交付Jenkins 到k8s集群

tosim 2020-06-24

构建新的jenkins镜像

docker pull jenkins/jenkins:2.190.3

mkdir -p /data/dockerfile/jenkins  && cd /data/dockerfile/jenkins 
vim dockerfile
FROM jenkins/jenkins:2.190.3
USER root
ADD id_rsa /root/.ssh/id_rsa
ADD config.json /root/.docker/config.json  #把200 的/root/.docker/config.json cp 到Jenkins容器里面。
ADD get-docker.sh /get-docker.sh
RUN echo "    StrictHostKeyChecking no" >> /etc/ssh/ssh_config &&    /get-docker.sh --mirror Aliyun   &&    /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\ 
    echo ‘Asia/Shanghai‘ >/etc/timezone
ssh-keygen -t rsa -b 2048 -C "" -N "" -f /root/.ssh/id_rsa  #这个邮箱要用自己的,后面和gitee进行联动。
基于 jenkins/jenkins:2.190.3 构建一个新的Jenkins 镜像
dockerfile 说明:
设置容器内的时区
将ssh私钥加入到容器,后来从gitee 拉取代码会用到,配对的公钥应配置在gitlab中
加入了登录自建harbor仓库的config文件
在容器里安装docker客户端
[ jenkins]# lltotal 28-rw------- 1 root root   151 May  4 21:48 config.json-rw-r--r-- 1 root root   381 May  4 22:16 dockerfile-rwxr-xr-x 1 root root 13328 May  4 21:34 get-docker.sh-rw------- 1 root root  1679 May  4 21:38 id_rsa[ jenkins]# pwd/data/dockerfile/jenkins
# 构建镜像,时间比较长。docker build . -t harbor.od.com/infra/jenkins:v2.190.3 
 
构建好了后 运行该镜像 测试到gitee 的连接性:
 docker run --rm harbor.od.com/infra/jenkins:v2.190.3 ssh -i /root/.ssh/id_rsa -T  Warning: Permanently added ‘gitee.com,212.64.62.174‘ (ECDSA) to the list of known hosts.Hi xxx! You‘ve successfully authenticated, but GITEE.COM does not provide shell access.
 


  
配置 nfs 共享
给Jenkins存储用的

# 在所有主机上:
yum install nfs-utils -y

#在7.200 上  
vim /etc/exports
/data/nfs-volume 10.4.7.0/24(rw,no_root_squash)

mkdir -p /data/nfs-volume
systemctl start nfs  
systemctl enable nfs

jenkins yaml 配置文件

docker pull jenkins/jenkins:2.190.3  #Jenkins 镜像[ jenkins]# cat dp.yaml 
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: jenkins
  namespace: infra
  labels: 
    name: jenkins
spec:
  replicas: 1
  selector:
    matchLabels: 
      name: jenkins
  template:
    metadata:
      labels: 
        app: jenkins 
        name: jenkins
    spec:
      volumes:
      - name: data
        nfs: 
          server: hdss7-200
          path: /data/nfs-volume/jenkins_home
      - name: docker
        hostPath: 
          path: /run/docker.sock
          type: ‘‘
      containers:
      - name: jenkins
        image: harbor.od.com/infra/jenkins:v2.190.3
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 8080
          protocol: TCP
        env:
        - name: JAVA_OPTS
          value: -Xmx1024m -Xms1024m
        volumeMounts:
        - name: data
          mountPath: /var/jenkins_home
        - name: docker
          mountPath: /run/docker.sock
      imagePullSecrets:
      - name: harbor
      securityContext: 
        runAsUser: 0
  strategy:
    type: RollingUpdate
    rollingUpdate: 
      maxUnavailable: 1
      maxSurge: 1
  revisionHistoryLimit: 7
  progressDeadlineSeconds: 600=============================
 spec:
      volumes:
      - name: data
        nfs: 
          server: hdss7-200
          path: /data/nfs-volume/jenkins_home指定 远程的nfs server ip 和远程路径=============================================
[ jenkins]# cat ingress.yaml
kind: Ingress
apiVersion: extensions/v1beta1
metadata: 
  name: jenkins
  namespace: infra
spec:
  rules:
  - host: jenkins.od.com
    http:
      paths:
      - path: /
        backend: 
          serviceName: jenkins
          servicePort: 80
[ jenkins]# cat svc.yaml 
kind: Service
apiVersion: v1
metadata: 
  name: jenkins
  namespace: infra
spec:
  type: NodePort
  ports:
  - protocol: TCP
    port: 80
    targetPort: 8080
    nodePort: 22143
  selector:
    app: jenkins然后 apply -f 这四个文件

初始化Jenkins

在 dns server 7.11 上 增加A 记录 jenkins A 10.4.7.10

浏览器访问  jenkins.od.com 

初始化密码的位置 ,在nfs server 200 上。  
jenkins_home]# cat /data/nfs-volume/jenkins_home/secrets/initialAdminPassword

安装blue-ocean 插件 ,后面 流水线构建时候回用到

交付Jenkins 到k8s集群

安装blue-ocean 插件 ,后面 流水线构建时候回用到

交付Jenkins 到k8s集群

现在jenkins 部署好了,下面可以通过jenkins 结合 gitee 进行流水线构建微服务了, 下篇写。

相关推荐