0x00 前言简述
该镜像是Jenkins自定义jnlp容器模板,主要用于Jenkins工作节点容器化使用,以及Jenkins的Kubernetes集群中使用,以便动态生成工作节点,并在完成Job后自动销毁该Pod。
主要实现功能:
- 用户权限控制(sudo)
- ssh 远程连接
- git 代码版本控制
- docker 容器管理
- kubectl 集群管理
- Java 运行环境
- Maven 运行环境
- SonarQube 扫描环境
- Gitlab_release 上传环境
- 中文环境支持
- 时区更改配置
hub镜像: https://hub.docker.com/r/weiyigeek/alpine-jenkins-jnlp
镜像拉取: docker pull weiyigeek/alpine-jenkins-jnlp
镜像构建所需软件
备注: 在Jenkins 2.277版本中添加一个新的节点中获取匹配当前版本的 agent.jar, 或者是在 jenkins 官网 https://repo.jenkins-ci.org/public/org/jenkins-ci/main/remoting 进行下载;
~/k8s/jenkins/jnlp-slave$ ls
agent.jar build jdk-8u281-linux-x64.tar.gz Jenkins.zip release-cli-0.6.0-linux-amd64 sonar-scanner-cli-4.5.0.2216-linux.zip
apache-maven-3.6.3-bin.tar.gz glibc-2.32-r0.apk jenkins-agent.sh kubectl sgerrand.rsa.pub
Tips : 建议一定要看看容器中 jenkins-agent.sh (值得学习),它 容器启动时与jenkins
利用Java jnlp 进行连接的脚本;
0x01 使用自定义 alpine-jenkins-jnlp 镜像
描述:下面的测试环境是在 Jenkins 中 Kubernetes集群插件进行使用的,如果不会安装建议看我写的Jenkins入门到放弃系列教程。
https://www.bilibili.com/read/cv13512558 可点击目录,查看全部
…
https://www.bilibili.com/read/cv13726631 可点击目录,查看全部
废话不多说:
- Step 1.创建流水线
Kubernetes-jenkins-slave
Job 在流水线中采用Pipeline Script脚本
pipeline {
agent {
kubernetes {
cloud 'kubernetes'
namespace 'devops'
inheritFrom 'jenkins-slave'
workingDir '/home/jenkins/agent'
// yamlFile 'KubernetesPod.yaml'
yaml """\
apiVersion:
kind: Pod
metadata:
labels:
jenkins: "slave"
jenkins/label: 'k8s-slave'
spec:
containers:
- name: 'jnlp'
image: 'weiyigeek/alpine-jenkins-jnlp:v2.285'
imagePullPolicy: 'IfNotPresent' # 镜像拉取策略
command: ["/bin/sh","-c","/usr/local/bin/jenkins-agent.sh && cat"] # 重点测试的时候(心酸累)希望读者体验一哈
tty: true
volumeMounts:
- mountPath: "/home/jenkins/.m2"
name: "volume-0"
- mountPath: "/var/run/docker.sock"
name: "volume-1"
""".stripIndent()
}
}
stages {
stage ('declarative Pipeline - kubernetes') {
steps {
echo "declarative Pipeline - kubernetes"
sh "mvn -version"
sh "release-cli -v"
sh "sonar-scanner -v"
sh "kubectl version"
sh "docker --version && sudo docker ps"
}
}
}
}
- Step 2.配置
Pod Templates
模板如下因为我们需要继承一哈
名称:jenkins-slave
命名空间: devops
标签列表: k8s-slave
添加主机卷:
- 主机: /nfsdisk-31/appstorage/mavenRepo
- Pod 挂载路径: /home/jenkins/.m2
- 主机: /var/run/docker.sock
- Pod 挂载路径: /var/run/docker.sock
- Step 3.在BlueOcen中运行并查看结果
# (1) 可以看见当进行调度时k8s会动态的拉取镜像并运行,当任务结束后会自动销毁Pod
kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5 0/1 Pending 0 0s
kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5 0/1 Pending 0 0s
kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5 0/1 ContainerCreating 0 0s
kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5 1/1 Running 0 3s
kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5 1/1 Terminating 0 13s
kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5 0/1 Terminating 0 45s
kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5 0/1 Terminating 0 46s
kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5 0/1 Terminating 0 46s
# (2) 动态创建的slave启动的Pod脚本
---
kind: "Pod"
metadata:
annotations:
buildUrl: "http://jenkins.devops.svc.cluster.local:8080/job/Kubernetes-jenkins-slave/63/"
runUrl: "job/Kubernetes-jenkins-slave/63/"
labels:
jenkins: "slave"
jenkins/label: "Kubernetes-jenkins-slave_63-01h9j"
jenkins/label-digest: "0fe6224168b9ce0350e7db8678c10953c2e6f533"
