First, in k8s cluster installation jenkins
- Install nfs service, choose their own network machines, I chose master1 node (192.168.80.180)
(1) install nfs service on master1
yum install nfs-utils -y
systemctl start nfs
(2) create the nfs shared directory on master1
mkdir /data/v1 -p
cat /etc/exports
/ Data / v1 192.168.80.0/24(rw,no_root_squash)
exportfs -arv the configuration file to take effect
systemctl restart nfs
- kubernetes deployed jenkins
(1) create a namespace
kubectl create namespace jenkins-k8s
(2) create pv
cat pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-k8s-pv
spec:
capacity:
storage: 10Gi
accessModes:
-
ReadWriteMany
nfs:
server: 192.168.80.180
path: /data/v1
kubectl apply -f pv.yaml
(3) create pvc
cat pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: jenkins-k8s-pvc
namespace: jenkins-k8s
spec:
resources:
requests:
storage: 10Gi
accessModes:
- ReadWriteMany
View pv and pvc binding status
GET PVC -n-Jenkins kubectl K8S
(4) create an account sa
kubectl create sa jenkins-k8s-sa -n jenkins-k8s
(5) the sa account authorized to do rbac
kubectl create clusterrolebinding jenkins-k8s-sa-cluster -n jenkins-k8s --clusterrole=cluster-admin --serviceaccount=jenkins-k8s:jenkins-k8s-sa
(6) deployed by deployment jenkins
cat jenkins-deployment.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: jenkins
namespace: jenkins-k8s
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
serviceAccount: jenkins-k8s-sa
containers:
- name: jenkins
image: jenkins/jenkins:lts
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
name: web
protocol: TCP
- containerPort: 50000
name: agent
protocol: TCP
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 500m
memory: 512Mi
livenessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
readinessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
volumeMounts:
- name: jenkins-volume
subPath: jenkins-home
mountPath: /var/jenkins_home
volumes:
- name: jenkins-volume
persistentVolumeClaim:
claimName: jenkins-k8s-pvc
chown -R 1000 /data/v1
kubectl apply -f jenkins-deployment.yaml
-n-jenkins GET PODS kubectl K8S
(. 7) together with the front end jenkins service, providing access to the external network
cat jenkins-service.yaml
apiVersion: v1
kind: Service
metadata:
name: jenkins-service
namespace: jenkins-k8s
labels:
app: jenkins
spec:
selector:
app: jenkins
type: NodePort
ports:
-
name: web
port: 8080
targetPort: web
nodePort: 30002
-
name: agent
port: 50000
targetPort: agent
kubectl apply -f jenkins-service.yaml
kubectl get svc -n jenkins-k8s
Second, configure Jenkins
Jenkins access the web interface in the browser:
http://192.168.80.199:30002/login?from=%2F
- Obtain Administrator Password:
在nfs服务端,也就是master1节点获取密码:
cat /data/v1/jenkins-home/secrets/initialAdminPassword
把上面获取到的密码拷贝到上面管理员密码下的方框里
点击继续,出现如下界面
- 安装插件
安装插件
插件安装好之后显示如下:
- 创建管理员用户
用户名和密码都设置成admin,线上环境需要设置成复杂的密码
修改好之后点击保存并完成,出现如下界面
点击保存并完成,出现如下界面
点击保存并完成,出现如下界面
三、测试jenkins的CI/CD
- 在Jenkins中安装kubernetes插件
(1)在jenkins中安装k8s插件
Manage Jnekins------>Manage Plugins------>可选插件------>搜索kubernetes------>出现如下
选中kubernetes之后------>点击下面的直接安装------>安装之后选择重新启动jenkins--->重启之后登陆jenkins即可
- 配置jenkins连接到我们存在的k8s集群
(1)点击系统管理->系统设置-新增一个云,在下拉菜单中选择kubernets并添加
(2)填写云kubernetes配置内容
(3)测试jenkins和k8s是否可以通信
点击连接测试,如果显示Connection test successful,说明测试成功,Jenkins可以和k8s进行通信
应用------>保存
- 配置pod-template
(1)配置pod template
System Management ------> System Settings ------> Add Pod template ------> Kubernetes Pod Template ---> configuration as follows
(2) In the above vessel added pod template
Replenishing container ------> Container Template ------> ------ arranged as follows>
In the lower right corner there is a pod template Advanced, click Advanced, appears as follows
sa when entering jenkins-k8s-sa at the Service Account, this is what we sa start the installation jenkins
(3) above to pod template Add Volume
Add Volume ------> Select Host Path Volume
Once you've configured above, the application ------> Save
- Add your own dockerhub credentials
Home ------> credentials ------> Click Stores scoped to jenkins under Jenkins, shown below ----->
Click this global credentials, appears as follows ------>
username: xianchao
password:1989*****
ID:dockerhub
description:
After selecting OK to the above changing for the better
Third, test the deployment k8s by Jenkins
back to the homepage:
Create a task ------> Enter the name of the task jenkins-variable-test-deploy ------> ------ pipeline> OK ------> Pipeline script at input following
node('testhan') {
stage('Test') {
echo "Test Stage"
}
}
Applications ------> Save ------> Build immediately to
open BlueOcean, the following interface
I would like to encourage each