BestHub
Sign in
Cloud Native 5 min read

Deploying Jenkins on Kubernetes: Analysis, Image Pull, RBAC, Service, and StatefulSet Configuration

This guide explains how to deploy Jenkins as a Kubernetes pod, covering data persistence, Docker image download and tagging, RBAC setup, headless Service definition, and a StatefulSet with resource limits and volume claims for a robust CI/CD pipeline.

Practical DevOps Architecture
Practical DevOps Architecture
Practical DevOps Architecture
Deploying Jenkins on Kubernetes: Analysis, Image Pull, RBAC, Service, and StatefulSet Configuration

Analysis of deploying Jenkins on Kubernetes recommends running Jenkins as a pod and persisting its data, typically using NFS storage to ensure consistency across restarts.

Download the Jenkins Docker image and tag it for use.

docker pull jenkins/jenkins:2.346.3-2-lts
docker tag jenkins/jenkins:2.346.3-2-lts jenkins/jenkins:2.346.3-2-lts

Create the necessary RBAC resources so Jenkins can manage deployments, services, pods, and related objects.

apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins
  namespace: ops
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: jenkins
rules:
  - apiGroups: ["extensions", "apps"]
    resources: ["deployments", "ingresses"]
    verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
  - apiGroups: [""]
    resources: ["services"]
    verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
  - apiGroups: [""]
    resources: ["pods"]
    verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
  - apiGroups: [""]
    resources: ["pods/exec"]
    verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
  - apiGroups: [""]
    resources: ["pods/log", "events"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["get"]

Define a headless Service to expose Jenkins and its agent port.

apiVersion: v1
kind: Service
metadata:
  name: jenkins-svc
  namespace: ops
spec:
  clusterIP: None
  selector:
    app: jenkins
  ports:
    - name: http
      port: 8080
      targetPort: 8080
    - name: agent
      port: 50000

Configure a StatefulSet that runs Jenkins with persistent storage, environment variables, resource limits, and volume claims.

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: jenkins
  namespace: ops
spec:
  serviceName: "jenkins-svc"
  selector:
    matchLabels:
      app: jenkins
  template:
    metadata:
      labels:
        app: jenkins
    spec:
      containers:
        - name: jenkins
          image: 192.167.16.6/ops/jenkins:2.346
          imagePullPolicy: IfNotPresent
          env:
            - name: JAVA_OPTS
              value: "-Duser.timezone=Asia/Shanghai"
          ports:
            - name: http
              containerPort: 8080
            - name: agent
              containerPort: 50000
          resources:
            limits:
              cpu: 1500m
              memory: 2048Mi
          volumeMounts:
            - name: data
              mountPath: /var/jenkins_home
      volumeClaimTemplates:
        - metadata:
            name: data
          spec:
            accessModes: ["ReadWriteOnce"]
            storageClassName: "nfs-provisionerstorage"
            resources:
              requests:
                storage: 100Gi

Following these steps results in a fully functional Jenkins instance running inside a Kubernetes cluster, ready for CI/CD workloads.

Cloud NativeDockerCI/CDKubernetesRBACStatefulSetJenkins
Practical DevOps Architecture
Written by

Practical DevOps Architecture

Hands‑on DevOps operations using Docker, K8s, Jenkins, and Ansible—empowering ops professionals to grow together through sharing, discussion, knowledge consolidation, and continuous improvement.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment