Blog author: Nicolas De Loof, CloudBees
CloudBees Nectar is an enterprise-level, customized version of open source Jenkins. Nectar and Jenkins share the same code base, but Nectar has a distinct release cycle. CloudBees releases a major Nectar version every six months, with long term (18 month) support and backward compatible bug fixes. The release builds on top of Jenkins with additional testing of the CloudBees plugins. Select bug fixes from open source Jenkins are back-ported to Nectar during the support period. Nectar subscribers also receive patches every six weeks. This predictable cadence of patches for critical issues provides a mechanism for organizations to maintain a stable Nectar installation. With Nectar, an enterprise can build its software factory with a robust, reliable, and well-supported continuous integration server.
Nectar also provides enterprise-level features as custom plugins, such as role based access control (RBAC), hierarchical folders to organize jobs on large c.i. servers, VMware ESXi auto-scaling, advanced backup scheduling, throttled build execution on virtual machines, and Wikitext description.
Let’s briefly explore each of these plugins:
Role Based Access Control (RBAC)
Nectar administrators can define roles (a set of permissions) and let project team leaders give developers appropriate roles. Compared to standard access control, which requires an administrator to review a large set of checkboxes for each user, or to LDAP / Active Directory integration that requires definition of fine grained c.i. permissions in a centralized directory, the RBAC plugin allows access management to be configured in a more concise and productive way. The RBAC plugin is one of the most sophisticated authorization plugins on the market.
Hierarchical Folders to Organize Jobs on Large C.I. Servers
Some c.i. servers host hundreds or even thousands of jobs. In such instances, organizing jobs is a requirement for usability. The folder plugin allows you to group jobs into hierarchical folders, and manage them as a unique item, as you already do with filesystem folders. Cloning folders or defining folder-level properties allows you to simplify workflow management on code branching.
VMware ESXi Auto-Scaling
On VMware infrastructure, this plugin allows you to assign VMs to the software factory as c.i. agents. You can configure within your infrastructure a set of VMs, all being identical (not dedicated to a job). The VMware plugin will then pool those VMs, and associate them to jobs that require a VM during build. The plugin can control the VM state, power-on VM before being used by a job and power-off after use, but also revert to a previous snapshot state. This is useful when such VMs are setup with the enterprise standard Java platform configuration. Each build will then get a clean, standardized VM.
Advanced Backup Scheduling
When c.i. is the center of your workflow, backing it up becomes a crucial task. The advanced backup plugin allows you to manage backups directly from Nectar, and especially to fine-grained define what needs to get backed up: only jobs configuration, also recorded build results, or system configuration - including installed plugins. The plugin also allows you to define the backup target, as a dedicated backup directory or an SCP server.
Throttled Build Execution on Virtual Machines
With virtualization, we get used to creating more and more VMs, expecting the hypervisor to balance physical resources. When we define 10 agent VMs for a c.i. server with 2 executors each, the underlying virtualized system may not be able to run more than 8 in parallel, depending on its physical resources. Defining more VMs will only create more context switch and swap, and make the whole system less efficient. The Nectar plugin allows you to define the physical limit to a group of agents that you know will run on the same physical system. You can then define as many agent VMs as needed with various configurations (for example, to test your application on various OS in a matrix job) but not overload the hypervisor.
User Friendly Wikitext Descriptions
In open source Jenkins, descriptions are written in raw HTML. This is not really pleasant to write and can introduce XSS vulnerability. Wikitext allows you to switch editors to a Wiki syntax that is more intuitive to write and limits the set of HTML tags in descriptions to safe formatting-only ones.