Jenkins Helm Chart Configuration Parameters ¶

The Jenkins Helm Chart provides a wide array of configuration parameters that allow users to customize the deployment, management, and operational behavior of Jenkins on Kubernetes. These parameters are typically supplied via a values.yaml file^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].

Controller Configuration¶

The Jenkins Controller is the central service. Its configuration encompasses global settings, security, networking, and resources.

General and Naming¶

Naming: Use nameOverride or fullnameOverride to customize resource names^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. namespaceOverride can change the deployment namespace^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
Executor Settings: controller.numExecutors defines the number of executors (default is 0)^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. controller.executorMode sets the mode to NORMAL or EXCLUSIVE^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
URL Configuration: controller.jenkinsUrl sets the URL if not using the provided ingress^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. controller.jenkinsUrlProtocol defaults to https if TLS is enabled, otherwise http^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
Image: The controller image is configurable via controller.image, controller.tagLabel (default: jdk11), and controller.tag^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].

Security and Authentication¶

Admin Access: An admin user secret is created by default (controller.adminSecret: true)^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. Credentials can be sourced from an existing secret using controller.admin.existingSecret^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
CSRF: The default CSRF Crumb issuer is enabled (controller.csrf.defaultCrumbIssuer.enabled: true)^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
Container Security: Security contexts are managed via controller.containerSecurityContext and controller.podSecurityContextOverride^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].

Networking and Exposure¶

Service: The main service type defaults to ClusterIP on port 8080^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
Agent Listener: The listener for agents runs on port 50000 by default^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. It can be exposed via LoadBalancer or NodePort using controller.agentListenerServiceType^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
Ingress: Ingress is disabled by default but can be enabled and configured via controller.ingress^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].

Jenkins Configuration as Code (JCasC)¶

JCasC allows automating the Jenkins configuration. * Default Config: Enabled by default via controller.JCasC.defaultConfig^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. * Scripts: Custom configuration scripts are defined in controller.JCasC.configScripts^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. * Auto-Reload: A sidecar container can automatically reload configuration changes. It is enabled by default (controller.sidecars.configAutoReload.enabled: true) and requires RBAC to be enabled to function^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].

Plugins¶

Installation: The controller.installPlugins parameter lists the plugins to install (e.g., kubernetes, workflow-aggregator)^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. controller.additionalPlugins allows adding extra plugins^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
Updates: controller.initializeOnce prevents plugin updates on restarts if set to true^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. controller.installLatestPlugins controls whether the minimum required version or the latest version of dependencies is installed^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].

Agents¶

The chart configures the Kubernetes pod templates for build agents. * Defaults: The default agent image is jenkins/inbound-agent:4.11.2-4^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. Resources default to 512m CPU and 512Mi memory^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. * Pod Configuration: agent.containerCap limits the number of agents (default: 10)^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. agent.podRetention settings like idleMinutes allow pods to remain active for reuse^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. * Additional Agents: agent.podTemplates and additionalAgents allow defining multiple pod templates with different configurations^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].

Persistence and Backup¶

Persistence: A PersistentVolumeClaim (PVC) is enabled by default with a size of 8Gi and ReadWriteOnce access mode^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
Backup: A backup CronJob can be enabled (backup.enabled)^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. It supports destinations like S3 (backup.destination)^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].

RBAC and NetworkPolicy¶

RBAC: Creation of RBAC resources is enabled by default (rbac.create: true)^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. rbac.readSecrets controls whether the service account can read Kubernetes secrets^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].
NetworkPolicy: Network policies are disabled by default (networkPolicy.enabled: false)^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md]. When enabled, settings for internal and external agents can be configured^[400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md].

Sources¶

400-devops__06-Kubernetes__devops-helm__helm-jenkins__VALUES_SUMMARY.md

Jenkins Helm Chart Configuration Parameters¶