kubernetes集群jenkins安装文档
项目请参与github项目
https://github.com/JustCoWorker/kubernetes-cicd
1.jenkins 镜像构建
1.1cat Dockerfile
FROM jenkins/jenkins:lts
USER root
ARG dockerGid=978
WORKDIR /usr/local
#RUN wget http://80.68.250.216/pub/apache/maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-bin.tar.gz
COPY apache-maven-3.3.9-bin.tar.gz ./
RUN tar xzvf apache-maven-3.3.9-bin.tar.gzls
RUN cp -R apache-maven-3.3.9 /usr/local/bin
RUN export PATH=apache-maven-3.3.9/bin:$PATH
RUN export PATH=/usr/local/bin/apache-maven-3.3.9/bin:$PATH
RUN ln -s /usr/local/bin/apache-maven-3.3.9/bin/mvn /usr/local/bin/mvn
#RUN ls -l /usr/local/bin
RUN echo $PATH
RUN echo "docker:x:${dockerGid}:jenkins" >> /etc/group \
USER jenkins
1.2构建镜像
git clone https://github.com/JustCoWorker/kubernetes-cicd.git
cd /usr/local/kubernetes-cicd/jenkins
docker build -t harbor.demo.com/private/demo-jenkins:lts .
docker push harbor.demo.com/private/demo-jenkins:lts
2.部署jenkins
2.1CentOS7 安装NFS
下载软件
yum install -y nfs-utils
新建挂在文件夹
mkdir -p /usr/local/nfs
修改文件夹权限
chmod a+rw /usr/local/nfs
配置NFS服务目录
vi /etc/exports
/usr/local/nfs *(rw,sync,no_subtree_check,no_root_squash)
rpcbind和nfs做开机启动
systemctl enable rpcbind.service
systemctl enable nfs-server.service
启动服务
systemctl start rpcbind.service
systemctl start nfs-server.service
查看共享状态
showmount -e
showmount -e 192.168.1.157
2.2部署jenkins
namespace-ci.yml
apiVersion: v1
kind: Namespace
metadata:
name: ci
pv.yml
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins
namespace: ci
spec:
capacity:
storage: 50Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
nfs:
path: /usr/local/nfs
server: 127.0.0.1
jenkins.yml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: jenkins
namespace: ci
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 50Gi
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins
namespace: ci
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: jenkins
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: jenkins
namespace: ci
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: jenkins
namespace: ci
spec:
replicas: 1
template:
metadata:
labels:
k8s-app: jenkins
spec:
serviceAccount: jenkins
containers:
- name: jenkins
image: harbor.demo.com/private/demo-jenkins:lts
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /var/jenkins_home
name: home
volumes:
- name: home
persistentVolumeClaim:
claimName: jenkins
---
apiVersion: v1
kind: Service
metadata:
name: jenkins-svc
namespace: ci
spec:
ports:
- port: 8077
targetPort: 8080
name: web
- port: 50000
targetPort: 50000
name: slave
selector:
k8s-app: jenkins
type: LoadBalancer
ingress 文件 jenkins-ingress.yaml
#ingress
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: jenkins-ingress
namespace: ci
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/secure-backends: "true"
spec:
rules:
- host: jenkins.demo.com
http:
paths:
- path: /
backend:
serviceName: jenkins-svc
servicePort: 8077
部署
cd jenkins-yml/
kubectl create -f namespace-ci.yml
kubectl create -f pv.yml
kubectl create -f jenkins.yml
kubectl create -f jenkins-ingress.yaml
3.Jenkins 访问并安装插件
修改host文件,讲域名解析到157 访问 http://jenkins.demo.com/
安装默认插件速度较慢,更换国内地址
cd /usr/local/nfs/updates
cp default.json default_back.json
$ sed -i 's/http:\/\/updates.jenkins-ci.org\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json && sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
4.jenkins 插件安装
需要安装插件列表
1.kubernetes->配置k8s配置
2.Extended Choice Parameter ->参数化构建
3.Git Parameter->git 获取tag
4.Kubernetes Continuous Deploy->k8s部署
5.Parameterized Remote Trigger Configuration ->远程触发构建
6.user build vars->获取用户参数
7.SSHAgent->git 提交时使用
8.permissive script security ->健康检查脚本
9.Pipeline Utility Steps ->获取版本号
本文由博客群发一文多发等运营工具平台 OpenWrite 发布
