sudo kubectl create namespace devops
建立 Jenkins hostpath 路徑
cd /
mkdir /jenkins-data
chmod -R 777 /jenkins-data
sa.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins-sa
namespace: devops
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: jenkins-cr
rules:
- apiGroups: ["extensions", "apps"]
resources: ["deployments"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["services"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: jenkins-crd
roleRef:
kind: ClusterRole
name: jenkins-cr
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: jenkins-sa
namespace: devops
jenkins-deploy.yaml
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: jenkins
namespace: devops
spec:
template:
metadata:
labels:
app: jenkins
spec:
terminationGracePeriodSeconds: 10
serviceAccount: jenkins-sa
containers:
- name: jenkins
image: jenkins/jenkins:lts
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
name: web
protocol: TCP
- containerPort: 50000
name: agent
protocol: TCP
volumeMounts:
- name: jenkinshome
mountPath: /var/jenkins_home
securityContext:
fsGroup: 1000
volumes:
- name: jenkinshome
hostPath:
path: /jenkins-data
type: Directory
---
apiVersion: v1
kind: Service
metadata:
name: jenkins
namespace: devops
labels:
app: jenkins
spec:
selector:
app: jenkins
type: NodePort
ports:
- name: web
port: 8080
targetPort: web
nodePort: 30002
- name: agent
port: 50000
targetPort: agent
pvc.yaml
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-pv
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Delete
nfs:
server: 172.16.1.128
path: /data/k8s/jenkins
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-pvc
namespace: devops
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
查看服務
kubectl get deploy -A
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
devops jenkins 1/1 1 1 5m48s
kube-system coredns 2/2 2 2 21m
kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
devops jenkins-76d7f5b59d-8cpbl 1/1 Running 0 6s
kube-system coredns-5c98db65d4-2pn7j 1/1 Running 0 15m
kube-system coredns-5c98db65d4-b9b59 1/1 Running 0 15m
kube-system etcd-mgchung-3 1/1 Running 0 14m
kube-system kube-apiserver-mgchung-3 1/1 Running 0 14m
kube-system kube-controller-manager-mgchung-3 1/1 Running 0 14m
kube-system kube-flannel-ds-amd64-2s7bt 1/1 Running 0 15m
kube-system kube-proxy-f2vmd 1/1 Running 0 15m
kube-system kube-scheduler-mgchung-3 1/1 Running 0 14m
kubectl get svc -A
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19m
devops jenkins NodePort 10.101.209.110 <none> 8080:30002/TCP,50000:30103/TCP 4m14s
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 19m
先 log Jenkins 的 pod 查看密碼
sudo kubectl get pods -n jenkins
sudo kubectl logs <pod_name> -n jenkins
就會看到
Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation:
c3a14ac90ed0481988e5845fb422815b
This may also be found at: /var/jenkins_home/secrets/initialAdminPassword
使用瀏覽器輸入
<ip-address>:30002
將 log 到的密碼輸入頁面,進行 plugin
iThome鐵人賽
看影片追技術