Tech - 09/02/2017
On Monday, 6th February 2017 we had our first Jenkins Area Meetup in Munich. We were quite surprised how many local experts are around here. They even came from Ingolstadt just to join the JAM Kickoff. One of the main goals for us was to find out what the attendees are interested in. Besides the obvious social networking part to share and learn about Jenkins technologies, we asked what they would love to hear about in further JAM Sessions. Here are the results:
People were also highly interested in some specific workshops for Jenkins Job DSL and our own Framework “V-DSL”. Please stay tuned until we can release it into the wild under an Open-Source licence. To get a sneak peak about what we did, check out the slides and presentation on Rule Jenkins with Configuration as Code in the meanwhile. Another topic was advice about how to build a rock stable Jenkins environment.
Startup Jenkins with specific JVM options and System Properties
-Xms4096m -Xmx4096m -XX:NewSize=2048m -XX:MaxNewSize=2048m -XX:ParallelGCThreads=4 -XX:ConcGCThreads=4 -Dhudson.slaves.ChannelPinger.pingInterval=-1
This is the base setup you should go with. 4 gigs of RAM should be enough for any use case, nothing more. If you are interested in the details here, check out another great Jenkins talk: So, You Want to Build the World’s Biggest Jenkins Cluster? Keep in mind, that if you encounter significant performance decrease, activate JMX in order to keep an eye on your JVM running Jenkins. To generally enhance your overall Jenkins experience is setting proper System Properties. Check out the complete list to see what is possible. For example:
The most significant one we stumbled upon was a fix for a major groovy memory leak. This is fixed in groovy version 2.4.8, but unfortunately, Jenkins core runs 2.4.7 in the current LTS version (v2.32.2). We recommend to set the following startup parameter as a workaround if you are excessively running groovy scripts (e.g. DSL or pipeline)
Have full control on other system settings with Post-initialization scripts
The simplest example can be found in the documentation, but this opens up a lot of other possibilities too. For example we heavily struggled with Jenkins SECURITY-170, where arbitrary build parameters were disabled. Either you enable them back one by one, or you are aware of the risks and enable them back again and migrate affected jobs calmly. Same thing with Jenkins SECURITY-95. If you struggle with displaying issues with e.g. internally scripted tooling for Jenkins expand the Context Security Policy settings accordingly, or disable them. Keep in mind that simply disabling these security features on an internet facing Jenkins environment is a bad idea obviously.
// SECURITY-170 System.setProperty('hudson.model.ParametersAction.keepUndefinedParameters', 'true') // SECURITY-95 System.setProperty('hudson.model.DirectoryBrowserSupport.CSP', '')
Update on Static Code Analysis Plug-ins
For the second talk, we had special guest Prof. Dr. Ullrich Hafner from the University of applied sciences Munich, who is the maintainer of the Static Code Analysis Plugin. He started developing this plugin round about 10 years ago and gave us a small forecast what might come up in the next 10 years, depending on personal time and engagement of his students working on bachelor and master thesises on this topic. Upcoming in one of the next releases is for example an improved recognition of warnings based on Abstract Syntax Tree comparison. Also a more modern warnings report view in Jenkins is planned. Please report any bugs on Jenkins bugtracker and do not hesitate to raise pull requests.
A big “Thank you” to all who joined the JAM Kickoff. Many interesting talks took place especially after the keynotes and we are looking forward to host the next Meetup soon. Join the JAM Meetup and follow us on Twitter.
Christian & Markus