k8s如何部署分布式jenkins
本文共 3332 字,大约阅读时间需要 11 分钟。
| Kubernetes是一个开源的,用于管理云平台中多个主机上的容器化的应用,Kubernetes的目标是让部署容器化的应用简单并且高效(powerful),Kubernetes提供了应用部署,规划,更新,维护的一种机制。 |
前提条件是,有storageclass,利用pvc 创建持久化存储 创建kube-ops namespace
这里创建opspvc 另外把accessmode 换成readwritemany,因为会有多个pod 进行读写
然后部署jenkins master deployment如下
---apiVersion: extensions/v1beta1kind: Deploymentmetadata: name: jenkins namespace: kube-opsspec: template: metadata: labels: app: jenkins spec: terminationGracePeriodSeconds: 10 serviceAccountName: jenkins containers: - name: jenkins image: jenkins/jenkins:lts imagePullPolicy: IfNotPresent ports: - containerPort: 8080 name: web protocol: TCP - containerPort: 50000 name: agent protocol: TCP resources: limits: cpu: 2000m memory: 4Gi requests: cpu: 1000m memory: 2Gi livenessProbe: httpGet: path: /login port: 8080 initialDelaySeconds: 60 timeoutSeconds: 5 failureThreshold: 12 readinessProbe: httpGet: path: /login port: 8080 initialDelaySeconds: 60 timeoutSeconds: 5 failureThreshold: 12 volumeMounts: - name: jenkinshome subPath: jenkins mountPath: /var/jenkins_home env: - name: LIMITS_MEMORY valueFrom: resourceFieldRef: resource: limits.memory divisor: 1Mi - name: JAVA_OPTS value: -Xmx$(LIMITS_MEMORY)m -XshowSettings:vm -Dhudson.slaves.NodeProvisioner.initialDelay=0 -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85 -Duser.timezone=Asia/Shanghai securityContext: fsGroup: 1000 volumes: - name: jenkinshome persistentVolumeClaim: claimName: opspvc---apiVersion: v1kind: Servicemetadata: name: jenkins namespace: kube-ops labels: app: jenkinsspec: selector: app: jenkins ports: - name: web port: 8080 targetPort: web - name: agent port: 50000 targetPort: agent
分配权限,配置rbac如下
apiVersion: v1kind: ServiceAccountmetadata: name: jenkins namespace: kube-ops---kind: RoleapiVersion: rbac.authorization.k8s.io/v1beta1metadata: name: jenkins namespace: kube-opsrules: - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update","watch"] - apiGroups: [""] resources: ["pods/exec"] verbs: ["create","delete","get","list","patch","update","watch"] - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] - apiGroups: [""] resources: ["secrets"] verbs: ["get"]---apiVersion: rbac.authorization.k8s.io/v1beta1kind: RoleBindingmetadata: name: jenkins namespace: kube-opsroleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: jenkinssubjects: - kind: ServiceAccount name: jenkins namespace: kube-ops
安装k8s 插件,与k8s 目标集群进行远程连接
因为是腾讯云,并没有提供tls 客户端认证,所以直接利用账号密码,进行认证,记得,禁用https 证书检查,jenkins和k8s 就集成好了
划重点!!!:jenkins地址,这里我这里写的是内网地址以及暴露了50000端口(用来与slave 建立通信使用),因为master 和slave 分别在不通的k8s 集群里,那么需要远程进行联通,而jenkins-ui 我是以ingress 的方式对外暴露
slave 的配置
这里需要注意的是标签列表,这里填写的标签,需要在slave 所在k8s 集群的节点上进行标注,而这个名字,是label这个字段里的key 并未是value,这里要注意
job 里配置
这个意思就是 slave 会尽可能的在这个节点build
本文地址:
转载地址:http://uztmz.baihongyu.com/
你可能感兴趣的文章
MYSQL CONCAT函数
查看>>
multiprocessing.Pool:map_async 和 imap 有什么区别?
查看>>
MySQL Connector/Net 句柄泄露
查看>>
multiprocessor(中)
查看>>
mysql CPU使用率过高的一次处理经历
查看>>
Multisim中555定时器使用技巧
查看>>
MySQL CRUD 数据表基础操作实战
查看>>
multisim变压器反馈式_穿过隔离栅供电:认识隔离式直流/ 直流偏置电源
查看>>
mysql csv import meets charset
查看>>
multivariate_normal TypeError: ufunc ‘add‘ output (typecode ‘O‘) could not be coerced to provided……
查看>>
MySQL DBA 数据库优化策略
查看>>
multi_index_container
查看>>
MySQL DBA 进阶知识详解
查看>>
Mura CMS processAsyncObject SQL注入漏洞复现(CVE-2024-32640)
查看>>
Mysql DBA 高级运维学习之路-DQL语句之select知识讲解
查看>>
mysql deadlock found when trying to get lock暴力解决
查看>>
MuseTalk如何生成高质量视频(使用技巧)
查看>>
mutiplemap 总结
查看>>
MySQL DELETE 表别名问题
查看>>
MySQL Error Handling in Stored Procedures---转载
查看>>