Kubernetes - jenkins部署



部署Jenkins pod, jenkins-rc.yaml:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: jenkins
spec:
  replicas: 1
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  template:
    metadata:
      labels:
        app: jenkins
    spec:
      imagePullSecrets:
      - name: myregistrykey
      containers:
      - name: jenkins
        image: harbor.test.com/common/jenkins:latest
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 8080
          name: web
          protocol: TCP
        - containerPort: 50000
          name: agent
          protocol: TCP
        volumeMounts:
        - name: jenkinshome
          mountPath: /var/jenkins_home
        env:
        - name: JAVA_OPTS
          value: "-Duser.timezone=Asia/Shanghai"
      volumes:
      - name: jenkinshome
        nfs:
          server: 192.168.1.131
          path: "/data/nfs/jenkins"

创建pod,并查看:

[root@k8s-master jenkins]# kubectl get pod
NAME                        READY     STATUS             RESTARTS   AGE
jenkins-2366461543-cjxjq    0/1       CrashLoopBackOff   6          8m

查看pod日志:

[root@k8s-master jenkins]# kubectl logs jenkins-2366461543-cjxjq
touch: cannot touch ‘/var/jenkins_home/copy_reference_file.log’: Permission denied
Can not write to /var/jenkins_home/copy_reference_file.log. Wrong volume permissions?


问题出在pod挂载了nfs共享过来的目录,但没有写的权限。启动一个Jenkins docker查看Jenkins用户:

jenkins@6f9c8a27d26f:~$ cat /etc/passwd | grep jenkins
jenkins:x:1000:1000::/var/jenkins_home:/bin/bash

在NFS 服务器上修改共享目录的所有人:

[root@k8s-nfs data]# cd nfs/
[root@k8s-nfs nfs]# chown 1000 jenkins/


重新创建Jenkins pod,查看状态:

[root@k8s-master jenkins]# kubectl get pod
NAME                        READY     STATUS    RESTARTS   AGE
jenkins-2366461543-97tjs    1/1       Running   0          4s

创建Service,jenkins-service.yaml:

kind: Service
apiVersion: v1
metadata:
  labels:
      app: jenkins
  name: jenkins
spec:
  ports:
  - port: 8080
    targetPort: 8080
    name: web
  - port: 50000
    targetPort: 50000
    name: agent
  selector:
    app: jenkins


创建Ingress,jenkins-ingress.yaml:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: jenkins
spec:
  tls:
  - hosts:
    - autobuild.test.com
    secretName: jenkins-secret
  rules:
  - host: autobuild.test.com
    http:
      paths:
      - backend:
          serviceName: jenkins
          servicePort: 8080
        path: /

在公网解析域名便可以访问页面。






你可能感兴趣的:(kubernetes)