jenkins安装和kubernetes插件简单配置
jenkins 安装
docker + docker-compose 安装略
docker-compose.yaml
version: '3'
services:
jenkins:
image: 'jenkins/jenkins:2.255'
container_name: jenkins
restart: always
user: root
ports:
- '80:8080'
- '50000:50000'
environment:
TZ: Asia/Shanghai
volumes:
- '/data/jenkins/jenkins_home:/var/jenkins_home'
启动
docker-compose up -d
加速安装插件
1、替换源地址
cp /data/jenkins/jenkins_home/hudson.model.UpdateCenter.xml /data/jenkins/jenkins_home/hudson.model.UpdateCenter.xml.bak
sed -i 's#updates.jenkins.io#mirrors.aliyun.com/jenkins/updates#g' /data/jenkins/jenkins_home/hudson.model.UpdateCenter.xml
2、重启jenkins
docker restart jenkins
3、浏览器打开jenkins到
cat /data/jenkins/jenkins_home/secrets/initialAdminPassword
4、替换下载源
到这个界面再执行下面操作:
cp /data/jenkins/jenkins_home/updates/default.json /data/jenkins/jenkins_home/updates/default.json.bak
sed -i 's#https://updates.jenkins.io/download#https://mirrors.aliyun.com/jenkins#g' /data/jenkins/jenkins_home/updates/default.json
sed -i 's#http://www.google.com#https://www.baidu.com#g' /data/jenkins/jenkins_home/updates/default.json
再点安装击推荐的插件
插件安装
搜索直接安装
k8s信息获取
从k8s config文件获取所须信息。
1、Kubernetes 地址
server:对应的就是地址
2、Kubernetes 服务证书 key
certificate-authority-data: 对应的值就是key证书
须要base64解码
先把值写入到tmp文件, 执行下面语句解码
cat tmp | base64 -d
# 结果
-----BEGIN CERTIFICATE-----
MIICyDCCAbCgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl
cm5ldGVzMB4XDTE5MDgxOTE2MDk1MloXDTI5MDgxNjE2MDk1MlowFTETMBEGA1UE
AxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMSb
D4rrCWvtMYsVqZ62I9mGodCIvJiVo6p+ajpVIoXXoDib8uVvdPGDSd2N1RMPWF+h
bRiuZNSZ27OLcd1RbcdJOKTyFYuzdeTYzrNXSfDavO9UafAPAwAKZLFb1616Sx64
jQ/nWVq6IB3UPfVuH3U0N0i7wrmQFcKc5HztLeLCDXIvqQmgB/ExFPi7EsJTumwW
2mQka2xvTpXbidYW/qVmWFr22a19Qp9VznHUIgbkB6Rx2Jp03g8GlOyn09CeIi8l
lStvT9+TseBuSDDgjCBwuSdutuuPu3RoxzyiVkzfLUH2Sy0eCuUS8mSHPrOHBkbG
7MLT9DLoRNZ+fMdU3b0CAwEAAaMjMCEwDgYDV222QH/BAQDAgKkMA8GA1UdEwEB
/wQFMAMBAf8wDQY22oZIhvcNAQELBQADggEBABnbW1fSOlMo+5asH32L39u69c0n
yDo4RpQ+6pJgWmWZKwVV+qxs0F8XyzryDr6iQRYAETDYaKM78qfN2IZNyxca2PrQ
ku0SgADeAhoVMPeA0Snn8RcnQjLjaMQraTul7irW8hLU1w5KTVceFbG6JA3PbVDq
uTGWwBwOh98i3Wod+bog3TBJFg2SHYN1PusHRagsXIrkPr+4DDMqWQQsYpuuesep
7eI2F1OT9U8dDx55qM7KD/AcF2NSCPZ6ITdGH/PAePkom3vG2JQrrBwXF2in4VW0
4PP/AloQkc67il0fqXxcB2PhnxRzLunpuFrPp1NcYX606zu6KZ9FMVy5ZjY=
-----END CERTIFICATE-----
3、凭据
我这里执行放在单独的jenkins命名空间
# 创建命名空间
kubectl create namespaces jenkins
# 创建sa-jenkins用户
kubectl create serviceaccount jenkins -n jenkins
# 绑定admin角色到sa-jenkins用户
kubectl create clusterrolebinding -n jenkins jenkins-cluster-admin --clusterrole='cluster-admin' --serviceaccount=jenkins:jenkins
# 查询token
kubectl get secrets -n jenkins -o jsonpath="{.items[?(@.metadata.annotations['kubernetes\.io/service-account\.name']=='jenkins')].data.token}" | base64 -d
配置
管理里面拉到最后面有个cloud
插件介绍地址有详细配置实例:https://plugins.jenkins.io/kubernetes
简单验证
简单脚本
podTemplate(label: 'jnlp-slave', cloud: 'kubernetes', containers: [
containerTemplate(name: 'maven', image: 'maven:3.3.9-jdk-8-alpine', ttyEnabled: true, command: 'cat'),
],
volumes: [
//persistentVolumeClaim(mountPath: '/root/.m2', claimName: 'maven-m2'),
//persistentVolumeClaim(mountPath: '/home/jenkins/agent/workspace', claimName: 'workspace'),
]
)
{
node("jnlp-slave"){
stage('Build'){
//git branch: 'master', url: 'http://root:qrGw1S_azFE3F77Rs7tA@gitlab.gemantic.com/java/$JOB_NAME.git'
container('maven') {
stage('Build a Maven project') {
//sh 'mvn clean package -U deploy'
sh 'echo maven'
}
}
}
stage('deploy'){
sh '''
env
sleep 300
'''
//sshPublisher(publishers: [sshPublisherDesc(configName: '76', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '/data/script/jenkins.sh $JOB_NAME', execTimeout: 120000000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '/data/kubernetes/service/$JOB_NAME', remoteDirectorySDF: false, removePrefix: 'target', sourceFiles: 'target/$JOB_NAME*.jar')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
}
}
}
pipeline解读:
1、podTemplate创建了一个pod模版。cloud字段指定了连接哪个kubernetes云,kubernetes就是刚才创建一个一个k8s,云的名字就是kubernetes。
2、persistentVolumeClaim定义了目录挂载,把maven构建的缓存目录.m2和构建产生的数据目录
3、下面的pipeline指定后面的操作在jnlp-slave中(也就是pod模版同时也是slave节点)