Published May 20, 2026 by with 0 comment

Safe Jenkins Node Migration from RHEL 8 to Rocky Linux 9

This post walks through the environment setup and migration simulation process for Jenkins nodes moving from RHEL 8 to Rocky Linux 9

Environment

IPHostnameOSKeterangan
10.20.0.210le-jenkins-masterRHEL 8Jenkins Master
10.20.0.211le-jenkins-slave01RHEL 8Slave 1 (lama)
10.20.0.212le-jenkins-slave02RHEL 8Slave 2 (lama)
10.20.0.213le-jenkins-slave02Rocky 9Slave baru (akan pakai IP 10.20.0.212)

Jenkins UI: http://10.20.0.210:8080

Step 1 — Setup Jenkins Master

subscription-manager register
dnf update -y
reboot

Install Java


# Java 17
dnf install -y \
  java-17-openjdk-17.0.15.0.6-2.el8.x86_64 \
  java-17-openjdk-devel-17.0.15.0.6-2.el8.x86_64 \
  java-17-openjdk-headless-17.0.15.0.6-2.el8.x86_64

# Pilih versi Java aktif
alternatives --config java

Install Jenkins

wget https://get.jenkins.io/redhat-stable/jenkins-2.492.3-1.1.noarch.rpm
rpm -ivh jenkins-2.492.3-1.1.noarch.rpm

# Verifikasi
rpm -qa | grep jenkins

systemctl enable --now jenkins

Konfigurasi Firewall

firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --permanent --add-port=50000/tcp
firewall-cmd --reload

Ambil Initial Password

cat /var/lib/jenkins/secrets/initialAdminPassword

Akses UI Jenkins di: http://10.20.0.210:8080

Step 2 — Setup Jenkins Slave (RHEL 8)

subscription-manager register
dnf update -y
reboot

Install Java


# Java 17
dnf install -y \
  java-17-openjdk-17.0.15.0.6-2.el8.x86_64 \
  java-17-openjdk-devel-17.0.15.0.6-2.el8.x86_64 \
  java-17-openjdk-headless-17.0.15.0.6-2.el8.x86_64

# Set Java aktif ke versi 17
alternatives --config java

Buat User & Direktori Kerja

# Buat user dengan UID fixed
useradd -u 1500 -m -d /home/jenkins-remote -s /bin/bash jenkins-remote
passwd jenkins-remote        # contoh: Jenkins123!

# Buat working directory
mkdir -p /data/jenkins-slave
chown -R jenkins-remote:jenkins-remote /data/

# Buat file penanda (untuk verifikasi nanti)
echo "RHEL8 - $(hostname)" > /data/jenkins-slave/server-info.txt

Aktifkan SSH & Firewall

systemctl enable --now sshd
firewall-cmd --permanent --add-service=ssh
firewall-cmd --reload

Verifikasi

sudo -u jenkins-remote java -version
id jenkins-remote

Step 3 — Setup Jenkins Slave (Rocky Linux 9)

Install Java


# Java 17
dnf install -y \
  java-17-openjdk-1:17.0.19.0.10-2.el9_7.x86_64 \
  java-17-openjdk-devel-1:17.0.19.0.10-2.el9_7.x86_64 \
  java-17-openjdk-headless-1:17.0.19.0.10-2.el9_7.x86_64

# Set Java aktif ke versi 17
alternatives --config java

Buat User & Direktori Kerja

# UID HARUS SAMA PERSIS dengan slave-1 lama
useradd -u 1500 -m -d /home/jenkins-remote -s /bin/bash jenkins-remote
passwd jenkins-remote        # password SAMA dengan slave-1 lama

mkdir -p /data/jenkins-slave
chown -R jenkins-remote:jenkins-remote /data/

Aktifkan SSH, Firewall & SELinux

systemctl enable --now sshd
firewall-cmd --permanent --add-service=ssh
firewall-cmd --reload

# Rocky 9 default SELinux Enforcing — restorecon wajib
restorecon -Rv /home/jenkins-remote
restorecon -Rv /data

Verifikasi

sudo -u jenkins-remote java -version
id jenkins-remote    # harus uid=1500, sama dengan slave-1 lama
getenforce       # cek status SELinux

Step 4 — Tambah Agent di Jenkins UI

Buka: http://10.20.0.210:8080Manage Jenkins → Nodes → New Node

slave-1 (RHEL 8 lama)

