kind: Deployment标签:name,部署,namespace,jenkins,Jenkins,k8s,30082,resources From: https://blog.51cto.com/u_11410590/5740691
apiVersion: apps/v1
metadata:
labels:
k8s-app: jenkins
name: jenkins
namespace: devops
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: jenkins
template:
metadata:
labels:
k8s-app: jenkins
namespace: devops
name: jenkins
spec:
hostAliases:
- ip: "192.168.194.101"
hostnames:
- "updates.jenkins-ci.org"
nodeSelector:
key: "devops"
containers:
- name: jenkins
image: jenkinsci/blueocean
imagePullPolicy: IfNotPresent
ports:
- containerPort: 30082
name: web
protocol: TCP
- containerPort: 30081
name: agent
protocol: TCP
resources:
limits:
cpu: 1000m
memory: 4Gi
requests:
cpu: 500m
memory: 512Mi
livenessProbe:
httpGet:
path: /login
port: 30082
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
readinessProbe:
httpGet:
path: /login
port: 30082
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
volumeMounts:
- name: jenkins-home
mountPath: /var/lib/jenkins
env:
- name: JENKINS_HOME
value: /var/lib/jenkins
- name: JENKINS_OPTS
value: --httpPort=30082
- name: JENKINS_SLAVE_AGENT_PORT
value: "30081"
securityContext:
runAsUser: 0
volumes:
- name: jenkins-home
hostPath:
path: /data/devops/jenkins
type: Directory
serviceAccountName: jenkins
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: jenkins
name: jenkins
namespace: devops
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: jenkins
name: jenkins
namespace: devops
spec:
type: NodePort
ports:
- name: web
port: 30082
targetPort: 30082
nodePort: 30082
- name: slave
port: 30081
targetPort: 30081
nodePort: 30081
selector:
k8s-app: jenkins
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: jenkins
namespace: devops
rules:
- apiGroups: ["extensions", "apps"]
resources: ["deployments"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["services"]
verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: jenkins
roleRef:
kind: ClusterRole
name: jenkins
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: jenkins
namespace: devops
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jenkins
namespace: devops
spec:
rules:
- host: jenkins.test.com
http:
paths:
- backend:
service:
name: jenkins
port:
number: 30082
path: /
pathType: ImplementationSpecific