kubernetes部署jenkins

部署Jenkins pod, jenkins-rc.yaml:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
    name: jenkins
spec:
    replicas: 1
    strategy: 
    type: RollingUpdate
    rollingUpdate:
        maxSurge: 1
        maxUnavailable: 0
    template:
        metadata:
            labels:
            app: jenkins
        spec:
            imagePullSecrets:
            - name: myregistrykey
            containers:
            - name: jenkins
            image: harbor.test.com/common/jenkins:latest
            imagePullPolicy: IfNotPresent
            ports:
            - containerPort: 8080
              name: web
              protocol: TCP
            - containerPort: 50000
              name: agent
              protocol: TCP
            volumeMounts:
            - name: jenkinshome
            mountPath: /var/jenkins_home
            env:
            - name: JAVA_OPTS
              value: "-Duser.timezone=Asia/Shanghai"
       volumes:
       - name: jenkinshome
         nfs:
         server: 192.168.1.131
         path: "/data/nfs/jenkins"

创建pod,并查看:

  1. [root@k8s-master jenkins]# kubectl get pod
  2. NAME READY STATUS RESTARTS AGE
  3. jenkins-2366461543-cjxjq 0/1 CrashLoopBackOff 6 8m

查看pod日志:

  1. [root@k8s-master jenkins]# kubectl logs jenkins-2366461543-cjxjq
  2. touch: cannot touch ‘/var/jenkins_home/copy_reference_file.log’: Permission denied
  3. Can not write to /var/jenkins_home/copy_reference_file.log. Wrong volume permissions?

问题出在pod挂载了nfs共享过来的目录,但没有写的权限。启动一个Jenkins docker查看Jenkins用户:

  1. jenkins@6f9c8a27d26f:~$ cat /etc/passwd | grep jenkins
  2. jenkins:x:1000:1000::/var/jenkins_home:/bin/bash

在NFS 服务器上修改共享目录的所有人:

  1. [root@k8s-nfs data]# cd nfs/
  2. [root@k8s-nfs nfs]# chown 1000 jenkins/

重新创建Jenkins pod,查看状态:

  1. [root@k8s-master jenkins]# kubectl get pod
  2. NAME READY STATUS RESTARTS AGE
  3. jenkins-2366461543-97tjs 1/1 Running 0 4s

创建Service,jenkins-service.yaml:

kind: Service
apiVersion: v1
metadata:
    labels:
    app: jenkins
    name: jenkins
spec:
    ports:
    - port: 8080
      targetPort: 8080
      name: web
      - port: 50000
        targetPort: 50000
      name: agent
  selector:
      app: jenkins

创建Ingress,jenkins-ingress.yaml:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
    name: jenkins
spec:
    tls:
    - hosts:
    - autobuild.test.com
    secretName: jenkins-secret
    rules:
    - host: autobuild.test.com
    http:
    paths:
       - backend:
    serviceName: jenkins
    servicePort: 8080
    path: /

在公网解析域名便可以访问页面。

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

扫码关注云+社区

领取腾讯云代金券