Installation Jenkins
. 1, create a namespace
$ kubectl Create namespace Kube OPS-
2, Jenkins pvc is created (created storage class may also be used)
apiVersion: v1
kind: PersistentVolume
metadata:
name: opspv
spec:
capacity:
storage: 2Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Delete
nfs:
server: 192.168.1.244
path: /data/k8s
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: opspvc
namespace: kube-ops
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 2Gi
3. Create rbac need permission jenkins
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins2
namespace: kube-ops
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: jenkins2
rules:
- apiGroups: ["extensions", "apps"]
resources: ["deployments"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["services"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: jenkins2
namespace: kube-ops
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: jenkins2
subjects:
- kind: ServiceAccount
name: jenkins2
namespace: kube-ops
Can also bind existing cluster cluster-admin role privileges a system ServiceAccoun
4, POD create Jenkins
$ Docker pull docker.io/jenkins/jenkins:lts
$ Docker pull cnych / Jenkins: jnlp6
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: jenkins2
namespace: kube-ops
spec:
template:
metadata:
labels:
app: jenkins2
spec:
terminationGracePeriodSeconds: 10
serviceAccount: jenkins2
containers:
- name: jenkins
image: docker.io/jenkins/jenkins:lts
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
name: web
protocol: TCP
- containerPort: 50000
name: agent
protocol: TCP
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 500m
memory: 512Mi
livenessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
readinessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
volumeMounts:
- name: jenkinshome
subPath: jenkins2
mountPath: /var/jenkins_home
env:
- name: LIMITS_MEMORY
valueFrom:
resourceFieldRef:
resource: limits.memory
divisor: 1Mi
- name: JAVA_OPTS
value: -Xmx$(LIMITS_MEMORY)m -XshowSettings:vm -Dhudson.slaves.NodeProvision
er.initialDelay=0 -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85 -Duser.timezone=Asia/Shanghai securityContext:
fsGroup: 1000
volumes:
- name: jenkinshome
persistentVolumeClaim:
claimName: opspvc
---
apiVersion: v1
kind: Service
metadata:
name: jenkins2
namespace: kube-ops
labels:
app: jenkins2
spec:
selector:
app: jenkins2
type: NodePort
ports:
- name: web
port: 8080
targetPort: web
nodePort: 30003
- name: agent
port: 50000
targetPort: agent
Kubectl the Apply -f jenkins2.yaml $
$ kubectl GET POD -n Kube-OPS
jenkins2-76644dbc9b-llcsp 0/1 Running 0 # does not start
$ kubectl DESCRIBE POD jenkins2-76644dbc9b-llcsp -n Kube-OPS
$ kubectl logs -f -n-llcsp Kube-jenkins2-76644dbc9b OPS
5, modify the permissions on the directory jenkins lasting nfs server and re-create POD jenkins
$ chown -R 1000 / the Data / K8S / jenkins2 # on 192.168.1.244
$ kubectl the Delete -f jenkins2 .yaml
$ kubectl the Apply -f jenkins2.yaml
$ kubectl GET POD -n Kube-OPS
jenkins2-76644dbc9b-llcsp 1/1 Running 0
Why 1000?
Dockerfile file image defined in the above is: = Jenkins Group User UID = Jenkins GID = 1000 = 1000
Dockerfile file address:
https://github.com/jenkinsci/docker/blob/master/Dockerfile
ARG = User Jenkins
ARG Group = jenkins
UID = 1000 ARG
ARG GID = 1000
ARG 8080 Http_port =
ARG = 50000 agent_port
ARG JENKINS_HOME = / var / jenkins_home
$ kubectl GET Kube SVC -n-OPS
jenkins2 NodePort 10.105.121.176 <none> 8080: 30003 / the TCP, 50000: 30 936 / TCP
http://192.168.1.243:30003
initial password on the nfs server
$ cat / data / k8s / jenkins / secrets / initialAdminPassword
Created on jenkins kubernetes cloud
enkins Master and Jenkins Slave run on Node Kubernetes cluster, Master running on one of the nodes in Pod form, and its configuration data stored in a Volume up, the Slave running on each node, and it is not has been running, it will be automatically deleted in accordance with the needs of the dynamic created
in this way work processes roughly as follows: when the Jenkins Master Build receives a request, it creates a run Jenkins Slave in the Pod in accordance with dynamic configuration and registration Label to the Master, when after running Job, the Slave will be canceled and the Pod will be automatically deleted, restored to its original state.
1, install plug-ins
installed kubernetes plugin, Jenkins click the Manage -> the Manage Plugins -> the Available -> Kubernetes plugin
2, increase kubernetes cloud
click Manage Jenkins -> Configure System -> ( drag the bottom most) Add a new cloud -> select Kubernetes then fill Kubernetes Jenkins and configuration information ---- connection test
name: Kubernetes
Kubernetes address: HTTPS: //kubernetes.default.svc.cluster.local
Kubernetes namespace: Kube-OPS
Jenkins address:http: //jenkins2.kube-ops.svc.cluster.local: 8080 (jenkins2 is svc )
3, add the pod template
add pod template ---- Kubernetes Pod Template
Name: jnlp
namespace: kube-ops
tag list: dongyali -jnlp
4, add a container template
add container ---- container template
name: JNLP
Docker mirror: cnych / jenkins: jnlp6 (Jenkins in a mirrored version of the following names 2.176.x remove 6)
working directory: / home / jenkins / agent
running command: Clear
command parameters: Clear
5, was added two volumes
add volumes ---- host path volume
host path: /var/run/docker.sock
mount path: /var/run/docker.sock
host path: / root / .kube
mount path: /root/.kube
6, may need to configure ServiceAccount
$ kubectl GET SA -n Kube-OPS
jenkins2 1 14H
click to add the following volumes of high-level ---- Service Account ---- jenkins2
7, dynamically generated jenkins slave with a shell test Kubernetes
new task name ---- ---- Liberty-style
operational node common project ---- ---- Select the Limit label expression: dongyali-jnlp
building --- - enter to execute shell ---- ---- save to build immediately following
echo "测试 Kubernetes 动态生成 jenkins slave"
echo "==============docker in docker==========="
docker info
echo "=============kubectl============="
kubectl get pods
Pod observation Kubernetes cluster change:
$ kubectl GET POD -n Kube-OPS
jenkins2-76644dbc9b-llcsp 1/1 Running 0 3h49m
JNLP-tl1km 1/1 0 Running 44S
when the task is finished running, jnlp the slave pod will automatically disappear .
8, dynamically generated jenkins slave with pipeline testing Kubernetes
new task name ---- ---- assembly line
, enter the following line in the script ---- save the building immediately
node('dongyali-jnlp') {
stage('Clone') {
echo "1.Clone Stage"
}
stage('Test') {
echo "2.Test Stage"
}
stage('Build') {
echo "3.Build Stage"
}
stage('Deploy') {
echo "4. Deploy Stage"
}
}