Customised Installation of Jenkins using Ansible Playbook

 

What is Jenkins & Ansible?

Jenkins is one of the most powerful and commonly used Continuous Integration and Deployment (CI/CD) tool in the DevOps world. A Job in Jenkins denotes an automated flow created to do a particular set of tasks. There are different types of Jobs available in the Jenkins like Freestyle, Pipeline, DSL, etc. with the most common being the Jenkins Pipeline job.

Ansible is one of the most powerful and commonly used open-source Configuration management tool in the DevOps world. It is widely used for software provisioning, automate apps, configuration management and application deployment. It is compatible to run on almost all platforms.

Today's Agenda

In this post, we will learn how to install Jenkins using Ansible Playbook. We will do this installation using the Customised Jenkins Installation with custom admin credentials and pre-installed required plugins. Refer to this link install Jenkins using the Normal Installation (i.e. with Default User and Plugins).

Prerequisite

This post has been prepared for the audience who : 

1. Have access to a system with Ansible installed and configured on it.
2. Have a very basic understanding of Linux commands to debug if there are any errors.
3. Have a server setup on which Jenkins needs to be installed.
4. And finally, are eager to learn and try such powerful tools.

Let's get started

 The Customised Way (With Custom User Credentials & Plugins) 

Step 1: Create an empty Ansible playbook structure for Jenkins.

Same as in the Normal Installation method.

Step 2: Change required playbook files for Jenkins.

In the Ansible playbook file structure, tasks > main.yml file include the main installation steps.

--- #  tasks file for Jenkins - name: Install packages and dependencies   apt: name={{ item }} update_cache=yes state=present   with_items:   - openjdk-8-jdk  # this specific version is needed for Jenkins to run   - libfontconfig   - libffi-dev   - libncurses5-dev - name: Add the Jenkins public GPG key to the apt repo   apt_key: url=http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key           state=present - name: Add Jenkins apt repo to the trusted sources list   apt_repository: repo='deb http://pkg.jenkins-ci.org/debian binary/'                 update_cache=yes                 state=present - name: Install Jenkins server   apt: name=jenkins state=present - name: install python3-pip   apt:   pkg:   - python3-pip - name: Install additional Python packages   pip: name={{ item }} state=latest   with_items:   - ansible   - boto   - flake8   - passlib - name: Remove default config.xml   file:   path: /var/lib/jenkins/config.xml   state: absent - name: Add custom config.xml file from template   template:   src: config.xml   dest: "{{ jenkins_home}}/config.xml"   owner: jenkins   group: jenkins   mode: '0644' - name: Restart jenkins server   systemd:   name: jenkins   enabled: yes   state: restarted - name: add jenkins admin password to ansible register   shell: "cat /var/lib/jenkins/secrets/initialAdminPassword"   register: jenkins_admin_password - name: Create Jenkins updates directory.   file:   path: "{{ jenkins_home }}/updates"   state: directory   owner: jenkins   group: jenkins - name: Download current plugin updates from Jenkins update site.   get_url:   url: "{{ jenkins_updates_url }}/update-center.json"   dest: "{{ jenkins_home }}/updates/default.json"   owner: jenkins   group: jenkins   mode: 0440   changed_when: false   register: get_result   until: get_result is success   retries: 3   delay: 2 - name: Remove the first and the last line from the JSON file.   replace:   path: "{{ jenkins_home }}/updates/default.json"   regexp: "1d;$d" - name: install jenkins plugins   jenkins_plugin:   name: "{{ item.key }}"   version: "{{ item.value['version'] }}"   url_username: admin   url_password: "{{ jenkins_admin_password.stdout }}"   url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}"   with_dict: "{{ jenkins_plugins }}"   register: plugin_result   until: plugin_result is success   retries: 3   delay: 2 - name: download jenkins cli jar file   get_url:   url: "http://localhost:8080/jnlpJars/jenkins-cli.jar"   dest: "{{ jenkins_home }}/jenkins-cli.jar"   mode: '0664' - debug:   msg:   - "IMPORTANT------> PLEASE CHANGE THE ADMIN USER PASSWORD AFTER LOGIN. CURRENT PASSWORD IS STORED IN /var/lib/jenkins/secrets/initialAdminPassword FILE." - name: Restart jenkins server   systemd:   name: jenkins   state: restarted

In the Ansible playbook file structure, defaults > main.yml file include the variables that we want to use in our main installation script (tasks > main.yml) file.

--- # defaults file for Jenkins jenkins_home: /var/lib/jenkins jenkins_hostname: localhost jenkins_http_port: 8080 jenkins_updates_url: "https://updates.jenkins.io" jenkins_plugins: ace-editor:   version: "1.1" ant:   version: "1.10" antisamy-markup-formatter:   version: "1.6" apache-httpcomponents-client-4-api:   version: "4.5.10-2.0" artifact-manager-s3:   version: "1.6" authentication-tokens:   version: "1.3" aws-credentials:   version: "1.28" aws-global-configuration:   version: "1.3" aws-java-sdk:   version: "1.11.650" bitbucket:   version: "1.1.11" blueocean:   version: "1.19.0" blueocean-autofavorite:   version: "1.2.4" blueocean-bitbucket-pipeline:   version: "1.19.0" blueocean-commons:   version: "1.19.0"

In the Ansible playbook file structure, templates > config.xml file include the main config file of Jenkins.

You need to update the version of Jenkins in this file while you follow this document.

<?xml version='1.1' encoding='UTF-8'?> <hudson> <disabledAdministrativeMonitors/> <version>2.235.1</version> <installStateName>RUNNING</installStateName> <numExecutors>2</numExecutors> <mode>NORMAL</mode> <useSecurity>true</useSecurity> <authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy">   <denyAnonymousReadAccess>true</denyAnonymousReadAccess> </authorizationStrategy> <securityRealm class="hudson.security.HudsonPrivateSecurityRealm">   <disableSignup>true</disableSignup>   <enableCaptcha>false</enableCaptcha> </securityRealm> <disableRememberMe>false</disableRememberMe> <projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/> <workspaceDir>${JENKINS_HOME}/workspace/${ITEM_FULL_NAME}</workspaceDir> <buildsDir>${ITEM_ROOTDIR}/builds</buildsDir> <jdks/> <viewsTabBar class="hudson.views.DefaultViewsTabBar"/> <myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/> <clouds/> <scmCheckoutRetryCount>0</scmCheckoutRetryCount> <views>   <hudson.model.AllView>     <owner class="hudson" reference="../../.."/>     <name>all</name>     <filterExecutors>false</filterExecutors>     <filterQueue>false</filterQueue>     <properties class="hudson.model.View$PropertyList"/>   </hudson.model.AllView> </views> <primaryView>all</primaryView> <slaveAgentPort>-1</slaveAgentPort> <label></label> <crumbIssuer class="hudson.security.csrf.DefaultCrumbIssuer">   <excludeClientIPFromCrumb>false</excludeClientIPFromCrumb> </crumbIssuer> <nodeProperties/> <globalNodeProperties/> </hudson>

Step 3: Provision file to add Jenkins server details.

Same as in the Normal Installation method.

Step 4: Run the playbook to get the results.

Same as in the Normal Installation method.

NOTE: 

    1.  The output of the final ansible-playbook command will display a message with file path that includes the password of the admin user. Please read that message carefully.

    2.  Update the plugins list according to your use-case from defaults > main.yml file.