name: "kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5"
spec:
containers:
- command:
- "/bin/sh"
- "-c"
- "/usr/local/bin/jenkins-agent.sh && cat"
env:
- name: "JENKINS_SECRET"
value: "********"
- name: "JENKINS_AGENT_NAME"
value: "kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5"
- name: "JENKINS_NAME"
value: "kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5"
- name: "JENKINS_AGENT_WORKDIR"
value: "/home/jenkins/agent"
- name: "JENKINS_URL"
value: "http://jenkins.devops.svc.cluster.local:8080/"
image: "weiyigeek/alpine-jenkins-jnlp:v2.285"
imagePullPolicy: "IfNotPresent"
name: "jnlp"
resources:
limits: {}
requests:
memory: "256Mi"
cpu: "100m"
tty: true
volumeMounts:
- mountPath: "/home/jenkins/.m2"
name: "volume-0"
- mountPath: "/var/run/docker.sock"
name: "volume-1"
- mountPath: "/home/jenkins/agent"
name: "workspace-volume"
readOnly: false
hostNetwork: false
nodeSelector:
kubernetes.io/os: "linux"
restartPolicy: "Never"
volumes:
- hostPath:
path: "/nfsdisk-31/appstorage/mavenRepo"
name: "volume-0"
- hostPath:
path: "/var/run/docker.sock"
name: "volume-1"
- emptyDir:
medium: ""
name: "workspace-volume"
# Running on kubernetes-jenkins-slave-63-01h9j-txdgn-cdwb5 in /home/jenkins/agent/workspace/Kubernetes-jenkins-slave
# 脚本反馈
declarative Pipeline - kubernetes
+ mvn -version
Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f)
Maven home: /usr/local/maven
Java version: 1.8.0_281, vendor: Oracle Corporation, runtime: /usr/local/jdk8/jre
Default locale: en_US, platform encoding: ANSI_X3.4-1968
OS name: "linux", version: "5.4.0-42-generic", arch: "amd64", family: "unix"
+ release-cli -v
version 0.6.0
+ sonar-scanner -v
INFO: Scanner configuration file: /usr/local/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarScanner 4.5.0.2216
INFO: Java 1.8.0_281 Oracle Corporation (64-bit)
INFO: Linux 5.4.0-42-generic amd64
+ kubectl version
Client Version: version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.6", GitCommit:"fbf646b339dc52336b55d8ec85c181981b86331a", GitTreeState:"clean", BuildDate:"2020-12-18T12:09:30Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.6", GitCommit:"fbf646b339dc52336b55d8ec85c181981b86331a", GitTreeState:"clean", BuildDate:"2020-12-18T12:01:36Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}
+ docker --version
Docker version 20.10.3, build 48d30b5b32e99c932b4ea3edca74353feddd83ff
+ sudo docker ps # 非常注意权限
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bd9948326a78 weiyigeek/alpine-jenkins-jnlp:v2.285 "/bin/sh -c '/usr/lo…" 39 seconds ago Up 32 seconds k8s_jnlp_kubernetes-jenkins-slave-68-91jbw-svtg2-3vq9b_devops_6d4bc0d2-b34f-46fc-9c9d-65537cb2bff8_0
84538d2017c2 registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2 "/pause" About a minute ago Up 58 seconds k8s_POD_kubernetes-jenkins-slave-68-91jbw-svtg2-3vq9b_devops_6d4bc0d2-b34f-46fc-9c9d-65537cb2bff8_0
Finished: SUCCESS
0x02 企业实践 Jenkins 流线脚本 (Pipeline Script)
镜像的Dockerfile构建文件请访问获取: https://mp.weixin.qq.com/s/FWmQNinsYZwyeL3c-6x6tw
如需企业实践 Jenkins 流线脚本和上述相关脚本及文件的朋友请访问 https://weiyigeek.top/wechat.html?key=alpine-jenkins-jnlp
或者在WeiyiGeek
微信公众号回复alpine-jenkins-jnlp
关键字获取,返回作者当前在企业实践使用的 Jenkins Pipeline Script。