k8s安装Jenkins

目录

​编辑

一、环境准备

1.1 环境说明

二、安装nfs

2.1 安装NFS

2.2 创建NFS共享文件夹

2.3 配置共享文件夹

2.4 使配置生效

2.5 查看所有共享目录

 2.6 启动nfs

2.7 其他节点安装nfs-utils

三、创建PVC卷

3.1 创建namespace

3.2 创建nfs 客户端sa授权

3.3 创建nfs 客户端

3.4 创建StorageClass

3.5 创建PVC卷

四、创建Service

五、创建deployment

六、登录验证

6.1 登录

---

 

一、环境准备

1.1 环境说明

本文搭建MongoDB，基于WMware虚拟机，操作系统CentOS 8，且已经基于Kubeadm搭好了k8s集群，k8s节点信息如下：

服务器	IP地址
master	192.168.31.80
node1	192.168.31.8
node2	192.168.31.9

如需知道k8s集群搭建，可跳转我的文章《kubeadm部署k8s集群》查看。

二、安装nfs

2.1 安装NFS

我选择在 master 节点创建 NFS 存储，首先执行如下命令安装 NFS:

yum -y install  nfs-utils rpcbind

2.2 创建NFS共享文件夹

mkdir -p /var/nfs/jenkins/pv1

2.3 配置共享文件夹

vim  /etc/exports

/var/nfs/jenkins/pv1  *(rw,sync,no_root_squash)

2.4 使配置生效
 

exportfs -r

2.5 查看所有共享目录

exportfs -v

 2.6 启动nfs

systemctl start nfs-server
systemctl enabled nfs-server
systemctl start rpcbind
systemctl enabled rpcbind

2.7 其他节点安装nfs-utils

yum -y install nfs-utils

三、创建PVC卷

PVC是资源的申请，用来声明对存储空间、访问模式、存储类别需求信息。在创建PVC卷之前，需要创建NFS客户端、NFS 客户端sa授权和StoreClass存储类。

3.1 创建namespace

kubectl create ns jenkins

3.2 创建nfs 客户端sa授权

cat > jenkins-nfs-client-sa.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins-nfs-client
  namespace: jenkins
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: jenkins-nfs-client-runner
  namespace: jenkins
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get","list","watch","create","delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get","list","watch","create","delete"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get","list","watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["get","list","watch","create","update","patch"]
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["create","delete","get","list","watch","patch","update"]

---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: jenkins-run-nfs-provisioner
  namespace: jenkins
subjects:
  - kind: ServiceAccount
    name: jenkins-nfs-client
    namespace: jenkins
roleRef:
  kind: ClusterRole
  name:  jenkins-nfs-client-runner
  apiGroup: rbac.authorization.k8s.io

3.3 创建nfs 客户端

cat > jenkins-nfs-client.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name:  jenkins-nfs-client
  labels:
    app: jenkins-nfs-client
  # replace with namespace where provisioner is deployed
  namespace: jenkins
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: jenkins-nfs-client
  template:
    metadata:
      labels:
        app: jenkins-nfs-client
    spec:
      serviceAccountName: jenkins-nfs-client
      containers:
        - name: jenkins-nfs-client
          image: quay.io/external_storage/nfs-client-provisioner:latest
          volumeMounts:
            - name: jenkins-nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME   ## 这个名字必须与storegeclass里面的名字一致
              value:  my-jenkins-nfs
            - name: ENABLE_LEADER_ELECTION  ## 设置高可用允许选举，如果replicas参数等于1，可不用
              value: "True"
            - name: NFS_SERVER
              value: 192.168.31.80  #修改为自己的ip（部署nfs的机器ip）
            - name: NFS_PATH
              value: /var/nfs/jenkins     #修改为自己的nfs安装目录
      volumes:
        - name: jenkins-nfs-client-root
          nfs:
            server: 192.168.31.80 #修改为自己的ip（部署nfs的机器ip）
            path: /var/nfs/jenkins     #修改为自己的nfs安装目录

3.4 创建StorageClass

cat > jenkins-storeclass.yaml

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: jenkins-nfs-storage
  namespace: jenkins
provisioner: my-jenkins-nfs

3.5 创建PVC卷

cat > jenkins-pvc.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: jenkins-pvc
  namespace: jenkins
  labels:
    pvc: jenkins-pvc # 自定义
spec:
  storageClassName: jenkins-nfs-storage
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 20G

四、创建Service

cat > jenkins-service.yaml

apiVersion: v1
kind: Service
metadata:
  name: jenkins-service
  namespace: jenkins
  annotations:
      prometheus.io/scrape: 'true'    #这一段是官方文档带的，是用来让prometheus（普罗米修斯）来识别pod的，可暂时不用管他
      prometheus.io/path:   /
      prometheus.io/port:   '8080'
spec:
  selector:
    app: jenkins-server
  type: NodePort
  ports:
    - name: http
      port: 8080
      targetPort: 8080
      nodePort: 32000
    - name: agent
      port: 50000
      targetPort: 50000
      nodePort: 50000

提示：

如果50000端口没挂载上，需要修改kube-apiserver.yaml
 

vim /etc/kubernetes/manifests/kube-apiserver.yaml

- --service-node-port-range=3000-55000      #这行默认没有，自己给他加上，那端口范围我就不用解释了吧

五、创建deployment

cat > jenkins-deployment.yaml


apiVersion: apps/v1
kind: Deployment
metadata:
  name: jenkins
  namespace: jenkins
spec:
  replicas: 1
  selector:
    matchLabels:
      app: jenkins-server
  template:
    metadata:
      labels:
        app: jenkins-server
    spec:
      securityContext:
            fsGroup: 1000
            runAsUser: 1000
      serviceAccountName: jenkins-nfs-client
      containers:
        - name: jenkins
          image: jenkins/jenkins:2.369       #镜像这里用这个就行，版本是2.369，官方文档的镜像版本太低，好像是2.2版本的，不支持一些插件
          imagePullPolicy: IfNotPresent

          ports:
            - name: httpport
              containerPort: 8080
            - name: jnlpport
              containerPort: 50000

          volumeMounts:
            - name: jenkins-data
              mountPath: /var/jenkins_home   #这里为jenkins工作目录，挂载出来就好了，这样重启jenkins数据也不会丢失
      volumes:
        - name: jenkins-data
          persistentVolumeClaim:
              claimName:  jenkins-pvc
              readOnly: false

六、登录验证

6.1 登录

进入k8s页面，进入到jenkins的deploment服务工作页面，找到服务的ip

 然后浏览器输入访问地址：

Sign in [Jenkins]

 输出默认的admin登录，密码初始密码在安装jenkins的 /var/jenkins_home/secrets/initialAdminPassword

可以cat /var/jenkins_home/secrets/initialAdminPassword 打印出来，复制粘贴出来登录

登录之后，可以创建自己的账号和密码

 好了，今天的在k8s中部署jenkins就分享到这里！欢约大家点赞+收藏，有疑问也欢迎大家评论留言！