一, Jenkins 安装准备条件
# 在运维主机操作:
1. 准备镜像
- ~]# docker pull jenkins/jenkins:2.190.3
- ~]# docker images | grep jenkins
- ~]# docker tag 22b8b9a84dbe test-harbor.cedarhd.com/public/jenkins:v2.190.3
- ~]# docker push test-harbor.cedarhd.com/public/jenkins:v2.190.3
2. 自定义 Dockerfile
- # 官网拉取的镜像需要做些自定义操作, 才能在 k8s 集群中部署 (运维主机上运行)
- mkdir -p /data/dockerfile/jenkins
- cd /data/dockerfile/jenkins
- VIM Dockerfile
- FROM test-harbor.cedarhd.com/public/jenkins:v2.190.3
- USER root
- RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\
- echo 'Asia/Shanghai'>/etc/timezone
- ADD id_rsa /root/.SSH/id_rsa
- ADD config.JSON /root/.docker/config.JSON
- ADD get-docker.sh /get-docker.sh
- RUN echo "StrictHostKeyChecking no">> /etc/SSH/ssh_config && /get-docker.sh
- # 解释:
> - 设置容器用户为 root
> - 设置容器内的时区
> - 将 SSH 私钥加入 (使用 Git 拉代码时要用到, 配对的公钥应配置在 GitLab 中)
> - 加入了登录自建 harbor 仓库的 config 文件
> - 修改了 SSH 客户端的
> - 安装一个 docker 的客户端
> - 如果因为网络原因构建失败, 可以在最后 "/get-docker.sh --mirror Aliyun"
3. 生成 SSH 密钥对
- jenkins]# SSH-keygen -t rsa -b 2048 -C "[email protected]" -N "" -f /root/.SSH/id_rsa
- Generating public/private rsa key pair.
- Your identification has been saved in /root/.SSH/id_rsa.
- Your public key has been saved in /root/.SSH/id_rsa.pub.
- The key fingerprint is:
- SHA256:bIajghsF/BqJouTeNvZXvQWvolAKWvhVSuZ3uVWoVXU [email protected]
- The key's randomart image is:
- +---[RSA 2048]----+
- | ...E|
- |. o .|
|.. o . o . |
- |..+ + oo +.. |
- |o=.+ +ooS+..o |
- |=o* o.++..o. o |
- |++...o .. + |
- |.o.= .. . o |
|..o.o.... . |
- +----[SHA256]-----+
- enkins]# cp /root/.SSH/id_rsa .
4. 准备其它文件
- jenkins]# cp /root/.docker/config.JSON .
- jenkins]# curl -fsSL get.docker.com -o get-docker.sh
- jenkins]# chmod +x get-docker.sh
- jenkins]# ll
- total 28
- -rw------- 1 root root 160 Jan 28 23:41 config.JSON
- -rw-r--r-- 1 root root 355 Jan 28 23:38 Dockerfile
- -rwxr-xr-x 1 root root 13216 Jan 28 23:42 get-docker.sh
- -rw------- 1 root root 1675 Jan 28 23:38 id_rsa
5, 登陆 harbor 创建 infra 私有仓库
创建 infra 的 project,access level 为 Private
6, 生成 jenkins 镜像
- jenkins]# docker build -t harbor.phc-dow.com/infra/jenkins:v2.190.3 .
- jenkins]# docker push test-harbor.cedarhd.com/infra/jenkins:v2.190.3
7, 准备共享存储
- yum install nfs-utils -y
- ~]# VIM /etc/exports
- /data/nfs-volume 10.4.7.0/24(rw,no_root_squash)
- ### 启动 NFS 服务
- ~]# mkdir -p /data/nfs-volume
- ~]# systemctl start nfs
- ~]# systemctl enable nfs
二, Jenkins 安装所需资源配置清单
- mkdir /data/k8s-YAML/jenkins && mkdir -p /data/nfs-volume/jenkins_home && cd /data/k8s-YAML/jenkins
- ~]# vi dp.YAML #用于创建配置 pod 控制器与 pod 资源
- kind: Deployment
- apiVersion: extensions/v1beta1
- metadata:
- name: jenkins
- namespace: infra
- labels:
- name: jenkins
- spec:
- replicas: 1
- selector:
- matchLabels:
- name: jenkins
- template:
- metadata:
- labels:
- App: jenkins
- name: jenkins
- spec:
- volumes:
- - name: data
- nfs:
- server: test-operator.cedarhd.com
- path: /data/nfs-volume/jenkins_home
- - name: docker
- hostPath:
- path: /run/docker.sock
- type: ''
- containers:
- - name: jenkins
- image: test-harbor.cedarhd.com/infra/jenkins:v2.190.3
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort: 8080
- protocol: TCP
- env:
- - name: JAVA_OPTS
- value: -Xmx512m -Xms512m
- volumeMounts:
- - name: data
- mountPath: /var/jenkins_home
- - name: docker
- mountPath: /run/docker.sock
- imagePullSecrets:
- - name: harbor
- securityContext:
- runAsUser: 0
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 1
- maxSurge: 1
- revisionHistoryLimit: 7
- progressDeadlineSeconds: 600
- -----------------------------------------------------------------------------------------------
- ~]# VIM service.YAML #用于创建 cluster ip 与端口映射
- kind: Service
- apiVersion: v1
- metadata:
- name: jenkins
- namespace: infra
- spec:
- ports:
- - protocol: TCP
- port: 80
- targetPort: 8080
- selector:
- App: jenkins
- jenkins]# cat ingress.YAML #用于创建 ingress 转发规则
- kind: Ingress
- apiVersion: extensions/v1beta1
- metadata:
- name: jenkins
- namespace: infra
- spec:
- rules:
- - host: test-jenkins.cedarhd.com
- http:
- paths:
- - path: /
- backend:
- serviceName: jenkins
- servicePort: 80
- -----------------------------------------------------------------------------------------------
三, 在其中一个运算节点上创建资源
- kubectl apply -f http://k8s-yaml.cedarhd.com/jenkins/dp.yaml
- kubectl apply -f http://k8s-yaml.cedarhd.com/jenkins/service.yaml
- kubectl apply -f http://k8s-yaml.cedarhd.com/jenkins/ingress.yaml
来源: http://www.bubuko.com/infodetail-3415569.html