How to install Jenkins Operator

This document describes installation procedure for Jenkins Operator. All container images can be found at virtuslab/jenkins-operator


To run Jenkins Operator, you will need:

  • access to a Kubernetes cluster version 1.11+

  • kubectl version 1.11+

Configure Custom Resource Definition

Install Jenkins Custom Resource Definition:

kubectl apply -f

Deploy Jenkins Operator

There are two ways to deploy the Jenkins Operator.

Using YAML’s

Apply Service Account and RBAC roles:

kubectl apply -f

Watch Jenkins Operator instance being created:

kubectl get pods -w

Now Jenkins Operator should be up and running in the default namespace.

Using Helm Chart

There is a option to use Helm to install the operator. It requires the Helm 3+ for deployment.

Create a namespace for the operator:

$ kubectl create namespace <your-namespace>

To install, you need only to type these commands:

$ helm repo add jenkins
$ helm install <name> jenkins/jenkins-operator -n <your-namespace>

In case you want to use released Chart v0.4.1, before installing/upgrading please install additional CRD into the cluster:

$ kubectl apply -f

To add custom labels and annotations, you can use values.yaml file or pass them into helm install command, e.g.:

$ helm install <name> jenkins/jenkins-operator -n <your-namespace> --set jenkins.labels.LabelKey=LabelValue,jenkins.annotations.AnnotationKey=AnnotationValue

You can further customize Jenkins using values.yaml:

Jenkins instance configuration

Field Default value Description

operator is section for configuring operator deployment

enabled true Enabled can enable or disable the Jenkins instance. Set to false if you have configured CR already and/or you want to deploy an operator only.
apiVersion Version of the CR manifest. The recommended and default value is More info
name jenkins Name of resource. The pod name will be jenkins-<name> (name will be set as suffix).
namespace default Namespace the resources will be deployed to. It's not recommended to use default namespace. Create new namespace for jenkins (e.g. kubectl create -n jenkins)
labels {} Labels are injected into metadata labels field.
annotations {} Annotations are injected into metadata annotations field.
image jenkins/jenkins:lts Image is the name (and tag) of the Jenkins instance. It's recommended to use LTS (tag: "lts") version.
env [] Env contains jenkins container environment variables.
imagePullPolicy Always Defines policy for pulling images
priorityClassName "" PriorityClassName indicates the importance of a Pod relative to other Pods. More info
disableCSRFProtection false disableCSRFProtection can enable or disable operator built-in CSRF protection. Set it to true if you are using OpenShift Jenkins Plugin. More info
imagePullSecrets [] Used if you want to pull images from private repository More info
notifications [] Notifications is feature that notify user about Jenkins reconcilation status More info
- name: kubernetes
  version: "1.25.2"
- name: workflow-job
  version: "2.39"
- name: workflow-aggregator
  version: "2.6"
- name: git
  version: "4.2.2"
- name: job-dsl
  version: "1.77"
- name: configuration-as-code
  version: "1.38"
- name: kubernetes-credentials
  version: "0.13"
Plugins installed and required by the operator shouldn't contain plugins defined by user You can change their versions here More info
plugins [] Plugins required by the user. You can define plugins here. More info Example:
 - name: simple-theme-plugin
   version: 0.5.1
seedJobs [] Placeholder for jenkins seed jobs For seed job creation tutorial, check:
Prepare seed jobs
Configure seed jobs
- id: jenkins-operator
  targets: "cicd/jobs/*.jenkins"
  description: "Jenkins Operator repository"
  repositoryBranch: master
  cpu: 1500m
  memory: 3Gi
  cpu: 1
  memory: 500M
Resource limit/request for Jenkins More info
- name: backup
    claimName: jenkins-backup
Volumes used by Jenkins By default, we are only using PVC volume for storing backups.
volumeMounts [] volumeMounts are mounts for Jenkins pod.
securityContext runAsUser: 1000 fsGroup: 1000 SecurityContext for pod.
service not implemented Http Jenkins service. See for details.
slaveService not implemented Slave Jenkins service. See for details.
  failureThreshold: 12
    path: /login
    port: http
    scheme: HTTP
  initialDelaySeconds: 80
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 5
livenessProbe for Pod
  failureThreshold: 3
    path: /login
    port: http
    scheme: HTTP
  initialDelaySeconds: 30
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 1
readinessProbe for Pod


Backup is section for configuring operator's backup feature By default backup feature is enabled and pre-configured This section simplifies the configuration described here: Configure backup and restore For customization tips see Custom backup and restore


Section where we can configure Jenkins instance. See Customization for details

Configuring operator deployment

Field Default value Description

operator is section for configuring operator deployment

1 Number of Replicas.
image virtuslab/jenkins-operator:v0.4.0 Name (and tag) of the Jenkins Operator image.
imagePullPolicy IfNotPresent Defines policy for pulling images.
imagePullSecrets [] Used if you want to pull images from private repository.
nameOverride "" nameOverride overrides the app name.
fullnameOverride "" fullnameOverride overrides the deployment name
resources {}
nodeSelector {}
tolerations {}
affinity {}


(Appears on: JenkinsConfiguration)

Backup defines configuration of Jenkins backup.

Field Default value Description
enabled true Enabled is enable/disable switch for backup feature.
image virtuslab/jenkins-operator-backup-pvc:v0.0.8 Image used by backup feature.
containerName backup Backup container name.
interval 30 Defines how often make backup in seconds.
makeBackupBeforePodDeletion true When enabled will make backup before pod deletion.
backupCommand /home/user/bin/ Backup container command.
restoreCommand /home/user/bin/ Backup restore command.

Persistent Volume Claim Kubernetes resource

enabled true Enable/disable switch for PVC
enabled true Enable/disable switch for PVC
size 5Gi Size of PVC
className "" StorageClassName for PVC More info
- name: BACKUP_DIR
  value: /backup
  value: /jenkins-home
  value: "3"
Contains container environment variables. PVC backup provider handles these variables:
BACKUP_DIR - path for storing backup files (default: "/backup")
JENKINS_HOME - path to jenkins home (default: "/jenkins-home")
BACKUP_COUNT - define how much recent backups will be kept
- name: jenkins-home
  mountPath: /jenkins-home
- mountPath: /backup
  name: backup
Holds the mount points for volumes.


(Appears on: Jenkins instance configuration)

Field Default value Description
configurationAsCode {} ConfigurationAsCode defines configuration of Jenkins customization via Configuration as Code Jenkins plugin. Example:
- configMapName: jenkins-casc
  content: {}
groovyScripts {} GroovyScripts defines configuration of Jenkins customization via groovy scripts. Example:
- configMapName: jenkins-gs
  content: {}
secretRefName “” secretRefName of existing secret (previously created).
secretData {} If secretRefName is empty, secretData creates new secret and fills with data provided in secretData.

Last modified October 5, 2020