1. Jenkins vs. AWS CodePipeline
Rafael Schleetz Benvenuti & Steffen Gebert | 09.09.2019
Community Day 2019 Sponsors
2. @rafaelbenvenuti
@StGebert
Abstract
Who has not used Jenkins? Who does not have a love-hate relationship with it?
At EMnify, we are heavy Jenkins users, but we re also always considering alternatives
where hosted services could make our life easier.
Therefore, we recently - once again - looked at AWS CodePipeline and its friends
CodeCommit, CodeBuild, and CodeDeploy. In this talk, we will compare the current
state of the two ecosystems regarding their simplicity and flexibility for implementing
both trivial as well as complex pipelines. Further, we cover topics like: deployment,
maintenance, security, costs, and usability.
2
5. @rafaelbenvenuti
@StGebert
EMnify GmbH
• Cloud-based virtual mobile network operator (MVNO) focussed on IoT
• Provide global connectivity for IoT devices
• Running virtualized, self-developed mobile core on AWS
• Located in Würzburg & Berlin
• Technology stack: AWS, Terraform, Java, Akka, Perl, C++, Go
5
7. @rafaelbenvenuti
@StGebert
Running Jenkins
• Jenkins Master
• EC2 instance, ECS+EFS, or EKS, Fargate (requires RWO file system)
• Recommendation: run it in Docker and include your plugins
• Build Agents
• Optional J (building on master is usually a bad idea)
• EC2 spot (using ec2 plugin) or EKS (using kubernetes plugin)
7
38. @rafaelbenvenuti
@StGebert
Access Control
• Jenkins
• Users and groups, built-in or via
SSO/OAuth
• Per-project/folder permissions
38
• CodePipeline
• IAM users and roles
• Configure and run permissions
AWS Identity and Access
Management
42. @rafaelbenvenuti
@StGebert
CodeBuild Build Environments
• A CodeBuild build environment represents a combination of:
• operating system / programming language runtime / set of tools
• Essentially, a build environment definition is a Docker Image
• You can use Docker images stored in:
• The Official Codebuild Image Repository
• AWS ECR Repositories
• DockerHub
55. @rafaelbenvenuti
@StGebert
Getting Input
• Input step
• Simple approval
• Values/text can be dynamically computed
• During pipeline execution
• Jenkins Parametrized build
• Only supplied with job execution
• Can come from other job / via POST
55
57. @rafaelbenvenuti
@StGebert
Jenkins Scripted Pipelines
• More power compared to Declarative Pipelines
• Full Groovy power
• Control/data structures
• Classes
• Variable assignment
• Groovy errors only triggered during execution
• Build error handling up to user (try/catch)
• Greater flexibility in build agent allocation
• Declarative: use script{} for super powers
• Shared libraries to maintain custom steps
57
68. @rafaelbenvenuti
@StGebert
Summary & Conclusion
• Right tool depends on your situation and requirements - still in 2019
• Accepting that not everything is covered by one tool makes change easier
• Integrating both allows
• Getting the best of both
• Cheaper solution
• Smoother migration
• Tip: Try CodeDeploy, it looks pretty interesting
68