Helm and deployment experience jenkins

Jenkins is running on Kubernetes

The figure comes from rancher official blog, in kubernetes environment, jenkins task is to perform each pod, the pod is created and destroyed after the end of the task when needed, so that both rational use of resources, while providing the same to each task clean initialization environment (also can keep the pod, such as look into the problem of time)

How to quickly deploy jenkins in kubernetes

Quick and simple to deploy a variety of applications by Helm, install and use on helm, refer to "deploy and experience Helm (2.16.1 version)"

Environmental Information

The real context information is as follows:
1. Kubernetes Cluster: Three CentOS7.7 server
2. kubernetes Version: 1.15.3
3. Helm Version: 2.16.1
4. Jenkins Version: 2.190.3

Ready to work

In addition to ready ahead kubernetes environment, you need the following preparations:

1. Ready helm, you can refer to "deploy and experience Helm (2.16.1 version)" ;
2. Ready NFS service, so even if the pod is destroyed jenkins reconstruction, will not lose data, you can set up NFS services refer to "Ubuntu16 environment to install and use NFS" ;
   When you're ready to start the combat

The combat namespace

The actual use namespace called helm-jenkins to create execute the following command:

kubectl create namespace helm-jenkins

Creating PV

To back jenkins service smooth start, need to pre-deployed pv:

1. New called pv-helm-jenkins.yaml file, as follows, where 192.168.133.142 is the NFS server address, / usr / local / Work / Test / 002 is assigned to the current actual use NFS folders:

apiVersion: v1
kind: PersistentVolume
metadata:
 name: helm-jenkins
 namespace: helm-jenkins
spec:
 capacity:
 storage: 10Gi
 accessModes:
 - ReadWriteOnce
 persistentVolumeReclaimPolicy: Recycle
 nfs:
 path: /usr/local/work/test/002
 server: 192.168.133.142

2. Run kubectl the Create -f pv-Helm-jenkins.yaml , create PV;
3. See if PV is ready:

[root@node1 helm-jenkins]# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
helm-jenkins 10Gi RWO Recycle Available 5s
 14h

helm installation jenkins

1. Ensure helm2.16.1 version installed and working properly:

[root@node1 helm-jenkins]# helm version
Client: &version.Version{SemVer:"v2.16.1", GitCommit:"bbdfe5e7803a12bbdf97e94cd847859890cf4050", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.16.1", GitCommit:"bbdfe5e7803a12bbdf97e94cd847859890cf4050", GitTreeState:"clean"}

2. Ensure the helm repo ready (if not you can add by adding the helm repo):

[root@node1 helm-jenkins]# helm repo list
NAME URL 
stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts

3. Execute the following command to create jenkins's deployment, service and other resources:

helm install --namespace helm-jenkins --name my-jenkins stable/jenkins

4. After machining, the console output to the following:

NOTES:
5. Get your 'admin' user password by running:
 printf $(kubectl get secret --namespace helm-jenkins my-jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo
6. Get the Jenkins URL to visit by running these commands in the same shell:
 NOTE: It may take a few minutes for the LoadBalancer IP to be available.
 You can watch the status of by running 'kubectl get svc --namespace helm-jenkins -w my-jenkins'
 export SERVICE_IP=$(kubectl get svc --namespace helm-jenkins my-jenkins --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}")
 echo http://$SERVICE_IP:8080/login

7. Login with the password from step 1 and the username: admin

The first of the above gives important tips: Get admin account password method, execute the following command:

printf $(kubectl get secret --namespace helm-jenkins my-jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo

Red box as shown in the following figure, I've got the admin password is Eq6WxHvJ2V :

8. Inspection Service, found that there are two services under the helm-jenkins this namespace: My-jenkins and My-Agent-jenkins , jenkins site is the former, the latter Sign up to receive jenkins instance to perform tasks:

[root@node1 helm-jenkins]# kubectl get svc -n helm-jenkins
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
my-jenkins LoadBalancer 10.233.10.35 <pending> 8080:31763/TCP 31m
my-jenkins-agent ClusterIP 10.233.35.20 <none> 50000/TCP 31m

9. my-jenkins this type of service is LoadBalancer, 8080 port are mapped to the host port 31763, and therefore, the use of IP kubernetes a cluster host, coupled with port 31763 can be accessed through a browser;
   At this point, jenkins installation has been completed, the next step necessary settings

Set kubernetes plug

To make jenkins work in the following modes, also you need to set kubernetes plug

1. Click below the red box "Manage Jenkins", enter the settings page:
   
2. Since many older plug-in version, the page will be prompted to upgrade, being less than here, so click on the figure below the red box "Configure System":
   
3. Click below red box 1 in the "Test Connection" button, you will see a red box 2 in the error message:
   
4. Generating the wrong reasons, is due to jenkins container does not have access kubernetes of api server, in order to solve this problem, we must first find out the identity of the vessel, we know that container has its own serviceaccount in kubernetes environment, execute the command kubectl get serviceaccount - n helm-jenkins View serviceaccount namespace under the current:

[root@node1 helm-jenkins]# kubectl get serviceaccount -n helm-jenkins
NAME SECRETS AGE
default 1 3h55m

Visible serviceaccount jenkins container is default
4. know serviceaccount container, like the above-mentioned problem is resolved, we will visit api server with RBAC permissions required to bind to default, there is not a thing in order to save permission eleven the next highest authority directly to the default ( production environment - do not do , must-demand);
5. Create a new file named rbac-helm-jenkins-default.yaml, as follows:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
 name: rbac-helm-jenkins-default
 namespace: helm-jenkins
roleRef:
 apiGroup: rbac.authorization.k8s.io
 kind: ClusterRole
 name: cluster-admin
subjects:
- kind: ServiceAccount
 name: default
 namespace: helm-jenkins

6. Run kubectl create -f rbac-helm-jenkins -default.yaml allows RBAC to take effect
7. Click again to return to the previous page "Test Connection" button, as shown below, suggesting that "Connection successful":
   
8. 接下来设置Pod模板参数，如下图，namepsace要设置为helm-jenkins，另外要记下来Labels的值my-jenkins-jenkins-slave，后面会用到：
   
9. 点击底部的"Save"按钮，使设置生效；
10. 设置完毕，接下来创建任务体验一下kubernetes上的jenkins功能

体验Freestyle project

1. 创建一个Freestyle project，如下图：
   
2. 如下图红框，表单中Label Expression的值是前面记下来的my-jenkins-jenkins-slave：
   
3. 本次任务的具体内容很简单，执行一段shell，输出"Hello World!"，如下图所示：
   
4. 点击底部的"Save"按钮保存
5. 点击下图红框中的"Build Now"，即可开始构建：
   
6. 如果是第一次执行，会触发jenkins任务pod的docker镜像的下载，您需要耐心等候一会儿；
7. 此时去控制台执行命令kubectl get pods -n helm-jenkins查看pod，会发现有新的pod出现，如下所示，这是执行jenkins任务的pod：

[root@node1 helm-jenkins]# kubectl get pods -n helm-jenkins
NAME READY STATUS RESTARTS AGE
default-66vcq 0/1 ContainerCreating 0 1s
my-jenkins-74bcdfc566-jbw28 1/1 Running 0 5h5m

8. 返回jenkins页面，可见任务已经执行完毕：
   
9. 再去控制台查看pod，发现刚刚创建的pod已经消失了
10. 至此，kubernetes环境部署和体验jenkins的实战就完成了，希望本文带给您一些参考信息。