In this guide, we’ll walk through deploying Jenkins on Amazon EKS with persistent storage backed by AWS EFS using the CSI driver. This setup ensures scalable, durable, and shared storage for Jenkins builds.
Step 1: Install AWS EFS CSI Driver
kubectl apply -k "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/?ref=master"
Step 2: Set Up AWS Resources
Get VPC ID
aws eks describe-cluster \
--name hulk-santhosh-cluster \
--query "cluster.resourcesVpcConfig.vpcId" \
--output text \
--region ap-south-1
Get VPC CIDR Range
aws ec2 describe-vpcs \
--vpc-ids vpc-07937adc3227e4b54 \
--query "Vpcs[].CidrBlock" \
--output text \
--region ap-south-1
Create Security Group
aws ec2 create-security-group \
--description efs-test-sg \
--group-name efs-sg \
--vpc-id vpc-07937adc3227e4b54 \
--region ap-south-1
Authorize Ingress
aws ec2 authorize-security-group-ingress \
--group-id sg-0be281b6c437376c5 \
--protocol tcp \
--port 2049 \
--cidr 192.168.0.0/16
Step 3: Create EFS File System
aws efs create-file-system \
--creation-token eks-efs \
--region ap-south-1
Create Mount Target
aws efs create-mount-target \
--file-system-id fs-04ec113cee81e30b2 \
--subnet-id subnet-0a6d27e06ff1e24ed \
--security-group sg-0be281b6c437376c5
Step 4: Kubernetes Storage Setup
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins
spec:
capacity:
storage: 5Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: efs-sc
csi:
driver: efs.csi.aws.com
volumeHandle: fs-04ec113cee81e30b2
PersistentVolumeClaim
`
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-claim
spec:
accessModes:
- ReadWriteMany
storageClassName: efs-sc
resources:
requests:
storage: 5Gi
`
Step 5: RBAC for Jenkins
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jenkins
rules:
# Add relevant rules here
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: jenkins
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: jenkins
subjects:
- kind: ServiceAccount
name: jenkins
namespace: jenkins
Step 6: Jenkins Service
apiVersion: v1
kind: Service
metadata:
name: jenkins
labels:
app: jenkins
spec:
type: ClusterIP
ports:
- name: ui
port: 8080
targetPort: 8080
- name: slave
port: 50000
- name: http
port: 80
targetPort: 8080
selector:
app: jenkins
Step 7: Jenkins Deployment
`
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: jenkins
labels:
app: jenkins
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
securityContext:
fsGroup: 1000
initContainers:
- name: volume-permission-fix
image: busybox
command: ["sh", "-c", "chown -R 1000:1000 /var/jenkins_home"]
securityContext:
runAsUser: 0
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
containers:
- name: jenkins
image: jenkins/jenkins:lts
ports:
- containerPort: 8080
- containerPort: 50000
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
volumes:
- name: jenkins-home
persistentVolumeClaim:
claimName: jenkins-claim
`
Step 8: Jenkins Credentials
kubectl exec -it <jenkins-pod-name> -n jenkins -- cat /var/jenkins_home/secrets/initialAdminPassword
Step 9: Service Account Token
apiVersion: v1
kind: Secret
metadata:
name: jenkins-token
namespace: jenkins
annotations:
kubernetes.io/service-account.name: jenkins
type: kubernetes.io/service-account-token
Step 10: Configure Jenkins Kubernetes Cloud
Kubernetes URL: https://kubernetes.default.svc.cluster.local
Namespace: jenkins
Credentials: Service account token
Jenkins URL: http://jenkins.jenkins.svc.cluster.local:8080
Jenkins Tunnel: jenkins.jenkins.svc.cluster.local:50000
Test connection — it should say Connected to Kubernetes.
Pod Template for Jenkins Agents
Name: jenkins-agent
Namespace: jenkins
Labels: jenkins-agent
Usage: Only build jobs with matching label
Container Template
Name: jnlp
Image: jenkins/inbound-agent:latest
Working Dir: /home/jenkins/agent
Allocate pseudo-TTY:
Top comments (0)