests/pvc.yaml

$ ./install

it may take couple of minutes for jenkins to be up and running

{minikube ip}  prometheus.amit.local
{minikube ip}  grafana.amit.local
{minikube ip}  jenkins.amit.local

• prometheus: http://prometheus.amit.local
• grafana: http://grafana.amit.local
• jenkins: http://jenkins.amit.local

• grafana - (admin:admin)
• jenkins - (admin:printf $(kubectl get secret --namespace jenkins jenkins-r1 -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo)

• Upload an ssh private key for github in jenkins under the jenkins credential id github_ssh to get access to the private repos
• Get your current kubeconfig for minikube by running kubectl config view --flatten --minify, you'll need only the minikube context.
• With the flattened kubeconfig obtained in the previous step replace the existing kubeconfig content of k8s-admin by going here: http://jenkins.amit.local/credentials/store/system/domain/_/credential/k8s-admin/update
• You may have to manually trigger the multibranch job by clicking Scan Multibranch Pipeline Now button

• No TLS
• No RBAC in kubernetes or Jenkins
• Job definition is moved to this public repositry, for JCASC to access and build. This could have been avoided by creating a seed job
• Could not implement docker image publish as uploading images to docker hub was taking a lot of time. Tried a private registry (registry/docker-compose.yaml) but disabling tls verification for the private registry was not trivial in minikube. This Limitation can easily be fixed by having a local registry.
• kubernetes-cd can't delete deployments at the momen

• Linting and static code analysis
• Versioning (app and dependencies)
• Secrets management
• Security
• Scalability
• Operations using gitops
• Modularize declarative pipeline by having shared pipeline libraries
• Need more time to figure out why kubernetes-cd is only deploying to the default namespace of minikube

Amit Sarkar