0
点赞
收藏
分享

微信扫一扫

k8s应用-部署jenkins

测试在kubernetes集群中部署jenkins

配置nfs

mkdir -p /root/jenkins
chown 777 /root/jenkins-home #配置权限
#vim /etc/exports
/root/jenkins/ *(insecure,rw,sync,no_root_squash)
exportfs -arv #配置生效
systemctl restart nfs
showmount -e localhost # 检查共享目录信息

k8s应用-部署jenkins_镜像源

部署deployment

创建命名空间

kubectl create namespace jenkins-k8s

创建pv

#vim jenkins-pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-pv
spec:
capacity:
storage: 5Gi # 大小
accessModes: # 访问模式
- ReadWriteMany # 多路读写
nfs:
server: 192.168.85.6 #NFS服务器地址
path: /root/jenkins # 共享目录


#创建对象
kubectl apply -f jenkins-pv.yaml

创建pvc

#vim jenkins-pvc.yaml
apiVersion: v1
metadata:
name: jenkins-pvc
namespace: jenkins-k8s
spec:
resources:
requests:
storage: 5Gi
accessModes:
- ReadWriteMany

检查pv,pvc

k8s应用-部署jenkins_镜像源_02

创建sa账号并做RBAC授权

jenkins使用sa账号访问kubernetes集群中的资源,需要对该sa账号授予相关的权限。

#vim jenkins-sa.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins-sa # sa名称
namespace: jenkins-k8s
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: jenkins-clusterrole
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: jenkins-sa
namespace: jenkins-k8s

创建完毕后,检查

kubectl apply -f jenkins-sa.yaml
kubectl -n jenkins-k8s get sa

k8s应用-部署jenkins_vim_03

部署deployment

apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: jenkins-k8s
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
serviceAccount: jenkins-sa
containers:
- name: jenkins
image: jenkins/jenkins:2.297-alpine
imagePullPolicy: IfNotPresent
ports:
- name: web
containerPort: 8080
protocol: TCP
- name: agent
containerPort: 50000
protocol: TCP
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 500m
memory: 512Mi
livenessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
readinessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
volumeMounts:
- name: jenkins-volume
subPath: jenkins-home
mountPath: /var/jenkins_home
volumes:
- name: jenkins-volume
persistentVolumeClaim:
claimName: jenkins-pvc
# 创建Jenkins服务
---
apiVersion: v1
kind: Service
metadata:
name: jenkins-svc
namespace: jenkins-k8s
labels:
app: jenkins
spec:
selector:
app: jenkins
type: NodePort # 使用NodePort类型访问Services服务
ports:
- name: web
port: 8080 # service端口
targetPort: web
nodePort: 30003 # 映射到主机的端口

更新资源对象

解决镜像拉取不到的问题

在国内无FQ情况下很难从k8s.gcr.io等镜像源下载镜像,所以导致jenkins的镜像下载不来,导致部署失败

k8s应用-部署jenkins_vim_04

此时需要配置国内镜像源替代

docker作为容器运行时

sudo cat >> /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://registry.docker-cn.co"]
}
EOF
#重启docker
systemctl daemon-reload
systemctl restart docker

containerd作为容器运行时

sed -i "s/k8s.gcr.io/egistry.aliyuncs.com\/google_containers/g" /etc/containerd/config.toml
systemctl daemon-reload
systemctl restart containerd

注意,更换镜像源的时候,需要在每台node上都执行


在部署完成后,检查资源状态

k8s应用-部署jenkins_docker_05

访问配置jenkins

根据svc的信息,访问任意node的30003端口即可

k8s应用-部署jenkins_docker_06

获取管理员密码

在nfs服务器端配置查看,或者登录容器查看

k8s应用-部署jenkins_docker_07

将密码粘贴登录,然后修改管理员密码


初始化配置

 登录后,提示配置插件,选择”安装的推荐的插件“,在线安装,网络有时不稳定会安装失败,重复安装即可。

k8s应用-部署jenkins_vim_08

配置插件

k8s应用-部署jenkins_docker_09

配置管理员

k8s应用-部署jenkins_vim_10


k8s应用-部署jenkins_镜像源_11

k8s应用-部署jenkins_镜像源_12

重启jenkins,浏览器输入http://192.168.85.4:30003/restart

k8s应用-部署jenkins_vim_13

k8s应用-部署jenkins_vim_14

jenkins基础配置

安装kubernetes插件

系统管理——>系统配置——Cloud(云)——kubernete

k8s应用-部署jenkins_镜像源_15


k8s应用-部署jenkins_vim_16

k8s应用-部署jenkins_docker_17

举报

相关推荐

0 条评论