ParameterNilai
Node nameslave-1
Remote root directory/data/jenkins-slave
Labelsslave rhel8 slave-1
Host10.20.0.211
Credentialsjenkins-remote / Jenkins123!
Host Key VerificationNon-verifying

slave-2 (RHEL 8, tidak berubah)

ParameterNilai
Node nameslave-2
Remote root directory/data/jenkins-slave
Labelsslave rhel8 slave-2
Host10.20.0.212
Credentialsjenkins-remote / Jenkins123!
Host Key VerificationNon-verifying

Step 5 — Buat Pipeline Verifikasi

Buat job: New Item → Pipeline → nama: test-migration

pipeline {
    agent none
    stages {

        stage('Verify Slave-1') {
            agent { label 'slave-1' }
            steps {
                sh '''
                    echo "==============================="
                    echo "SLAVE-1 INFO"
                    echo "==============================="
                    echo "Hostname : $(hostname)"
                    echo "IP       : $(hostname -I)"
                    echo "OS       : $(cat /etc/os-release | grep PRETTY_NAME)"
                    echo "Java     : $(java -version 2>&1 | head -1)"
                    echo "User     : $(whoami) (uid=$(id -u))"
                    echo "Workdir  : $(pwd)"
                    echo "Server   : $(cat /data/jenkins-slave/server-info.txt)"
                    echo "==============================="
                '''
            }
        }

        stage('Verify Slave-2') {
            agent { label 'slave-2' }
            steps {
                sh '''
                    echo "==============================="
                    echo "SLAVE-2 INFO"
                    echo "==============================="
                    echo "Hostname : $(hostname)"
                    echo "IP       : $(hostname -I)"
                    echo "OS       : $(cat /etc/os-release | grep PRETTY_NAME)"
                    echo "Java     : $(java -version 2>&1 | head -1)"
                    echo "User     : $(whoami) (uid=$(id -u))"
                    echo "Workdir  : $(pwd)"
                    echo "==============================="
                '''
            }
        }

    }
}

Jalankan pipeline — pastikan kedua slave hijau sebelum lanjut ke migrasi.

Step 6 — Simulasi Migrasi (Reuse IP)

Fase 1 — Rsync Awal (slave lama masih hidup)

# Dari slave-2 lama (10.20.0.212) → slave-2-new (10.20.0.213)
rsync -avz --progress --delete \
  /data/jenkins-slave/ \
  jenkins-remote@10.20.0.213:/data/jenkins-slave/

Fase 2 — Cutover

# [Jenkins UI] Set slave-2 → OFFLINE → tunggu semua job selesai
# [Jenkins UI] Disconnect slave-2

# Rsync FINAL (delta saja, sangat cepat)
rsync -avz --progress --delete \
  /data/jenkins-slave/ \
  jenkins-remote@10.20.0.213:/data/jenkins-slave/

# [slave-2 lama] Shutdown 
#shutdown -h now
# or set down ip
nmcli con show
nmcli con down <connection-name>

Fase 3 — Aktifkan Rocky Linux 9 dengan IP Lama

# [slave-1-new] Ganti IP sementara → IP lama (10.20.0.212)
nmcli con show
nmcli con mod 'System eth0' \
  ipv4.addresses 10.20.0.212/24 \
  ipv4.gateway 10.20.0.2 \
  ipv4.dns 8.8.8.8,8.8.4.4 \
  ipv4.method manual
nmcli con up 'System eth0'

# Verifikasi IP sudah aktif
ip addr show
ping -c 3 10.20.0.210      # ping ke Master

# Tulis ulang file penanda dengan info Rocky
echo "Rocky9 - $(hostname)" > /data/jenkins-slave/server-info.txt

Fase 4 — Reconnect dari Jenkins UI

Buka http://10.20.0.210:8080slave-2 → Launch Agent Controller SSH ke 10.20.0.212 → sekarang terhubung ke Rocky Linux 9.

Step 7 — Verifikasi Akhir

Jalankan ulang pipeline test-migration. Output slave-1 harus berubah seperti berikut:

===============================
SLAVE-2 INFO
===============================
Hostname : le-jenkins-slave02
IP       : 10.20.0.212              ← IP sama dengan sebelumnya ✓
OS       : "Rocky Linux 9.x"          ← OS sudah Rocky ✓
Java     : openjdk version "17"        ← Java sama ✓
User     : jenkins-remote (uid=1500)       ← user & UID sama ✓
Workdir  : /data/jenkins-slave
Server   : Rocky9 - slave-2-new       ← konfirmasi server baru ✓
===============================
      edit

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)