Shulou(Shulou.com)06/02 Report--

Install jenkins

1. Create a namespace

$kubectl create namespace kube-ops

2. Create a pvc for jenkins (you can also use storage classes to create it)

ApiVersion: v1kind: PersistentVolumemetadata: name: opspvspec: capacity: storage: 2Gi accessModes:-ReadWriteMany persistentVolumeReclaimPolicy: Delete nfs: server: 192.168.1.244 path: / data/k8s---kind: PersistentVolumeClaimapiVersion: v1metadata: name: opspvc namespace: kube-opsspec: accessModes:-ReadWriteMany resources: requests: storage: 2Gi

3. Rbac permissions required to create jenkins

ApiVersion: v1kind: ServiceAccountmetadata: name: jenkins2 namespace: kube-ops---kind: ClusterRoleapiVersion: rbac.authorization.k8s.io/v1beta1metadata: name:-apiGroups: ["extensions", "apps"] resources: ["deployments"] verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]-apiGroups: [""] resources: ["services"] verbs: ["create" "delete", "get", "list", "watch", "patch", "update"]-apiGroups: [""] resources: ["pods"] verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]-apiGroups: [""] resources: ["pods/exec"] verbs: ["create", "delete", "get", "list", "patch" "update", "watch"]-apiGroups: [""] resources: ["pods/log"] verbs: ["get", "list" "watch"]-apiGroups: ["] resources: [" secrets "] verbs: [" get "]-apiVersion: rbac.authorization.k8s.io/v1beta1kind: ClusterRoleBindingmetadata: name: jenkins2 namespace: kube-opsroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: jenkins2subjects:-kind: ServiceAccount name: jenkins2 namespace: kube-ops

You can also bind a system's existing cluster-admin cluster role permissions for ServiceAccoun

4. Create jenkins pod

$docker pull docker.io/jenkins/jenkins:lts

$docker pull cnych/jenkins:jnlp6

-apiVersion: extensions/v1beta1kind: Deploymentmetadata: name: jenkins2 namespace: kube-opsspec: template: metadata: labels: app: jenkins2 spec: terminationGracePeriodSeconds: 10 serviceAccount: jenkins2 containers:-name: jenkins image: docker.io/jenkins/jenkins:lts imagePullPolicy: IfNotPresent ports:-containerPort: 8080 name: web protocol: TCP-containerPort: 50000 Name: agent protocol: TCP resources: limits: cpu: 1000m memory: 1Gi requests: cpu: 500m memory: 512Mi livenessProbe: httpGet: path: / login port: 8080 initialDelaySeconds: 60 timeoutSeconds: 5 failureThreshold: 12 ReadinessProbe: httpGet: path: / login port: 8080 initialDelaySeconds: 60 timeoutSeconds: 5 failureThreshold: 12 volumeMounts:-name: jenkinshome subPath: jenkins2 mountPath: / var/jenkins_home env:-name: LIMITS_MEMORY valueFrom: resourceFieldRef: resource : limits.memory divisor: 1Mi-name: JAVA_OPTS value:-Xmx$ (LIMITS_MEMORY) m-XshowSettings:vm-Dhudson.slaves.NodeProvisioner.initialDelay=0-Dhudson.slaves.NodeProvisioner.MARGIN=50-Dhudson.slaves.NodeProvisioner.MARGIN0=0.85-Duser.timezone=Asia/Shanghai securityContext: fsGroup: 1000 volumes:-name: jenkinshome persistentVolumeClaim: claimName: opspvc---apiVersion: v1kind: Servicemetadata : name: jenkins2 namespace: kube-ops labels: app: jenkins2spec: selector: app: jenkins2 type: NodePort ports:-name: web port: 8080 targetPort: web nodePort: 30003-name: agent port: 50000 targetPort: agent

$kubectl apply-f jenkins2.yaml

$kubectl get pod-n kube-ops

Jenkins2-76644dbc9b-llcsp 0ram 1 Running 0 # does not start properly

$kubectl describe pod jenkins2-76644dbc9b-llcsp-n kube-ops

$kubectl logs-f jenkins2-76644dbc9b-llcsp-n kube-ops

5. Modify the permissions of the jenkins persistent directory on the nfs server and recreate the jenkins pod

$chown-R 1000 / data/k8s/jenkins2 # on 192.168.1.244

$kubectl delete-f jenkins2.yaml

$kubectl apply-f jenkins2.yaml

$kubectl get pod-n kube-ops

Jenkins2-76644dbc9b-llcsp 1max 1 Running 0

Why 1000?

