An Exercise in Docker Swarm – Pt. 3 Load Balancing Jenkins with Failover Capabilities

Posted on by Patrick Connolly

In the last article, we set up Grafana to run on our Swarm with Failover as needed. This is extremely useful and can be applied to other technologies as well.

We are going to be setting this up a little differently to show what we can do. Instead of using the Swarm Nginx containers, we are going to use the Nginx that provides SSL termination to load balance directly to the node running Jenkins. This gives us a picture that looks like this.

Considering that we don’t know which node Jenkins will be running on, we will configure Nginx to use Round Robin to find it and pass our requests along. Let’s look at the configuration for Nginx now.

upstream jenkins {
  server laptop001.local:8080;
  server laptop002.local:8080;
}
server {
  listen  443 ssl;
  server_name  <target_url>;
  ssl_certificate     /etc/letsencrypt/live/<domain>/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem;
  location / {
    proxy_pass http://jenkins;
    proxy_set_header Host $http_host;
  }
}

As we can see we are looking at the upstream laptops in our swarm and letting Nginx find which one is the correct one to resolve to. Next we can adjust our Swarm configuration yaml file to include the Jenkins information.

version: "3.8"
services:
  jenkins:
    image: jenkins/jenkins:lts-almalinux
    restart: always
    ports:
      - "8080:8080"
    volumes:
      - /mnt/share/jenkins-data:/var/jenkins_home
    networks:
      - host


networks:
  host:

As Grafana and the Nginx containers are out of scope of this article, they have been removed from the yaml configuration for this example. Now we can start our Jenkins instance.

I will not go through the steps to initially gain access to Jenkins, but one piece of configuration needs to be noted. In Manage Jenkins > Configure Global Security > CSRF Protection we need to set “Enable proxy compatibility” to true by ticking the check box. This will eliminate any 403 errors that may occur. At this point we should be able to add Executors and create jobs as needed. We can also test the failover capabilities by setting the Swarm node running the container to “drain”.

One thing of note is that during the failover period you will have a brief moment of downtime as the container needs to restart. This is to be expected as Jenkins architecture is designed to read from a flat XML file to run. This setup however will bring us as close as we are able to get to a High Availability Jenkins setup.

This concludes the exercise for today.

Share and Enjoy !

Shares

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share