番外:戳一戳 -> 热门IT岗集锦
环境:
1、4台centos7.9虚拟机
2、k8s版本:v1.19
3、docker版本:20.10.6
数据持久化:
这里采用NFS作为Jenkins的数据持久化存储
在NFS服务器上创建目录:
mkdir /nfs/data/jenkins && chown -R 1000:1000 /nfs/data/jenkins
注意: 如果不修改Jenkins目录的所有者和所属组,在部署Jenkins pod的时候会报错,提示权限问题
yaml文件目录(你们随意):
mkdir /root/k8s/jenkins && cd /root/k8s/jenkins
部署:
1)vim jenkins2.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins2
namespace: kube-ops
labels:
app: jenkins2
spec:
replicas: 2
selector:
matchLabels:
app: jenkins2
template:
metadata:
labels:
app: jenkins2
spec:
terminationGracePeriodSeconds: 10
serviceAccount: jenkins2
containers:
- image: registry.cn-chengdu.aliyuncs.com/wangyunan_images_public/jenkins:lts
name: jenkins
imagePullPolicy: IfNotPresent
ports:
- name: web
containerPort: 8080
protocol: TCP
- name: agent
containerPort: 50000
protocol: TCP
livenessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
readinessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
env:
- name: LIMITS_MEMORY
valueFrom:
resourceFieldRef:
resource: limits.memory
divisor: 1Mi
- name: JAVA_OPTS
value: -Xmx$(LIMITS_MEMORY)m -XshowSettings:vm -Dhudson.slaves.NodeProvisioner.initialDelay=0 -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85 -Duser.timezone=Asia/Shanghai
volumeMounts:
- name: jenkinshome
subPath: jenkins2
mountPath: /var/jenkins_home
securityContext:
fsGroup: 1000
volumes:
- name: jenkinshome
persistentVolumeClaim:
claimName: opspvc
---
kind: Service
apiVersion: v1
metadata:
name: jenkins2
namespace: kube-ops
labels:
app: jenkins2
spec:
selector:
app: jenkins2
type: NodePort
ports:
- name: web
port: 8080
targetPort: web
nodePort: 30002
- name: agent
port: 50000
targetPort: agent
上面的yaml文件编写好后先不创建资源
2)vim pvc.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: opspv
spec:
capacity:
storage: 20Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Delete
nfs:
path: /nfs/data/jenkins
server: 192.168.29.104
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: opspvc
namespace: kube-ops
spec:
resources:
requests:
storage: 20Gi
accessModes:
- ReadWriteMany
创建:
kubectl create -f pvc.yaml
3)vim rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins2
namespace: kube-ops
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: jenkins2
rules:
- apiGroups: ["extensions", "apps"]
resources: ["deployments"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["services"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: jenkins2
namespace: kube-ops
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: jenkins2
subjects:
- kind: ServiceAccount
name: jenkins2
namespace: kube-ops
创建:
kubectl create -f rbac.yaml
4)创建Jenkins pod
kubectl create -f jenkins2.yaml
5)浏览器访问
master节点 + service端口
提示登录,根提示找到生成的登录密码,可以去pod里面找,也可以去NFS服务器上的数据目录找,我这里的生成密码的文件路径是:
jenkins2/secrets/initialAdminPassword
输入密码后,选择安装推荐的插件即可
我这里忘了截图了,我的界面是中文的,我找了张英文的放这儿
安装插件需要稍等一会儿
6)安装完成后添加管理员帐号即可进⼊到Jenkins主界⾯
下一步:
下一步:
完成: