如何用 Helm 管理 Jenkins,看这篇就够了

2021-03-15 10:23:28 浏览数 (1)

Helm3 简介

Helm 创建于2015年,同年加入CNCF,2020年毕业。

Helm 是为 kubernetes 提供的包管理工具。包指的是 helm charts,charts 是预先配置的 kubernetes 资源对象集合,类似于 linux 上的 rpm 包。

使用 Helm 可以管理 kubernetes 资源对象、应用的配置管理及发布更新等。

helm chart 可以托管在统一制品仓库,开源工具的如 nexus、harbor。

使用 Helm-Chart 部署 Jenkins

从结构中我们看到有不同级别的文件夹,以及一些yaml文件。

  • charts:用于存放其他依赖和关联的chart。例如应用依赖数据库的chart。
  • Chart.yaml:存储一些元数据,例如chart的信息,描述等等
  • templates文件夹:是所有资源的位置,我们可以看到很多kubernetes的资源文件都在这里存放。
  • 其中的_helpers.tpl,用于存储模板片段,可以在文件中直接使用template函数调用。
  • value.yaml:存储该chart的默认值,实际安装时可以对默认值进行覆盖。
  • NOTES.txt:相当于你运行helm install的时候给用户输出的提示

Helm部署Jenkins

1、Jenkins 官方 helm-charts https://github.com/jenkinsci/configuration-as-code-plugin.git

2、数据持久化配置 由于jenkins helm-charts默认使用hostPath方式持久化数据,uninstall或容器集群爆炸后可能造成数据丢失,故使用本地存储目录进行数据持久化(个人环境,无nfs等其他网络存储或持久化存储设备)。

2.1、创建pv

代码语言:javascript复制
apiVersion: v1
kind: PersistentVolume
metadata:
  name: jenkins-pv-local
spec:
  capacity:
    storage: 10Gi
  volumeMode: Filesystem
  accessModes:
  - ReadWriteOnce
  persistentVolumeReclaimPolicy: Delete
  storageClassName: local-storage
  local:
    path: /Users/zhang/data/jenkins  # ydzs-node1节点上的目录
  nodeAffinity:
    required:
      nodeSelectorTerms:
      - matchExpressions:
        - key: kubernetes.io/hostname
          operator: In
          values:
          - docker-desktop

2.2、创建pvc

代码语言:javascript复制
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: jenkins-pvc-local
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi
  storageClassName: local-storage

2.3、创建后验证

代码语言:javascript复制
zhangdeMacBook-Pro:charts zhang$ kubectl get pv,pvc -n default
NAME                                CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                       STORAGECLASS    REASON   AGE
persistentvolume/jenkins-pv-local   10Gi       RWO            Delete           Bound    default/jenkins-pvc-local   local-storage            3h48m

NAME                                      STATUS   VOLUME             CAPACITY   ACCESS MODES   STORAGECLASS    AGE
persistentvolumeclaim/jenkins-pvc-local   Bound    jenkins-pv-local   10Gi       RWO            local-storage   3h46m

3、执行部署

代码语言:javascript复制
git clone https://github.com/jenkinsci/helm-charts.gitcd ${helm-charts}helm install jenkins jenkins# return infoNAME: jenkins
LAST DEPLOYED: Tue Feb  2 21:21:28 2021NAMESPACE: default
STATUS: deployed
REVISION: 1NOTES:1. Get your 'admin' user password by running:
  kubectl exec --namespace default -it svc/jenkins -c jenkins -- /bin/cat /run/secrets/chart-admin-password && echo2. Get the Jenkins URL to visit by running these commands in the same shell:  echo http://127.0.0.1:8080
  kubectl --namespace default port-forward svc/jenkins 8080:80803. Login with the password from step 1 and the username: admin4. Configure security realm and authorization strategy5. Use Jenkins Configuration as Code by specifying configScripts in your values.yaml file, see documentation: http:///configuration-as-code and examples: https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos

For more information on running Jenkins on Kubernetes, visit:
https://cloud.google.com/solutions/jenkins-on-container-engine

For more information about Jenkins Configuration as Code, visit:
https://jenkins.io/projects/jcasc/

NOTE: Consider using a custom image with pre-installed plugins

zhang@zhangdeMacBook-Pro local-helmChartCenter % helm list
NAME    NAMESPACE   REVISION    UPDATED                                 STATUS      CHART           APP VERSION
jenkins default     1           2021-02-02 21:21:28.681602  0800 CST    deployed    jenkins-3.1.8   2.263.3    zhang@zhangdeMacBook-Pro local-helmChartCenter % kubectl get all  -n default
NAME             READY   STATUS    RESTARTS   AGE
pod/jenkins-0    2/2     Running   6          2d12h

NAME                     TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)     AGE
service/jenkins          ClusterIP   10.109.107.40    <none>        8080/TCP    2d12h
service/jenkins-agent    ClusterIP   10.103.205.142   <none>        50000/TCP   2d12h
service/kubernetes       ClusterIP   10.96.0.1        <none>        443/TCP     6d23h

NAME                       READY   AGE
statefulset.apps/jenkins   1/1     2d12h

4、映射端口到宿主机端口

代码语言:javascript复制
1. Get your 'admin' user password by running:
  kubectl exec --namespace default -it svc/jenkins -c jenkins -- /bin/cat /run/secrets/chart-admin-password && echo2. Get the Jenkins URL to visit by running these commands in the same shell:  echo http://127.0.0.1:8080
  kubectl --namespace default port-forward svc/jenkins 8080:8080

5、访问 web 进行验证

JCasC 管理 Jenkins 配置

JCasC 全称 Configuration as Code

  1. Plugins
代码语言:javascript复制
 plugins:
        required:
        - kubernetes:1.27.6
        - workflow-aggregator:2.6
        - git:4.5.2
        - configuration-as-code:1.46

2.Tools Installations

代码语言:javascript复制
tool:
  git:
    installations:
    - home: "git"
      name: "Default"

3.Tools Integration

代码语言:javascript复制
unclassified:
  buildDiscarders:
    configuredBuildDiscarders:
    - "jobBuildDiscarder"
  fingerprints:
    fingerprintCleanupDisabled: false
    storage: "file"
  gitSCM:
    addGitTagAction: false
    allowSecondFetch: false
    createAccountBasedOnEmail: false
    disableGitToolChooser: false
    hideCredentials: false
    showEntireCommitSummaryInChanges: false
    useExistingAccountWithSameEmail: false
  junitTestResultStorage:
    storage: "file"
  location:
    adminAddress: "address not configured yet <nobody@nowhere>"
    url: "http://jenkins:8080/"
  mailer:
    charset: "UTF-8"
    useSsl: false
    useTls: false
  pollSCM:
    pollingThreadCount: 10
  sonarGlobalConfiguration:
    buildWrapperEnabled: false
作者简介:
张富贵,高效运维社区 DevOps 资深专家。参与过金融、物流及保险行业的 DevOps 平台和体系建设工作。GOPS 2021 深圳站,5月21-22日,深圳见~
报名通道 :
jenkins kubernetes 编程算法 存储

0 人点赞