k8s-1.25.0部署最新版 Jenkins 2.346.3

k8s版本:k8s-1.25.0(containerd运行时)

jenkins版本:Jenkins 2.346.3

1、先部署动态存储 local-path-provisioner

2、再部署 jenkins

Jenkins镜像

  1. jenkins/jenkins:lts-jdk11

动态存储:Local Path Provisioner

基于HostPath使用动态PV

1、部署 local-path-provisioner

  1. # 版本:local-path-provisioner-0.0.22
  3. wget https://github.com/rancher/local-path-provisioner/archive/refs/tags/v0.0.22.tar.gz
  5. # github.com下载加速地址
  6. wget https://hub.fastgit.xyz/rancher/local-path-provisioner/archive/refs/tags/v0.0.22.tar.gz
  8. tar xf v0.0.22.tar.gz && rm -rf v0.0.22.tar.gz
  10. # 修改存储地址(/data/local-path-provisioner)
  11. sed -i 's/opt/data/g' ~/local-path-provisioner-0.0.22/deploy/local-path-storage.yaml
  1. kubectl apply -f ~/local-path-provisioner-0.0.22/deploy/local-path-storage.yaml
  3. kubectl get pod -A -l app=local-path-provisioner
  4. kubectl get pod -n local-path-storage
  6. kubectl get storageclass

2、部署 Jenkins

  1. cat > ~/jenkins/Jenkins-rbac.yaml << EOF
  2. apiVersion: v1
  3. kind: Namespace
  4. metadata:
  5.   name: jenkins
  6. ---
  7. apiVersion: v1
  8. kind: ServiceAccount
  9. metadata:
  10.   name: jenkins
  11.   namespace: jenkins
  12. ---
  13. apiVersion: rbac.authorization.k8s.io/v1
  14. kind: ClusterRole
  15. metadata:
  16.   annotations:
  17.     rbac.authorization.kubernetes.io/autoupdate: "true"
  18.   labels:
  19.     kubernetes.io/bootstrapping: rbac-defaults
  20.   name: jenkins
  21. rules:
  22. - apiGroups:
  23.   - '*'
  24.   resources:
  25.   - statefulsets
  26.   - services
  27.   - replicationcontrollers
  28.   - replicasets
  29.   - podtemplates
  30.   - podsecuritypolicies
  31.   - pods
  32.   - pods/log
  33.   - pods/exec
  34.   - podpreset
  35.   - poddisruptionbudget
  36.   - persistentvolumes
  37.   - persistentvolumeclaims
  38.   - jobs
  39.   - endpoints
  40.   - deployments
  41.   - deployments/scale
  42.   - daemonsets
  43.   - cronjobs
  44.   - configmaps
  45.   - namespaces
  46.   - events
  47.   - secrets
  48.   verbs:
  49.   - create
  50.   - get
  51.   - watch
  52.   - delete
  53.   - list
  54.   - patch
  55.   - update
  56. - apiGroups:
  57.   - ""
  58.   resources:
  59.   - nodes
  60.   verbs:
  61.   - get
  62.   - list
  63.   - watch
  64.   - update
  65. ---
  66. apiVersion: rbac.authorization.k8s.io/v1
  67. kind: ClusterRoleBinding
  68. metadata:
  69.   annotations:
  70.     rbac.authorization.kubernetes.io/autoupdate: "true"
  71.   labels:
  72.     kubernetes.io/bootstrapping: rbac-defaults
  73.   name: jenkins
  74. roleRef:
  75.   apiGroup: rbac.authorization.k8s.io
  76.   kind: ClusterRole
  77.   name: jenkins
  78. subjects:
  79. - apiGroup: rbac.authorization.k8s.io
  80.   kind: Group
  81.   name: system:serviceaccounts:jenkins
  82. EOF
  1. cat > ~/jenkins/Jenkins-Deployment.yaml << EOF
  2. apiVersion: apps/v1
  3. kind: Deployment
  4. metadata:
  5.   name: jenkins
  6.   namespace: jenkins
  7.   labels:
  8.     app: jenkins
  9. spec:
  10.   replicas: 1
  11.   selector:
  12.     matchLabels:
  13.       app: jenkins
  14.   template:
  15.     metadata:
  16.       labels:
  17.         app: jenkins
  18.     spec:
  19.       containers:
  20.       - name: jenkins
  21.         image: jenkins/jenkins:lts-jdk11
  22.         ports:
  23.         - containerPort: 8080
  24.           name: web
  25.           protocol: TCP
  26.         - containerPort: 50000
  27.           name: agent
  28.           protocol: TCP
  29.         #resources:
  30.           #limits:
  31.             #memory: 4Gi
  32.             #cpu: "2000m"
  33.           #requests:
  34.             #memory: 4Gi
  35.             #cpu: "2000m"
  36.         env:
  37.         - name: LIMITS_MEMORY
  38.           valueFrom:
  39.             resourceFieldRef:
  40.               resource: limits.memory
  41.               divisor: 1Mi
  42.         - name: JAVA_OPTS
  43.           value: -Dhudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION=true
  44.         volumeMounts:
  45.         - name: jenkins-home
  46.           mountPath: /var/jenkins_home
  47.       volumes:
  48.       - name: jenkins-home
  49.         persistentVolumeClaim:
  50.           claimName: jenkins-home
  51. ---
  52. apiVersion: v1
  53. kind:  PersistentVolumeClaim
  54. metadata:
  55.   name: jenkins-home
  56.   namespace: jenkins
  57. spec:
  58.   storageClassName: "local-path"
  59.   accessModes: [ReadWriteOnce]
  60.   resources:
  61.     requests:
  62.       storage: 2Ti
  63. EOF
  1. cat > ~/jenkins/Jenkins-Service.yaml << EOF
  2. apiVersion: v1
  3. kind: Service
  4. metadata:
  5.   name: jenkins
  6.   namespace: jenkins
  7.   labels:
  8.     app: jenkins
  9. spec:
  10.   selector:
  11.     app: jenkins
  12.   type: NodePort
  13.   ports:
  14.   - name: web
  15.     nodePort: 30080
  16.     port: 8080
  17.     targetPort: web
  18.   - name: agent
  19.     nodePort: 30081
  20.     port: 50000
  21.     targetPort: agent
  22. EOF
  1. kubectl apply -f Jenkins-rbac.yaml -f Jenkins-Deployment.yaml -f Jenkins-Service.yaml

登录密码

  1. kubectl get pods -n jenkins -l app=jenkins
  3. kubectl logs -f jenkins-746b5b5d65-r9m8q -n jenkins #初始化密钥就在日志里面

访问地址:192.168.1.201:30080