如果对您有帮助,请理性打赏院长!
准备nfs存储
代码语言:javascript复制这是我已经做好的nfs存储目录
cd /data/nfsData/
创建jenkins存储目录
mkdir jenkins
修改nfs配置
vim /etc/exports
加上如下内容保存
/data/nfsData/jenkins *(rw,no_root_squash,no_all_squash,sync)
重启nfs服务
systemctl restart nfs rpcbind
需要修改下目录权限
因为当映射本地数据卷时,/data/nfsData/jenkins目录的拥有者为root用户,而容器中jenkins user的uid为1000
chmod 777 jenkins/
chown -R 1000:1000 jenkins在Master一台节点上操作
创建存储jenkins资源清单目录
代码语言:javascript复制mkdir /root/jenkins创建命名空间资源清单
vim 01-jenkins-ns.yaml
代码语言:javascript复制apiVersion: v1
kind: Namespace
metadata:
name: jenkins-k8s创建Jenkins pv资源清单
vim 02-jenkins-pv.yaml
代码语言:javascript复制apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-k8s-pv
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
nfs:
server: nfs.myit.icu
path: /data/nfsData/jenkins创建Jenkins pvc资源清单
vim 03-jenkins-pvc.yaml
代码语言:javascript复制kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: jenkins-k8s-pvc
namespace: jenkins-k8s
spec:
resources:
requests:
storage: 10Gi
accessModes:
- ReadWriteMany创建Jenkins sa资源清单
vim 04-jenkins-account.yaml
代码语言:javascript复制apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins-k8s-sa
namespace: jenkins-k8s创建Jenkins授权规则
vim 05-jenkins-cluster-role-binding.yaml
代码语言:javascript复制apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: jenkins-k8s-sa-cluster
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: jenkins-k8s-sa
namespace: jenkins-k8s创建Jenkins资源
vim 06-jenkins-deployment.yaml ### 如果出现问题,可以把探测关掉---待测试
代码语言:javascript复制apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: jenkins-k8s
spec:
replicas:
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
serviceAccount: jenkins-k8s-sa
containers:
- name: jenkins
image: jenkins/jenkins:lts
imagePullPolicy: IfNotPresent
ports:
- containerPort:
name: web
protocol: TCP
- containerPort:
name: agent
protocol: TCP
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 500m
memory: 512Mi
livenessProbe:
httpGet:
path: /login
port:
initialDelaySeconds:
timeoutSeconds:
failureThreshold:
readinessProbe:
httpGet:
path: /login
port:
initialDelaySeconds:
timeoutSeconds:
failureThreshold:
volumeMounts:
- name: jenkins-volume
subPath: jenkins-home
mountPath: /var/jenkins_home
volumes:
- name: jenkins-volume
persistentVolumeClaim:
claimName: jenkins-k8s-pvc创建Jenkins服务资源清单
vim 07-jenkins-service.yaml
代码语言:javascript复制apiVersion: v1
kind: Service
metadata:
name: jenkins-service
namespace: jenkins-k8s
labels:
app: jenkins
spec:
selector:
app: jenkins
type: NodePort
ports:
- name: web
port:
targetPort: web
nodePort:
- name: agent
port:
targetPort: agent挨个创建资源
代码语言:javascript复制kubectl create -f 01-jenkins-ns.yaml
kubectl create -f 02-jenkins-pv.yaml
kubectl create -f 03-jenkins-pvc.yaml
kubectl create -f 04-jenkins-account.yaml
kubectl create -f 05-jenkins-cluster-role-binding.yaml
kubectl create -f 06-jenkins-deployment.yaml
kubectl create -f 07-jenkins-service.yaml查看各资源状态
代码语言:javascript复制kubectl get pods,svc -n jenkins-k8s获取 Jenkins 生成的 Token
代码语言:javascript复制kubectl logs $(kubectl get pods -n jenkins-k8s | awk '{print $1}' | grep jenkins) -n jenkins-k8s
会出现以下内容:
*************************************************************
*************************************************************
*************************************************************
Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation:
e989cb4f27a942948fb6163674ef512d
This may also be found at: /var/jenkins_home/secrets/initialAdminPassword
*************************************************************
*************************************************************
*************************************************************也可以通过该命令进行获取
代码语言:javascript复制kubectl exec -n jenkins-k8s $(kubectl get pods -n jenkins-k8s | awk '{print $1}' | grep jenkins) -it -- cat /var/jenkins_home/secrets/initialAdminPassword也可以在nfs存储服务器上进行获取
代码语言:javascript复制密码在nfs自己映射的路径下
cat /data/nfsData/jenkins/jenkins-home/secrets/initialAdminPassword安装kubernetes相关插件: Kubernetes CLI Plugin Kubernetes Client API Plugin Kubernetes Credentials Plugin Kubernetes plugin
