kubernetes中安装Jenkins实现ci/cd
微服务开发必不可少的就是k8s和docker了,有了这些以后你就会发现部署又是个问题,简直了。花了两天时间才完整的搭建一个Jenkins环境,因为避免复杂性,快速搭建ci的需求,本次只搭建Jenkins-master和并手动触发构建,去掉那些繁琐的NFS,证书生成啥的,本文绝对让你有感受(前提要了解k8s和docker仓库工做模式)。下面列下建立Jenkins用的文件:node
一、Jenkins镜像git
二、持久化存储卷docker
三、找个demoapi
四、编写Jenkins浏览器
==========================================================bash
准备工做:你得有个k8s集群,而后本身构建镜像上传到本身的私库,若是直接使用Jenkins的镜像,安装完一系列的操做以后就会发现,执行构建会报错,报错的内容诸如:docker:not found之类,即便将宿主机的docker挂载到Jenkins中也没法执行,缘由是没有建用户添加到docker的组中。本身的私库能够本身建也能够用阿里云的,我用的是阿里云的。app
一、k8s部署Jenkinsssh
1)构建Jenkins镜像,使用阿里云的构建镜像Dockerfile以下:微服务
FROM jenkins/jenkins #这个是官方镜像,必须基于官方镜像构建,不然安装以后仍是要更新,又报错
USER root
#清除了基础镜像设置的源,切换成阿里云的jessie源
RUN echo '' > /etc/apt/sources.list.d/jessie-backports.list \
&& echo "deb http://mirrors.aliyun.com/debian jessie main contrib non-free" > /etc/apt/sources.list \
&& echo "deb http://mirrors.aliyun.com/debian jessie-updates main contrib non-free" >> /etc/apt/sources.list \
&& echo "deb http://mirrors.aliyun.com/debian-security jessie/updates main contrib non-free" >> /etc/apt/sources.list
#更新源并安装缺乏的包
RUN apt-get update && apt-get install -y libltdl7
ARG dockerGid=999
RUN echo "docker:x:${dockerGid}:jenkins" >> /etc/group \
USER jenkins
2)部署Jenkins镜像ui
A、建立pv持久化存储卷,本次用的是宿主机文件系统
apiVersion: "v1"
kind: "PersistentVolume"
metadata:
name: jenkins-0
spec:
capacity:
storage: "10Gi"
accessModes:
- "ReadWriteMany"
hostPath :
path: /tmp
volumeName: jenkins
B、建立帐户
kubectl create -f service-account.yml
# In GKE need to get RBAC permissions first with # kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin [--user=<user-name>|--group=<group-name>] --- apiVersion: v1 kind: ServiceAccount metadata: name: jenkins namespace: default --- kind: Role apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: jenkins namespace: default rules: - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update","watch"] - apiGroups: [""] resources: ["pods/exec"] verbs: ["create","delete","get","list","patch","update","watch"] - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] - apiGroups: [""] resources: ["secrets"] verbs: ["get"] --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding metadata: name: jenkins roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: jenkins subjects: - kind: ServiceAccount name: jenkins namespace: default --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: jenkinsClusterRole namespace: default rules: - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update","watch"] - apiGroups: [""] resources: ["pods/exec"] verbs: ["create","delete","get","list","patch","update","watch"] - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] - apiGroups: [""] resources: ["secrets"] verbs: ["get"] --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding metadata: name: jenkinsClusterRuleBinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: jenkinsClusterRole subjects: - kind: ServiceAccount name: jenkins namespace: default
C、建立Jenkins服务
kubectl create -f jenkins.yml
# jenkins
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: jenkins
namespace: default
labels:
name: jenkins
spec:
serviceName: jenkins
replicas: 1
updateStrategy:
type: RollingUpdate
template:
metadata:
name: jenkins
labels:
name: jenkins
spec:
terminationGracePeriodSeconds: 10
serviceAccountName: jenkins
imagePullSecrets:
- name: registry-secret
containers:
- name: jenkins
# image: jenkins/jenkins:lts-alpine
# image: chadmoon/jenkins-docker-kubectl:latest h1kkan/jenkins-docker
image: registry.cn-shanghai.aliyuncs.com/pml/jenkins:v1.0
imagePullPolicy: Always
ports:
- containerPort: 8080
- containerPort: 50000
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 0.5
memory: 500Mi
env:
- name: LIMITS_MEMORY
valueFrom:
resourceFieldRef:
resource: limits.memory
divisor: 1Mi
- name: JAVA_OPTS
# value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -XX:MaxRAMFraction=1 -XshowSettings:vm -Dhudson.slaves.NodeProvisioner.initialDelay=0 -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85
value: -Xmx800m -XshowSettings:vm -Dhudson.slaves.NodeProvisioner.initialDelay=0 -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
- name: docker
mountPath: /usr/bin/docker
- name: docker-sock
mountPath: /var/run/docker.sock
securityContext:
privileged: true
volumes:
- name: docker
hostPath:
path: /usr/bin/docker
- name: docker-sock
hostPath:
path: /var/run/docker.sock
volumeClaimTemplates:
- metadata:
name: jenkins-home
# annotations:
# volume.beta.kubernetes.io/storage-class: anything
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: Service
metadata:
name: jenkins
namespace: default
annotations:
# ensure the client ip is propagated to avoid the invalid crumb issue (k8s <1.7)
# service.beta.kubernetes.io/external-traffic: OnlyLocal
spec:
type: NodePort
selector:
name: jenkins
# k8s 1.7+
externalTrafficPolicy: Local
ports:
-
name: http
port: 80
targetPort: 8080
protocol: TCP
-
name: agent
port: 50000
protocol: TCP
二、登陆并配置Jenkins
1)登陆咋说呢,上图吧
找到服务端口
2)浏览器输入node的ip加上端口,诸如:http://192.168.16.131:32453,就能够了
3)装插件,kubernetes plugin
4)配凭据,一个是登陆gitee的(下代码),一个是登陆docker仓库的(pull/push镜像),还一个是ssh登陆k8s的(deploy)
三、找个demo项目吧
看到这了,star/fork一下行不行,看提交记录就知道差点搞疯了!!!
