Skip to main content
Jenkins Pipeline
CHAPTER 13

Jenkins and Kubernetes

Updated: May 15, 2026
25 min read

# CHAPTER 13

Jenkins and Kubernetes

1. Introduction

As organizations grow, a single Jenkins server quickly becomes overwhelmed. If 50 developers commit code at the same time, a traditional Jenkins server will queue the jobs, and developers might wait hours for their tests to finish. The modern solution to this scaling problem is Kubernetes (K8s). Kubernetes is a container orchestration platform that manages thousands of Docker containers across a cluster of servers. By integrating Jenkins with Kubernetes, we achieve infinite, on-demand scaling. In this chapter, we will explore how Jenkins utilizes Kubernetes to spin up temporary build agents and how Jenkins deploys applications into a Kubernetes cluster.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Understand the limitations of static Jenkins build nodes.
  • Define the concept of ephemeral Kubernetes Build Agents.
  • Configure a Jenkinsfile to run pods dynamically in Kubernetes.
  • Understand how Jenkins authenticates with a Kubernetes cluster.
  • Conceptualize a deployment workflow to Kubernetes using kubectl or Helm.

3. Beginner-Friendly Explanation

Imagine a busy restaurant kitchen.
  • Traditional Jenkins: You have exactly 3 chefs. If 50 orders come in at once, the 3 chefs work as fast as they can, but the 47 other orders sit in a queue waiting. Customers get angry.
  • Jenkins on Kubernetes: You have a magical kitchen. When 50 orders come in, you snap your fingers and 47 temporary chefs instantly appear, cook the meals in parallel, and then instantly vanish. No one waits.

Kubernetes provides Jenkins with "temporary chefs" (Pods) exactly when needed, ensuring builds never queue up.

4. Ephemeral Build Agents

In a Kubernetes environment, the main Jenkins server (The Controller) does no actual building. It just manages the schedule. When a developer pushes code, Jenkins talks to the Kubernetes cluster and says: "I need a Pod containing Node.js and a Pod containing PHP right now." Kubernetes spins up these containers in seconds. Jenkins sends the code to them, they run the tests, and when the pipeline finishes, Kubernetes permanently deletes the Pods. Benefits:
  • Zero Queueing: Infinite parallelism.
  • Cost Efficiency: You only pay for the cloud compute power during the 2 minutes the test is running.

5. Writing a Kubernetes Pipeline

To run inside Kubernetes, we change the agent block in our Jenkinsfile to use kubernetes.
groovy
12345678910111213141516171819202122232425262728 
pipeline {
    agent {
        kubernetes {
            // Define the exact containers we need for this build
            yaml '''
            apiVersion: v1
            kind: Pod
            spec:
              containers:
              - name: php
                image: php:8.1-cli
                command: ['cat']
                tty: true
            '''
        }
    }
    stages {
        stage('Test') {
            steps {
                // Tell Jenkins to run this step specifically inside the 'php' container we defined above
                container('php') {
                    sh 'php -v'
                    sh './vendor/bin/phpunit'
                }
            }
        }
    }
}

6. Deploying TO Kubernetes

Not only does Jenkins run *inside* Kubernetes, its primary job is often deploying the final application *to* Kubernetes. Once Jenkins builds the Docker image and pushes it to Docker Hub, it must tell the Kubernetes cluster to update the live website.

The Workflow:

  1. 1. Jenkins uses a tool called kubectl (the Kubernetes command-line tool).
  1. 2. Jenkins authenticates to the cluster using a secure "Service Account" token.
  1. 3. Jenkins runs: kubectl set image deployment/my-app my-app=my-company/my-app:v42.
  1. 4. Kubernetes handles the Zero-Downtime Blue/Green deployment automatically.

7. Mini Project: Run Jenkins Builds in Kubernetes Concept

Let's look at the deployment stage to K8s.

Step-by-Step Pipeline Concept:

groovy
12345678910111213 
stage('Deploy to K8s') {
    steps {
        // Use a secure credential block to load the K8s config file (kubeconfig)
        withKubeConfig([credentialsId: 'k8s-prod-cluster-token']) {
            echo 'Updating Kubernetes Deployment...'
            // Apply a YAML file that contains our infrastructure definitions
            sh 'kubectl apply -f k8s/deployment.yaml'
            
            // Wait for Kubernetes to finish rolling out the new pods
            sh 'kubectl rollout status deployment/my-php-app'
        }
    }
}

8. Real-World Scenarios

A gaming company launched a highly anticipated multiplayer game. On launch day, the developers were pushing hotfixes every 10 minutes to fix server crashes. Because their Jenkins server used a fixed set of 5 worker nodes, the hotfix builds queued up for 45 minutes, leaving the game broken for millions of players. They migrated Jenkins to Kubernetes. The next time they pushed a hotfix, Kubernetes instantly spun up 50 temporary build pods, compiled the game server code in parallel, and deployed the fix in under 3 minutes, saving the launch.

9. Best Practices

  • Helm over Kubectl: While kubectl apply is great for beginners, enterprise teams deploy to Kubernetes using Helm (a package manager for K8s). Helm allows you to template your YAML files, making it easy to deploy the exact same application to a "Staging" cluster and a "Production" cluster just by changing a few variables in Jenkins.

10. Security Recommendations

  • RBAC for Jenkins: When Jenkins deploys to Kubernetes, it needs a "Service Account." Never give this account "Cluster Admin" rights. Use Kubernetes Role-Based Access Control (RBAC) to ensure Jenkins only has permission to update the specific namespace (e.g., frontend-app) it is responsible for, preventing Jenkins from accidentally deleting the database pods.

11. Exercises

  1. 1. Explain the operational benefit of "ephemeral" build agents in Kubernetes compared to static, permanent Jenkins worker servers.
  1. 2. What is the command-line tool Jenkins uses to send deployment instructions to a Kubernetes cluster?

12. FAQs

Q: Do I have to install Jenkins Controller inside Kubernetes to use Kubernetes agents? A: No. You can have a traditional Jenkins server running on an EC2 instance that talks to a remote Kubernetes cluster to spin up agents. However, running the Jenkins Controller itself inside Kubernetes is a popular best practice for high availability.

13. Interview Questions

  • Q: Describe the architectural workflow of a Jenkins pipeline utilizing the Kubernetes plugin to provision dynamic pod agents. How does the Jenkinsfile define the pod specification?
  • Q: A pipeline successfully builds a Docker image and must deploy it to a production Kubernetes cluster. Explain how you would configure Jenkins to authenticate with the cluster securely without hardcoding kubeconfig files in the source code.

14. Summary

In Chapter 13, we addressed the massive scaling requirements of modern enterprises. We integrated Jenkins with Kubernetes to eliminate build queues, utilizing the cloud to spin up ephemeral, disposable build agents on demand. We examined the YAML syntax required to define these temporary environments within the Jenkinsfile. Finally, we conceptualized the deployment phase, using kubectl to seamlessly push containerized applications into highly available Kubernetes clusters.

15. Next Chapter Recommendation

We have introduced powerful integrations like Docker and Kubernetes, which require high-level passwords and tokens. How do we store these secrets without getting hacked? Proceed to Chapter 14: Security Best Practices in Jenkins.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter Deploying Applications with Jenkins
Next Chapter Security Best Practices in Jenkins

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 4

Related Quizzes 5