如何部署Jenkins到Kubernetes中
我们在软件开发中,DevOps是一个非常流行的方法论,DevOps有很多的优势,在此我就不做介绍了,在DevOps方法论中,持续集成,持续交付,持续部署占有非常重要的位置。Jenkins是一款开源的,可扩展的,基于web界面的持续集成、交付、部署(软件/代码的编译、打包、部署)平台,也是现阶段,DevOps相关平台中最为流行的开源平台。
Cloud也是很多公司现阶段的主要战略之一,将线下的应用逐步移到Cloud平台上,很多公司的开发环境也是基于Cloud相关平台,因此很多公司在部署Jenkins的时候,就会考虑将Jenkins直接部署在Cloud平台上,在本文中,我主要介绍一下如何将Jenkins部署到Kubernetes中。
在本文中,我将Jenkins部署到我自己搭建的K8s中,如何搭建一个Kubernetes Cluster大家可以查看我相关的其他的Blog或自行百度,有非常多的资料介绍这一部分,下面我就直接介绍如何部署Jenkins.
创建一个单独的Namespace:
more jenkins-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: jenkins-system
spec:
finalizers:
- kubernetes
kubectl create -f jenkins-namespace.yaml
Jenkins部署在Container中,我们需要使用pvc将jenkins_home目录进行持久化,因此我们要创建相应的pv/pvc
more jenkins-home-pvc.yaml
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-home-pv
spec:
capacity:
storage: 50G
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
nfs:
path: /data/disk1/jenkins_home
server: ppydalbin1102.xx.xx.xx.com
...
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: jenkins-home-pvc
namespace: jenkins-system
annotations:
volume.beta.kubernetes.io/storage-class: ""
spec:
accessModes:
- ReadWriteMany
volumeMode: Filesystem
resources:
requests:
storage: 50G
volumeName: jenkins-home-pv
kubectl create -f jenkins-home-pvc.yaml
编写部署文件
more jenkins-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: jenkins-cluster
namespace: jenkins-system
spec:
replicas: 1
template:
metadata:
labels:
app: jenkins-cluster
spec:
securityContext:
runAsUser: 0
containers:
- name: jenkins-cluster
image: jenkinsci/blueocean
imagePullPolicy: IfNotPresent
resources:
limits:
memory: "8G"
requests:
memory: "4G"
ports:
- containerPort: 8080
securityContext:
privileged: true
env:
- name: JENKINS_OPTS
value: "--prefix=/transform/jenkins"
volumeMounts:
- name: jenkins-home-mnt
mountPath: /var/jenkins_home
- name: docker-graph-storage
mountPath: /var/lib/docker
- name: docker-run
mountPath: /var/run
volumes:
- name: jenkins-home-mnt
persistentVolumeClaim:
claimName: jenkins-home-pvc
- name: docker-graph-storage
hostPath:
path: /var/lib/docker
type: Directory
- name: docker-run
hostPath:
path: /var/run
type: Directory
kubectl create -f jenkins-deployment.yaml
几点说明:
1: Jenkins container默认是使用id jenkins(id:1000), 但是在我的环境中,我需要jenkins进行docker image build,需要使用host环境中的docker,所以我将container id改成root (id:0)
2: 需要使用docker进行image 编译,所以要将host环境中的docker 环境mount到container,主要是两个目录/var/lib/docker,/var/run,这个要根据你的环境,进行相应的调整。
3: 在部署的时候,通常需要根据你的环境,设定不同的context root,这个可以通过环境变量JENKINS_OPTS进行设定。
创建service和ingress访问Jenkins:
more jenkins-service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: jenkins-cluster-service
name: jenkins-cluster-service
namespace: jenkins-system
spec:
ports:
- protocol: TCP
port: 8080
targetPort: 8080
selector:
app: jenkins-cluster
kubectl create -f jenkins-service.yaml
more jenkins-ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: jenkins-ingress
namespace: jenkins-system
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/affinity: cookie
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_redirect off;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
spec:
tls:
- hosts:
- ppydalbik0101.xx.xxx.xxx.com
secretName: ppydalbik0101-secret
rules:
- host: ppydalbik0101.xx.xxx.xxx.com
http:
paths:
- path: /transform/jenkins
backend:
serviceName: jenkins-cluster-service
servicePort: 8080
kubectl create -f jenkins-ingress.yaml
部署完后,就可以通过ingress访问Jenkins,在第一次访问的时候,需要使用kubectl log查看pod log,查看初始访问密码串,登陆后,需要创建admin账号,然后才可以安装不同的插件和相应的配置。