溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點擊 登錄注冊 即表示同意《億速云用戶服務條款》

Kubernetes安裝配置Jenkins

發(fā)布時間:2020-05-30 12:55:29 來源:億速云 閱讀:429 作者:鴿子 欄目:系統(tǒng)運維

一、Jenkins安裝準備條件

#在運維主機操作:
1.準備鏡像
~]# docker pull jenkins/jenkins:2.190.3
~]# docker images | grep jenkins
~]# docker tag 22b8b9a84dbe test-harbor.cedarhd.com/public/jenkins:v2.190.3
~]# docker push test-harbor.cedarhd.com/public/jenkins:v2.190.3

2.自定義Dockerfile
#官網(wǎng)拉取的鏡像需要做些自定義操作,才能在k8s集群中部署(運維主機上運行)
mkdir -p /data/dockerfile/jenkins
cd /data/dockerfile/jenkins
vim Dockerfile
FROM test-harbor.cedarhd.com/public/jenkins:v2.190.3
USER root
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\ 
    echo 'Asia/Shanghai' >/etc/timezone
ADD id_rsa /root/.ssh/id_rsa
ADD config.json /root/.docker/config.json
ADD get-docker.sh /get-docker.sh
RUN echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config &&\
    /get-docker.sh

#解釋:
> - 設置容器用戶為root
> - 設置容器內(nèi)的時區(qū)
> - 將ssh私鑰加入(使用git拉代碼時要用到,配對的公鑰應配置在gitlab中)
> - 加入了登錄自建harbor倉庫的config文件
> - 修改了ssh客戶端的
> - 安裝一個docker的客戶端
> - 如果因為網(wǎng)絡原因構(gòu)建失敗,可以在最后“ /get-docker.sh --mirror Aliyun”

3.生成ssh密鑰對
jenkins]# ssh-keygen -t rsa -b 2048 -C "xxxxxxx@qq.com" -N "" -f /root/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:bIajghsF/BqJouTeNvZXvQWvolAKWvhVSuZ3uVWoVXU 897307140@qq.com
The key's randomart image is:
+---[RSA 2048]----+
|             ...E|
|.           o   .|
|..   o .   o .   |
|..+ + oo  +..    |
|o=.+ +ooS+..o    |
|=o* o.++..o. o   |
|++...o  ..  +    |
|.o.=  .. . o     |
|..o.o.... .      |
+----[SHA256]-----+
enkins]# cp /root/.ssh/id_rsa .

4.準備其它文件
jenkins]# cp /root/.docker/config.json .
jenkins]# curl -fsSL get.docker.com -o get-docker.sh
jenkins]# chmod +x get-docker.sh 
jenkins]# ll
total 28
-rw------- 1 root root   160 Jan 28 23:41 config.json
-rw-r--r-- 1 root root   355 Jan 28 23:38 Dockerfile
-rwxr-xr-x 1 root root 13216 Jan 28 23:42 get-docker.sh
-rw------- 1 root root  1675 Jan 28 23:38 id_rsa

5、登陸harbor創(chuàng)建infra私有倉庫
創(chuàng)建infra的project,access level 為Private

6、生成jenkins鏡像
jenkins]# docker build -t harbor.phc-dow.com/infra/jenkins:v2.190.3 .
jenkins]# docker push test-harbor.cedarhd.com/infra/jenkins:v2.190.3

7、準備共享存儲
yum install nfs-utils -y
~]# vim /etc/exports
/data/nfs-volume 10.4.7.0/24(rw,no_root_squash)
###啟動NFS服務
~]# mkdir -p /data/nfs-volume
~]# systemctl start nfs
~]# systemctl enable nfs

二、Jenkins安裝所需資源配置清單

mkdir /data/k8s-yaml/jenkins && mkdir -p /data/nfs-volume/jenkins_home && cd /data/k8s-yaml/jenkins

~]# vi dp.yaml        #用于創(chuàng)建配置pod控制器與pod資源
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: jenkins
  namespace: infra
  labels: 
    name: jenkins
spec:
  replicas: 1
  selector:
    matchLabels: 
      name: jenkins
  template:
    metadata:
      labels: 
        app: jenkins 
        name: jenkins
    spec:
      volumes:
      - name: data
        nfs: 
          server: test-operator.cedarhd.com
          path: /data/nfs-volume/jenkins_home
      - name: docker
        hostPath: 
          path: /run/docker.sock
          type: ''
      containers:
      - name: jenkins
        image: test-harbor.cedarhd.com/infra/jenkins:v2.190.3
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 8080
          protocol: TCP
        env:
        - name: JAVA_OPTS
          value: -Xmx512m -Xms512m
        volumeMounts:
        - name: data
          mountPath: /var/jenkins_home
        - name: docker
          mountPath: /run/docker.sock
      imagePullSecrets:
      - name: harbor
      securityContext: 
        runAsUser: 0
  strategy:
    type: RollingUpdate
    rollingUpdate: 
      maxUnavailable: 1
      maxSurge: 1
  revisionHistoryLimit: 7
  progressDeadlineSeconds: 600

-----------------------------------------------------------------------------------------------

~]# vim service.yaml       #用于創(chuàng)建cluster ip與端口映射
kind: Service
apiVersion: v1
metadata: 
  name: jenkins
  namespace: infra
spec:
  ports:
  - protocol: TCP
    port: 80
    targetPort: 8080
  selector:
    app: jenkins

jenkins]# cat ingress.yaml                 #用于創(chuàng)建ingress轉(zhuǎn)發(fā)規(guī)則
kind: Ingress
apiVersion: extensions/v1beta1
metadata: 
  name: jenkins
  namespace: infra
spec:
  rules:
  - host: test-jenkins.cedarhd.com
    http:
      paths:
      - path: /
        backend: 
          serviceName: jenkins
          servicePort: 80
-----------------------------------------------------------------------------------------------

三、在其中一個運算節(jié)點上創(chuàng)建資源

 kubectl apply -f http://k8s-yaml.cedarhd.com/jenkins/dp.yaml
 kubectl apply -f http://k8s-yaml.cedarhd.com/jenkins/service.yaml
 kubectl apply -f http://k8s-yaml.cedarhd.com/jenkins/ingress.yaml
向AI問一下細節(jié)

免責聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進行舉報,并提供相關(guān)證據(jù),一經(jīng)查實,將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI