This is the biggest feature release of CJE. With this latest release, customers can set up and install a CJE cluster on either bare-metal or vSphere (v.5.5 and higher) based VMs.
With the general availability of this feature, customers can now use RHEL images (v7.2 or higher are supported) while installing the CJE cluster
CJE Support Bundle now includes firewall rules
Introduced retries in terraform when creating cloud resources to mitigate transient installation issues that are resolved with a retry.
cluster-destroy allows to clean up EBS storage
Customers that have changed the CJOC Admin user's password after a successful installation of CJE, may encounter the exception such as the one below, on subsequent upgrades to the cluster or while expanding the size of the cluster
cat: /var/jenkins_home/secrets/initialAdminPassword: No such file or directory
To mitigate this exception, CloudBees strongly recommends following the instructions listed in this document - Securing your cluster
In earlier releases of CloudBees Jenkins Enterprise (previously known as Private SaaS Edition), when running on AWS, two AWS S3 buckets were used for storing state information about the cluster.
In specific circumstances, reinstalling a cluster could result in a failure if the cluster name collided with the bucket names. Also, having just one bucket simplifies administration, backups, and other tasks, and as a result these two buckets have been merged into a single AWS S3 bucket.
Customers running CJE versions prior to 1.6.0 are strongly encouraged to run the following command to merge the two S3 buckets into one:
cje run migrate-es-bucket-2-storage-bucket
This command may take a few minutes to execute. After merging the S3 buckets, this command will delete the redundant S3 bucket.
Fixes an issue where the ElasticSearch backups were not getting persisted to the configured NFS mount. This issue is primarily seen on CJE clusters running on OpenStack or vSphere based VMs
Fixes an issue where if a CJE Admin changes the domain name of a cluster that's actively in use, subsequent restarts of any Jenkins Master provisioned on the cluster would start to fail
Fixes an issue where the
subnet_id parameter was listed twice in
Fixes an issue where a new CJE cluster installation or upgrades of an existing cluster would fail if the cluster name contains the string
Fixes an issue where if a CJE Admin were to update the ElasticSearch configs such as increasing the Heap size or the instance count, etc, the operation would result in a failure
Fixes an issue where the logstash, sshgateway and router docker containers were not being restarted upon a restart of a Worker or Controller VM
Fixed support of dollar sign character in CJOC password.
Fixes an issue where the CJE provided images for AWS (AMIs), OpenStack and vSphere didn't include docker images for the Palace and Castle components
Fixes a problem that prevented navigation to a managed master without a "hard" browser refresh
Fixes an issue where Master/CJOC containers contained hardcoded references to
jenkins user, causing issues when using a different user.
Fixes an issue in CJOC that causes the 'security realm configuration' page to throw an exception upon saving the content on the page
Fixed a stack trace on accessing CJOC Castle Configuration page
Fixes an issue where customers running an upgrade to a CJE cluster may have encountered a Warning message from specific packages in CJE
Fixes an issue where the credentials profile specified in the project.config file doesn't exist in .aws/config file.
Fixes an issue in the config file that clarifies the use of the 'use_public_route53_zone' parameter
cje apply does not work because of sed: -e expression #1, char 1: unknown command: `.'
Installation into Existing VPC fails via Bastion in Same VPC
Fixes an issue where CJE assumes the default Linux network interface name is eth0. This could cause installation failures on more recent Linux distributions
Space after Comma breaks CJE Install
Fixes an issue where a CJE cluster may be provisioned incorrectly if a customer changes the AWS region(s) midway through a CJE installation process
ConfigParser will read 4096 bytes of the config file when reading and stop mid-line, leading to a parsing error
Palace healthcheck needs to be improved
Installation is able to proceed even if Mesos and Operations Center fail to come up
There are two possible causes of this failure.
The more common cause is a firewall blocking traffic to Ubuntu's servers. These are accessed through port 80 to
keyserver.ubuntu.com. Open these ports in your network configuration and retry the
A less frequent cause is if these servers are off-line. You will need to restart the "apply" once these servers are back on-line.
Using custom DNS within your custom VPC is not yet supported.
Despite the UI allows to change the JNLP port, it shouldn't be done as this is set dynamically by CJE on startup.
If you enter an invalid Managed Master image location under the "manage" page on CJOC, then when deploying the new instance, the log window will only show that it's attempting to deploy and will not give any further feedback. Correct the image location to resolve this.
CJE allows you to enable using one-shot executors. These provide slightly faster provisioning of the executors. However, the current implementation of one-shot executors doesn't support pipeline resumption.
CJE doesn't support installing the Palace Cloud Plugin into masters that are not managed by CJE.
When using the operation
cluster-recover, it is simpler to keep the cluster in the same AWS availability zone (AZ).
If you must move it to a different AZ you will need to update the the project.config file in the
.dna subdirectory of the project directory (e.g.
In this file, each section instance
[worker-<n>:worker] includes an
availability_zone field that should be corrected to the new AZ.
When installing to an OpenStack environment, in the file cluster-init.config, in the section
[openstack], the correct choices for the
ssh_user field are not enumerated in the comments. Depending on the target OS, those choices are:
For ubuntu, it is
For RHEL, it is
For CentOS, it is
The alert "There was an error reporting analytics data" links to an invalid URL within the cluster. You can access this by selecting the "Manage Jenkins" link on the left side of the page.
Under certain circumstances, the mesos-slave process can fail to start. When this occurs, it will be impossible for mesos to start processes and containers on that worker.
You can confirm this by ssh-ing into a shell running on the affected worker and running this command
sudo service mesos-slave status
To resolve this, use these commands in a shell window connected to the affected worker:
sudo rm -r /var/lib/mesos/meta/ sudo service mesos-slave restart