On Fri, Jul 12, 2013 at 7:06 PM, Ramith Jayasinghe <ram...@wso2.com> wrote:
> Hi, > I have been looking at possible ways to achieve the $subject. > > And here's one possible way of achieving this. > > Basis of this approach is to deploy jenkins as a web application on our > Application Server ( -- I tested this) [1]. > > There couple aspects we need to think about : > 1. Tenant Creation > 2. Authentication and authorization > 3. Building Jobs. > 4. Load balancing and HA > * > Tenant Creation* > Now suppose user creates a organization/tenant xyz on Appfactory. > Appfactory could either : > 1. Deploy jenkins onto the xyz tenant Or > This will work as each tenant gets its own classloader. > 2. Deploy jenkins on super tenant. With this approach we have to rename > jenkins.war (possibly to xyz.war) to make this jenkins instance different > from others. > This will not work as jenkins uses lot of singletons.So we need seperate class loader for web app > > With either way each jenkins instance needs to be provided with a its own > JENKINS_HOME. > This can be achieved via adding a context.xml file with content similar > to following to jenkins.war distribution ( specifically into META-INF) > > <Context> > <Environment name="JENKINS_HOME" value="${J_HOMES}/xyz" > type="java.lang.String"/> > </Context> > > $J_HOMES refers to a directory in file system and supplied as a system > variable during the server start up etc. > 'xyz' sub-directory has to be created and filled with configurations, > plugins etc before deploying the webapp. > > Configuration that needs to go into this folder are typically related to > maven,jdks, plugins etc. ( can puppet be of use to automate all this?) > It is not good to have modified config for each tenants. Whenever we need enable failover node we need to get these modified files.But if we have a one war file(with configs) that can be used regardless of tenants ,then that is very scalable.I think it is possible because there is no tenant specific configurations(the config for tenant 1 and 2 ideally same). > * > **Note:* I already came across an issue where content in conext.xml is > not visible to jenkins.war when deployed onto a tenant ( maybe a bug in AS > ?) > Did you try to set homepath as jndi variable.It seems that they are using jndi to supply the value.We have changed the JNDI factory for AS.So we need to write a Servlet Context listener and set the Jenkins path as jndi value. > * > Authentication & Authorization* > > We could use Jenkins LDAP (may be with some modifications) plugin based > on the requirement or we might have to change current authentication plugin > [2] we wrote for jenkins. > Further, I think with above approach we still can use the role strategy > plugin [3] that's currently in use. Jenkins going to run in carbon environment so you can get user manager through carbon context. > * > Building Jobs* > > Master nodes ( - deployed on AS) should not run build jobs. > Instead these should be delegated to a pool of jenkins slaves [4][5]. We > need to figure out a scheme on how to do this. > > *Load balancing and HA * > > Deploying and testing jenkins on a AS cluster should be the starting point > to figure out this whole approach would scale. > In jenkins world we can not cluster master.We can only set up failover to master and offload the build to slaves.There is a one to many connection between a master and slaves.If one slave is assigned to a master it can not be assign to other master.As a solution we can have pool of slaves and assign slave on demand(when ever a build is trickered ) and return to the pool after finishing job. Starting point may be jenkins Swarm plugin.We can't use it out of the box but we have to modify the plugin to support the multi master shared slaves deployment. > > > [1] https://wiki.jenkins-ci.org/display/JENKINS/Tomcat > [2] > https://svn.wso2.org/repos/wso2/carbon/platform/branches/4.1.0/products/appfactory/1.0.0/modules/webapps/appfactory-authentication-plugin > [3] > https://svn.wso2.org/repos/wso2/carbon/platform/branches/4.1.0/dependencies/jenkins-ci/role-strategy-plugin/1.1.3-wso2v2 > [4] https://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds > [5] > https://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds#Distributedbuilds-RunningMultipleSlavesontheSameMachine > > > -- > Ramith Jayasinghe > Technical Lead > WSO2 Inc., http://wso2.com > lean.enterprise.middleware > > E: ram...@wso2.com > > > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- ajanthan -- Ajanthan Balachandiran Senior Software Engineer; Solutions Technologies Team ;WSO2, Inc.; http://wso2.com/ email: ajanthan <http://goog_595075977>@wso2.com; cell: +94775581497 blog: http://bkayts.blogspot.com/ Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture