网站收录代做/如何设置友情链接
顺序
- 文件数量
- 文件说明
- 文件内容
- rbac.yaml
- pvc.yaml
- jenkins.yaml
文件数量
一共有三个jenkins的yaml文件,分别是jenkins.yaml,pvc.yaml,rbac.yaml。
文件说明
rbac.yaml:用于在K8S中创建jenkins的集群角色,并赋予角色权限,用于jenkins调用K8S集群拉取一个slave pod。
pvc.yaml:用于创建NFS文件系统的存储卷和存储卷声明,用于存放数据,可改为其他存储类。
Jenkins.yaml:用于创建jenkins副本和暴露端口。
文件内容
rbac.yaml
注:目前为默认的命名空间,根据实际情况更改
---apiVersion: v1
kind: ServiceAccount
metadata:name: jenkinsnamespace: default---kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:name: jenkins
rules:- apiGroups: ["extensions", "apps"]resources: ["deployments"]verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]- apiGroups: [""]resources: ["services"]verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]- apiGroups: [""]resources: ["pods"]verbs: ["create","delete","get","list","patch","update","watch"]- apiGroups: [""]resources: ["pods/exec"]verbs: ["create","delete","get","list","patch","update","watch"]- apiGroups: [""]resources: ["pods/log"]verbs: ["get","list","watch"]- apiGroups: [""]resources: ["secrets"]verbs: ["get"]---apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:name: jenkinsnamespace: default
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: jenkins
subjects:- kind: ServiceAccountname: jenkinsnamespace: default
pvc.yaml
注:目前存储类型为NFS,存放目录为/data/jenkins,存储大小为21Gi,nfs服务器地址,目录等可根据实际情况更改
---apiVersion: v1
kind: PersistentVolume
metadata:name: jenkins-pvnamespace: default
spec:capacity:storage: 21GiaccessModes:- ReadWriteManypersistentVolumeReclaimPolicy: Deletenfs:server: 192.168.0.12path: /data/jenkins---kind: PersistentVolumeClaim
apiVersion: v1
metadata:name: jenkins-pvcnamespace: default
spec:accessModes:- ReadWriteManyresources:requests:storage: 20Gi
jenkins.yaml
注:此yaml文件已经进行了优化,建议只更改部分关键配置,目前持久化存储位置为/data/jenkins_pxdy,可根据实际情况匹配pv,端口为30002,slave通信端口为30003。
---
apiVersion: apps/v1
kind: Deployment
metadata:name: jenkinsnamespace: default
spec:selector:matchLabels:app: jenkinstemplate:metadata: labels: app : jenkinsspec:terminationGracePeriodSeconds: 10serviceAccount: jenkinscontainers:- name: jenkinsimage: jenkins:2.269 #根据需求修改imagePullPolicy: IfNotPresentsecurityContext:runAsUser: 0 privileged: trueports:- containerPort: 8080name: webprotocol: TCP- containerPort: 50000name: agentprotocol: TCPresources:limits:cpu: 3000mmemory: 3Girequests:cpu: 1000mmemory: 1GilivenessProbe:httpGet:path: /loginport: 8080initialDelaySeconds: 60timeoutSeconds: 5failureThreshold: 12readinessProbe:httpGet:path: /loginport: 8080initialDelaySeconds: 60timeoutSeconds: 5failureThreshold: 12volumeMounts:- name: jenkinshome# subPath: jenkinsmountPath: /var/jenkins_homeenv:- name: LIMITS_MEMORYvalueFrom:resourceFieldRef:resource: limits.memorydivisor: 1Mi- name: JAVA_OPTSvalue: -Xmx$(LIMITS_MEMORY)m -XshowSettings:vm -Dhudson.slaves.NodeProvisioner.initialDelay=0 -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85 -Duser.timezone=Asia/ShanghaisecurityContext:fsGroup: 1000volumes:- name: jenkinshomehostPath: path: /data/jenkins_pxdytype: Directory#volumes: #- name: jenkinshome# persistentVolumeClaim:# claimName: jenkins-pvc---apiVersion: v1
kind: Service
metadata:name: jenkinsnamespace: defaultlabels:app: jenkins
spec:selector:app: jenkinstype: NodePortports:- name: webport: 8080targetPort: 8080nodePort: 30002- name: agentport: 50000targetPort: 50000nodePort: 30003