物料清单
| - 组件 | - 版本 |
|---|---|
| k8s | 1.23.10 |
| kubesphere | v3.3.1 |
| jenkins版本 | 2.361.4 |
部署
创建Namespace
- 在kubesphere上
工作台->企业空间->点击创建->填写名称wsdevops->点击创建企业空间的创建。 - 点击创建好的
wsdevops名称->选择左侧的项目->点击创建->输入名称ws-devops,完成NS的创建.
# 以下为kubesphere kubectl get ns ws-devops -o yaml 输出内容
apiVersion: v1
kind: Namespace
metadata:
annotations:
kubesphere.io/creator: admin
finalizers:
- finalizers.kubesphere.io/namespaces
labels:
kubernetes.io/metadata.name: ws-devops
kubesphere.io/namespace: ws-devops
kubesphere.io/workspace: wsdevops
name: ws-devops
ownerReferences:
- apiVersion: tenant.kubesphere.io/v1alpha1
blockOwnerDeletion: true
controller: true
kind: Workspace
name: wsdevops
uid: aead3e2f-b203-4c4c-ac0a-14430cfc1477
resourceVersion: "160501"
uid: 1656558f-4d03-448d-aef9-81eea5f341cc
spec:
finalizers:
- kubernetes
创建用户角色
- 执行命令
kubectl apply -f account.yaml - account.yaml内容如下:
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins
namespace: ws-devops
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jenkins
rules:
- apiGroups: ["extensions", "apps"]
resources: ["deployments"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["services"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: jenkins
namespace: ws-devops
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: jenkins
subjects:
- kind: ServiceAccount
name: jenkins
namespace: ws-devops
创建PV、PVC
- 执行命令
kubectl apply -f pvpvc.yaml - pvpvc.yaml文件内容如下:
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-pv
spec:
capacity:
storage: 20Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Delete
nfs:
server: 172.16.50.100
path: /data/kubernetes/jenkins
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: jenkins-pv
namespace: ws-devops
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 50Gi
部署jenkins deployment
- 执行
kubectl apply -f deployment.yaml - deployment.yaml内容如下
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: ws-devops
spec:
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
terminationGracePeriodSeconds: 10
serviceAccount: jenkins
containers:
- name: jenkins
image: jenkins/jenkins:lts
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
name: web
protocol: TCP
- containerPort: 50000
name: agent
protocol: TCP
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 500m
memory: 512Mi
livenessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
readinessProbe:
httpGet:
path: /login
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
volumeMounts:
- name: jenkinshome
subPath: jenkins
mountPath: /var/jenkins_home
securityContext:
fsGroup: 1000
volumes:
- name: jenkinshome
persistentVolumeClaim:
claimName: jenkins-pv
部署service
-
执行命令
kubectl apply -f serivce.yaml -
service.yaml内容如下:
--- apiVersion: v1 kind: Service metadata: name: jenkins namespace: ws-devops labels: app: jenkins spec: selector: app: jenkins type: NodePort ports: - name: web port: 8080 targetPort: web nodePort: 30002 - name: agent port: 50000 targetPort: agent
设置ingress
-
可以从kubesphere
工作台->企业空间->点击wsdevops->点击左侧项目->点击ws-devops->点击左侧应用负载->应用路由->点击创建->按步骤添加完成
-
生成的配置如下
piVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: kubesphere.io/creator: admin creationTimestamp: "2022-11-19T08:18:17Z" generation: 3 name: jenkins namespace: ws-devops resourceVersion: "473180" uid: e7ed6f46-f1c7-4f86-a089-a7f5632cbd1c spec: rules: - host: jenkins.wsdevops.com http: paths: - backend: service: name: jenkins port: number: 8080 path: / pathType: ImplementationSpecific status: loadBalancer: ingress: - ip: 172.16.50.156-
设置好后,可以本地host绑定在ingress填写的域名,如果域名已经备案,也可以直接在dns上进行解析。
[pengyang@dev]$ cat /etc/hosts ## # Host Database # # localhost is used to configure the loopback interface # when the system is booting. Do not change this entry. ## 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost 127.0.0.1 swscan.apple.com 127.0.0.1 swcdn.apple.com 127.0.0.1 swdist.apple.com # Added by Docker Desktop # To allow the same kube context to work on the host and the container: 127.0.0.1 kubernetes.docker.internal # End of section ## 此处为jenkins的解析,IP为node节点的任意一个,可以写多条 172.16.50.155 jenkins.wsdevops.com 172.16.50.156 jenkins.wsdevops.com 172.16.50.157 jenkins.wsdevops.com 172.16.50.240 kubesphere.wsdevops.comjenkins配置
- 等待容器状态准备就绪后,就可以进行访问了,可以直接点击kubesphere上的访问服务
- 等待容器状态准备就绪后,就可以进行访问了,可以直接点击kubesphere上的访问服务
-