softwaredevelopment100589072orig

Jenkins 2 addresses ease and security, not scalability

Jenkins 2, an upgrade to the popular continuous integration and delivery platform for software development projects, will formally debut Tuesday with improvements to usability and security. But scalability, which has been a thorn in the side of Jenkins, will have to wait for now.

Jenkins 2 emphasizes the use of coding pipelines and suggested configurations, and provides security by default. It will have a set of suggested plug-ins so that users don't need to become Jenkins experts before using the software, said R. Tyler Croy, Jenkins project member and CloudBees community evangelist. Additionally, a list of suggested plug-ins, such as Git, is provided to help up set up the platform.

Rival CI/CD vendors CircleCI and Atlassian see their own technologies as more scalable alternative to Jenkins. As application development teams start speeding up delivery to customers, this increases the load on infrastructure, and Jenkins wasn't really built for it, said Jim Rose, CEO of CircleCI. Instead, Jenkins is managed at the server level, with plug-ins added, so the only way to scale it is to load more versions. A development team then has to manage different deployment pipelines.

Asked about CircleCI's criticism, Croy acknowledged a scalabilty challenge for the Jenkins master. Scaling, however, will be addressed after the 2.0 release. We don't see it [as an issue] for the vast majority of Jenkins users," he said, as the feature affects only very large installations, such as Yahoo or Google, with more than 3,000 or 4,000 jobs running as many as hundreds of thousands of job executions per day. They have had to partition out Jenkins to achieve scalability, but users have the option of deploying SaaS-based versions of Jenkins to help with scalablity and managing multiple Jenkins instances.

For now, the Jenkins upgrade focuses on coding pipelines. This feature enables users to define the full CD pipeline in a piece of code that can be checked into a Git or Subversion repository. Croy considers pipeline-as-code a third interface for interacting with Jenkins, along with Web and command-line interfaces.

Security is critical in version 2.0 as well. "When Jenkins comes up, it comes up secure right out the box, so no one else can configure your Jenkins for you," Croy said. A built-in admin capability is enabled already so that only an administrator can administer the platform.

The challenge with security and build servers in general is users want to automate the build, test, and deploy pipelines, so a build server has to have a privileged level of access. Security by default is encouraged, and precautions need to be taken with continuous delivery to avoid shipping of bad or insecure code, Croy said.

Version 2.0 has more documentation and will be made more user-friendly. "When I go to conferences, [lack of user-friendliness] is probably the number thing that I hear about," said Croy.

Now a staple of devops, Jenkins was forked out of the Hudson project after Oracle bought Sun Microsystems, where Hudson was founded.

IDG Insider

PREVIOUS ARTICLE

« MacBook 2016 review: Ultraportable laptop satisfies with speed gains

NEXT ARTICLE

Nokia to buy connected health gadgets firm Withings for $191 million »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?