https://gitee.com/chenqq/petclinic/
四、配下流水线
五、enjoy it!!!
若是持久化存储卷声明一直在pending,参考以下,从新设置状态:
{
"kind": "PersistentVolumeClaim",
"apiVersion": "v1",
"metadata": {
"name": "jenkins-home-jenkins-0",
"namespace": "default",
"selfLink": "/api/v1/namespaces/default/persistentvolumeclaims/jenkins-home-jenkins-0",
"uid": "e0e85f5b-b64b-11e9-acc8-000c29e92529",
"resourceVersion": "649259",
"creationTimestamp": "2019-08-04T00:07:42Z",
"labels": {
"name": "jenkins"
},
"annotations": {
"pv.kubernetes.io/bind-completed": "yes",
"pv.kubernetes.io/bound-by-controller": "yes"
},
"finalizers": [
"kubernetes.io/pvc-protection"
]
},
"spec": {
"accessModes": [
"ReadWriteOnce"
],
"resources": {
"requests": {
"storage": "1Gi"
}
},
"volumeName": "jenkins-1",
"volumeMode": "Filesystem",
"dataSource": null
},
"status": {
"phase": "Bound",
"accessModes": [
"ReadWriteOnce"
],
"capacity": {
"storage": "10Gi"
}
}
}
相关文章
- 1. Kubernetes集成Jenkins实现CICD
- 2. kubernetes实践:安装jenkins slave
- 3. kubernetes 安装 Jenkins
- 4. kubernetes helm 安装 jenkins
- 5. CI/CD笔记-Jenkins与gitlab实现CICD
- 6. Docker安装Gitlab和Runner并实现CICD
- 7. 基于Kubernetes Gitlab CICD
- 8. [kubernetes]7-1/2/3/4/5 cicd实践
- 9. linux中安装gitlab和cicd(断网版)
- 10. 基于Kubernetes/Jenkins/Harbor/Sonarqube搭建微服务CICD系统
- 更多相关文章...
- • 现实生活中的 XML - XML 教程
- • Docker 安装 Nginx - Docker教程
- • Composer 安装与使用
- • IntelliJ IDEA安装代码格式化插件
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. CVPR 2020 论文大盘点-光流篇
- 2. Photoshop教程_ps中怎么载入图案?PS图案如何导入?
- 3. org.pentaho.di.core.exception.KettleDatabaseException:Error occurred while trying to connect to the
- 4. SonarQube Scanner execution execution Error --- Failed to upload report - 500: An error has occurred
- 5. idea 导入源码包
- 6. python学习 day2——基础学习
- 7. 3D将是页游市场新赛道?
- 8. osg--交互
- 9. OSG-交互
- 10. Idea、spring boot 图片(pgn显示、jpg不显示)解决方案
欢迎关注本站公众号,获取更多信息
相关文章
- 1. Kubernetes集成Jenkins实现CICD
- 2. kubernetes实践:安装jenkins slave
- 3. kubernetes 安装 Jenkins
- 4. kubernetes helm 安装 jenkins
- 5. CI/CD笔记-Jenkins与gitlab实现CICD
- 6. Docker安装Gitlab和Runner并实现CICD
- 7. 基于Kubernetes Gitlab CICD
- 8. [kubernetes]7-1/2/3/4/5 cicd实践
- 9. linux中安装gitlab和cicd(断网版)
- 10. 基于Kubernetes/Jenkins/Harbor/Sonarqube搭建微服务CICD系统