3

I'm tyring to figure out the best strategy for containerizing builds in a Jenkins CI/CD infrastructure using Docker. From what I see I have 2 options:

(1) Use ephemeral slaves that get provisioned on-demand on Docker hosts using the Docker Plugin: https://wiki.jenkins-ci.org/display/JENKINS/Docker+Plugin Once the build completes the slave is disposed. As a consequence, only one build ever gets run on a single slave.

(2) Use static slaves (e.g. VMs) that run builds inside Docker containers using the CloudBees Docker Custom Build Environment Plugin: https://wiki.jenkins-ci.org/display/JENKINS/CloudBees+Docker+Custom+Build+Environment+Plugin As a consequence, multiple (isolated) builds can run on a single slave.

What are the main advantages/disadvantages of one approach over the other? When and why should should I choose one over the other? This does not appear at all obvious to me.

I suspect builds are lighter weight that slaves, so for a CI/CD infrastructure orchestrating a large end-to-end pipeline with many jobs running (2) would be more scalable - each Jenkins slave incurs at least 2 threads on the master node.

Edit

Boon
  • 925
  • 1
  • 8
  • 30

1 Answers1

1

My preference is the option 1 (ephemeral slaves) with the Docker plugin.

With this plugin, you declare your build images in the global Jenkins settings, you can affect labels to your Docker images:

enter image description here

On your job, you just have to use the relevant labels, and the Docker plugin will create the relevant slave into a new container.

With the Docker plugin, Jenkins will spin-up a new slave in a few seconds. So even if you're using a pipeline with a lot of stages, it will work fine.

This is what I'm going to implement at Forgerock (my company):

  • 2 powerful bare metal machines (with SSD, 32 cores and 1 TB of RAM)
  • The Jenkins Docker plugin
  • Maven artifacts caching using Artifactory (to not download the internet)
  • The docker container will use a local Maven cache (so I'm sure to not use an old/odd Maven artefact)

I did a POC on a small bare metal machine and it works well :)

If you are using ephemeral slaves without Maven caching, it can become a problem regarding the performance.

Regarding the Jenkins plugins, there is a new one developed by Nicolas De Loof: Docker Slaves plugin.

I have to try this new plugin.

Bruno Lavit
  • 9,486
  • 2
  • 27
  • 37