kubenetes部署jenkins
jenkins_rbac.yml
apiVersion: v1 kind: ServiceAccount metadata: name: jenkins namespace: jenkins --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: jenkins rules: - apiGroups: ["extensions", "apps"] resources: ["deployments"] verbs: ["create", "delete", "get", "list", "watch", "patch", "update"] - apiGroups: [""] resources: ["services"] verbs: ["create", "delete", "get", "list", "watch", "patch", "update"] - apiGroups: ["extensions","networking.k8s.io"] resources: ["ingresses"] verbs: ["create", "delete", "get", "list", "watch", "patch", "update"] - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update","watch"] - apiGroups: [""] resources: ["pods/exec"] verbs: ["create","delete","get","list","patch","update","watch"] - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] - apiGroups: [""] resources: ["secrets"] verbs: ["get"] --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: jenkins namespace: jenkins roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: jenkins subjects: - kind: ServiceAccount name: jenkins namespace: jenkins
jenkins_pv.yml
apiVersion: v1 kind: PersistentVolume metadata: name: opspv labels: pv: opspv spec: capacity: storage: 100Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Delete nfs: server: 10.10.253.109 path: /jenkins_data --- kind: PersistentVolumeClaim apiVersion: v1 metadata: name: opspvc namespace: jenkins spec: accessModes: - ReadWriteMany storageClassName: "" resources: requests: storage: 100Gi selector: matchLabels: pv: opspv
jenkins_svc.yml
apiVersion: v1 kind: Service metadata: name: jenkins namespace: jenkins labels: app: jenkins spec: selector: app: jenkins type: NodePort ports: - name: web port: 8080 targetPort: web nodePort: 30002 - name: agent port: 50000 targetPort: agent
jenkins-deployment.yml
apiVersion: apps/v1 kind: Deployment metadata: name: jenkins #deployment名称 namespace: jenkins #命名空间 spec: selector: matchLabels: app: jenkins template: metadata: labels: app: jenkins spec: terminationGracePeriodSeconds: 10 #优雅停止pod serviceAccount: jenkins #后面还需要创建服务账户 containers: - name: jenkins image: jenkins/jenkins:lts #镜像版本 imagePullPolicy: IfNotPresent ports: - containerPort: 8080 #外部访问端口 name: web protocol: TCP - containerPort: 50000 #jenkins save发现端口 name: agent protocol: TCP resources: limits: cpu: 1000m memory: 1Gi requests: cpu: 500m memory: 512Mi livenessProbe: httpGet: path: /login port: 8080 initialDelaySeconds: 60 #容器初始化完成后,等待60秒进行探针检查 timeoutSeconds: 5 failureThreshold: 12 #当Pod成功启动且检查失败时,Kubernetes将在放弃之前尝试failureThreshold次。放弃生存检查意味着重新启动Pod。而放弃就绪检查,Pod将被标记为未就绪。默认为3.最小值为1 readinessProbe: httpGet: path: /login port: 8080 initialDelaySeconds: 60 timeoutSeconds: 5 failureThreshold: 12 volumeMounts: #需要将jenkins_home目录挂载出来 - name: jenkinshome subPath: jenkins mountPath: /var/jenkins_home env: - name: LIMITS_MEMORY valueFrom: resourceFieldRef: resource: limits.memory divisor: 1Mi - name: JAVA_OPTS value: -Xmx$(LIMITS_MEMORY)m -XshowSettings:vm -Dhudson.slaves.NodeProvisioner.initialDelay=0 -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85 -Duser.timezone=Asia/Shanghai securityContext: fsGroup: 1000 volumes: - name: jenkinshome persistentVolumeClaim: claimName: opspvc #这里将上面创建的pv关联到pvc上
jenkins_ingress.yml
apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: jenkins-ingress namespace: jenkins annotations: nginx.ingress.kubernetes.io/rewrite-target: / nginx.ingress.kubernetes.io/load-balance: "ip_hash" nginx.ingress.kubernetes.io/upstream-hash-by: "$request_uri" spec: rules: - host: jenkins.meitianiot.lo http: paths: - path: / backend: serviceName: jenkins servicePort: 8080
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报
· 什么是nginx的强缓存和协商缓存
· 一文读懂知识蒸馏
· Manus爆火,是硬核还是营销?