一、基础环境
1.1、NFS准备
在192.168.2.104上运行
1
2
3
4
| sudo mkdir -p /data/nfs/jenkins
sudo chown -R 1000:1000 /data/nfs/jenkins
echo "/data/nfs/jenkins *(rw,sync,no_subtree_check,no_root_squash)" | sudo tee -a /etc/exports
sudo exportfs -ra
|
1.2、准备镜像
在192.168.2.104上运行
1
2
3
| docker pull jenkins/jenkins:lts
docker tag jenkins/jenkins:lts 192.168.2.104/library/jenkins:lts
docker push 192.168.2.104/library/jenkins:lts
|
二、部署Jenkins
2.1、创建NameSpace
在headlamp的Namespaces界面点击+输入devops,再点击create
2.2、创建PV
创建一个jenkins-pv的pv,将下列yaml填入并创建
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-pv
spec:
capacity:
storage: 20Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
# 关键点:回收策略建议设为 Retain,防止误删配置导致数据丢失
persistentVolumeReclaimPolicy: Retain
nfs:
server: 192.168.2.104
path: /data/nfs/jenkins
|
状态为:Available
2.3、创建PVC
将该yaml填入创建一个pvc
1
2
3
4
5
6
7
8
9
10
11
12
13
| apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-pvc
namespace: devops
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
# 强制绑定到咱们刚才建的那个 PV 上
volumeName: jenkins-pv
|
检查pv和pvc的状态都改为Bound
2.4、创建服务账号并分配权限
在headlamp的ServiceAccount输入如下YAML并创建
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| ---
# 创建服务账号
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins-admin
namespace: devops
---
# 将该账号绑定到集群管理员权限
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: jenkins-admin-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: jenkins-admin
namespace: devops
|
查看状态正常
2.5、部署Deployment
将下列yaml填入Service中,进行创建
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
| ---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: devops
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
serviceAccountName: jenkins-admin # 使用上面那个有权力的账号
containers:
- name: jenkins
image: 192.168.2.104/library/jenkins:lts
ports:
- containerPort: 8080
name: web
- containerPort: 50000
name: agent # 用于 Jenkins 代理节点连接
resources:
limits:
memory: "2Gi"
cpu: "1000m"
requests:
memory: "512Mi"
cpu: "500m"
volumeMounts:
- name: jenkins-data
mountPath: /var/jenkins_home
volumes:
- name: jenkins-data
persistentVolumeClaim:
claimName: jenkins-pvc
|
查看状态
2.6、创建Service
将下列yaml填入Service并创建
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| apiVersion: v1
kind: Service
metadata:
name: jenkins
namespace: devops
spec:
selector:
app: jenkins
ports:
- name: web
port: 8080
targetPort: 8080
- name: agent
port: 50000
targetPort: 50000
|
2.7、配置Ingress
在Ingress中输入如下yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jenkins-ingress
namespace: devops
spec:
ingressClassName: nginx
rules:
- host: jenkins.xxx.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jenkins
port:
number: 8080
|
点击view YAML查看到映射到地址,并写入DNS
三、系统配置
进入系统后,会需要第一次的初始化密码
在192.168.2.104上执行
1
| sudo cat /data/nfs/jenkins/secrets/initialAdminPassword
|
拿到密码后,填入,选择安装推荐的插件即可
