溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
#在運維主機操作:
1.準備鏡像
~]# docker pull jenkins/jenkins:2.190.3
~]# docker images | grep jenkins
~]# docker tag 22b8b9a84dbe test-harbor.cedarhd.com/public/jenkins:v2.190.3
~]# docker push test-harbor.cedarhd.com/public/jenkins:v2.190.3
2.自定義Dockerfile
#官網拉取的鏡像需要做些自定義操作,才能在k8s集群中部署(運維主機上運行)
mkdir -p /data/dockerfile/jenkins
cd /data/dockerfile/jenkins
vim Dockerfile
FROM test-harbor.cedarhd.com/public/jenkins:v2.190.3
USER root
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\
echo 'Asia/Shanghai' >/etc/timezone
ADD id_rsa /root/.ssh/id_rsa
ADD config.json /root/.docker/config.json
ADD get-docker.sh /get-docker.sh
RUN echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config &&\
/get-docker.sh
#解釋:
> - 設置容器用戶為root
> - 設置容器內的時區
> - 將ssh私鑰加入(使用git拉代碼時要用到,配對的公鑰應配置在gitlab中)
> - 加入了登錄自建harbor倉庫的config文件
> - 修改了ssh客戶端的
> - 安裝一個docker的客戶端
> - 如果因為網絡原因構建失敗,可以在最后“ /get-docker.sh --mirror Aliyun”
3.生成ssh密鑰對
jenkins]# ssh-keygen -t rsa -b 2048 -C "xxxxxxx@qq.com" -N "" -f /root/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:bIajghsF/BqJouTeNvZXvQWvolAKWvhVSuZ3uVWoVXU 897307140@qq.com
The key's randomart image is:
+---[RSA 2048]----+
| ...E|
|. o .|
|.. o . o . |
|..+ + oo +.. |
|o=.+ +ooS+..o |
|=o* o.++..o. o |
|++...o .. + |
|.o.= .. . o |
|..o.o.... . |
+----[SHA256]-----+
enkins]# cp /root/.ssh/id_rsa .
4.準備其它文件
jenkins]# cp /root/.docker/config.json .
jenkins]# curl -fsSL get.docker.com -o get-docker.sh
jenkins]# chmod +x get-docker.sh
jenkins]# ll
total 28
-rw------- 1 root root 160 Jan 28 23:41 config.json
-rw-r--r-- 1 root root 355 Jan 28 23:38 Dockerfile
-rwxr-xr-x 1 root root 13216 Jan 28 23:42 get-docker.sh
-rw------- 1 root root 1675 Jan 28 23:38 id_rsa
5、登陸harbor創建infra私有倉庫
創建infra的project,access level 為Private
6、生成jenkins鏡像
jenkins]# docker build -t harbor.phc-dow.com/infra/jenkins:v2.190.3 .
jenkins]# docker push test-harbor.cedarhd.com/infra/jenkins:v2.190.3
7、準備共享存儲
yum install nfs-utils -y
~]# vim /etc/exports
/data/nfs-volume 10.4.7.0/24(rw,no_root_squash)
###啟動NFS服務
~]# mkdir -p /data/nfs-volume
~]# systemctl start nfs
~]# systemctl enable nfsmkdir /data/k8s-yaml/jenkins && mkdir -p /data/nfs-volume/jenkins_home && cd /data/k8s-yaml/jenkins
~]# vi dp.yaml #用于創建配置pod控制器與pod資源
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: jenkins
namespace: infra
labels:
name: jenkins
spec:
replicas: 1
selector:
matchLabels:
name: jenkins
template:
metadata:
labels:
app: jenkins
name: jenkins
spec:
volumes:
- name: data
nfs:
server: test-operator.cedarhd.com
path: /data/nfs-volume/jenkins_home
- name: docker
hostPath:
path: /run/docker.sock
type: ''
containers:
- name: jenkins
image: test-harbor.cedarhd.com/infra/jenkins:v2.190.3
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
protocol: TCP
env:
- name: JAVA_OPTS
value: -Xmx512m -Xms512m
volumeMounts:
- name: data
mountPath: /var/jenkins_home
- name: docker
mountPath: /run/docker.sock
imagePullSecrets:
- name: harbor
securityContext:
runAsUser: 0
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600
-----------------------------------------------------------------------------------------------
~]# vim service.yaml #用于創建cluster ip與端口映射
kind: Service
apiVersion: v1
metadata:
name: jenkins
namespace: infra
spec:
ports:
- protocol: TCP
port: 80
targetPort: 8080
selector:
app: jenkins
jenkins]# cat ingress.yaml #用于創建ingress轉發規則
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: jenkins
namespace: infra
spec:
rules:
- host: test-jenkins.cedarhd.com
http:
paths:
- path: /
backend:
serviceName: jenkins
servicePort: 80
----------------------------------------------------------------------------------------------- kubectl apply -f http://k8s-yaml.cedarhd.com/jenkins/dp.yaml
kubectl apply -f http://k8s-yaml.cedarhd.com/jenkins/service.yaml
kubectl apply -f http://k8s-yaml.cedarhd.com/jenkins/ingress.yaml免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