What is defined in the Dockerfile file of the above image is user=jenkins group=jenkins uid=1000 gid=1000

Address of the Dockerfile file:

Https://github.com/jenkinsci/docker/blob/master/Dockerfile

ARG user=jenkins

ARG group=jenkins

ARG uid=1000

ARG gid=1000

ARG http_port=8080

ARG agent_port=50000

ARG JENKINS_HOME=/var/jenkins_home

$kubectl get svc-n kube-ops

Jenkins2 NodePort 10.105.121.176 8080:30003/TCP,50000:30936/TCP

Http://192.168.1.243:30003

The initial password is on the nfs server

$cat / data/k8s/jenkins2/secrets/initialAdminPassword

Create a kubernetes cloud on jenkins

Enkins Master and Jenkins Slave run on the Node of the Kubernetes cluster as Pod, Master runs on one of the nodes, and its configuration data is stored on a Volume, Slave runs on each node, and it is not always running, it will be dynamically created and automatically deleted according to the requirements

The workflow in this way is roughly as follows: when Jenkins Master receives a Build request, a Jenkins Slave running in Pod is dynamically created and registered on Master according to the configured Label. After running Job, the Slave is logged out and the Pod is automatically deleted and restored to the original state.

1. Install the plug-in

To install kubernetes plugin, click Manage Jenkins-> Manage Plugins-> Available-> Kubernetes plugin

2. Add kubernetes cloud

Click Manage Jenkins-> Configure System-> (drag to the bottom) Add a new cloud-> Select Kubernetes, and then fill in the Kubernetes and Jenkins configuration information-connection test

Name:kubernetes

Kubernetes address: https://kubernetes.default.svc.cluster.local

Kubernetes Namespace: kube-ops

Jenkins address: http://jenkins2.kube-ops.svc.cluster.local:8080 (jenkins2 is svc)

3. Add pod template

Add pod template-Kubernetes Pod Template

Name: jnlp

Namespace: kube-ops

Tag list: dongyali-jnlp

4. Add a container template

Add container-Container Template

Name: jnlp

Docker image: cnych/jenkins:jnlp6 (the name of the image with Jenkins version below 2.176.x is removed from 6)

Working directory: / home/jenkins/agent

Command that runs: clear

Command parameters: clear

5. Add two volumes

Add Volume-Host Path Volume

Host path: / var/run/docker.sock

Mount path: / var/run/docker.sock

Host path: / root/.kube

Mount path: / root/.kube

6. You may need to configure ServiceAccount

$kubectl get sa-n kube-ops

Jenkins2 1 14h

Click the Advanced-Service Account----jenkins2 under add Volume

7. Dynamically generate jenkins slave by testing Kubernetes with shell

New task-name-free style

General-check the running node of the restricted project-tag expression: dongyali-jnlp

Build-execute shell---- input as follows-Save build now

Echo "Test Kubernetes dynamic generation jenkins slave" echo "= docker in docker=" docker infoecho "= kubectl=" kubectl get pods

Observe the changes of Pod in the Kubernetes cluster:

$kubectl get pod-n kube-ops

Jenkins2-76644dbc9b-llcsp 1 76644dbc9b-llcsp 1 Running 0 3h59m

Jnlp-tl1km 1/1 Running 0 44s

When the task is finished, the jnlp slave pod will disappear automatically.

8. Dynamically generate jenkins slave by testing Kubernetes with pipeline

New task-name-pipeline

Enter the following in the pipeline script-save build now

Node ('dongyali-jnlp') {stage (' Clone') {echo "1.Clone Stage"} stage ('Test') {echo "2.Test Stage"} stage (' Build') {echo "3.Build Stage"} stage ('Deploy') {echo "4. Deploy Stage"}}

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.