记录下使用Kuboard管理页面搭建Jenkins

Jenkins

Jenkins搭建流程

1.设置镜像
2.创建存储卷
3.配置服务
4.启动镜像

5.安装插件

#需要的插件有
Kubernetes
Maven Integration plugin
Docker
Version Number

6.配置节点

# Dashboard > 系统管理 > 节点列表 > clouds 
# Kubernetes 地址  https://kubernetes.default
# 禁用 HTTPS 证书检查

# 测试链接报错
Error testing connection https://kubernetes.default: io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET at: https://kubernetes.default/api/v1/namespaces/study/pods. Message: pods is forbidden: User "system:serviceaccount:study:default" cannot list resource "pods" in API group "" in the namespace "study". Received status: Status(apiVersion=v1, code=403, details=StatusDetails(causes=[], group=null, kind=pods, name=null, retryAfterSeconds=null, uid=null, additionalProperties={}), kind=Status, message=pods is forbidden: User "system:serviceaccount:study:default" cannot list resource "pods" in API group "" in the namespace "study", metadata=ListMeta(_continue=null, remainingItemCount=null, resourceVersion=null, selfLink=null, additionalProperties={}), reason=Forbidden, status=Failure, additionalProperties={}).
# 解决方案 master执行
kubectl create clusterrolebinding gitlab-cluster-admin --clusterrole=cluster-admin --group=system:serviceaccounts --namespace=dev

# Dashboard > 系统管理 > 节点列表 > clouds > docker
# 需要修改master节点/usr/lib/systemd/system/docker.service 下 ExecStart=/usr/bin/dockerd 
# 修改成ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock 
Docker Host URI tcp://10.15.0.10:2375

7.设置docker镜像源

部署nexus

容器镜像 klo2k/nexus3
存储挂载 /nexus-data
暴露 8081 8082端口

创建仓库

# 编辑/etc/docker/daemon.json
{
  "registry-mirrors": ["https://x88d3414.mirror.aliyuncs.com"],
  "insecure-registries": ["10.15.0.10:8082"], #远程仓库地址
  "exec-opts": ["native.cgroupdriver=systemd"],
  
  "live-restore": true
}
systemctl daemon-reload
systemctl restart docker
[root@node1 docker]# docker login 10.15.0.10:8082
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded```

8.创建

DOCKER_VERSION
lionel-auth.${BUILD_DATE_FORMATTED, "yyyyMMdd"}.${BUILD_NUMBER}

10.15.0.10:8082/lionel-docker/lionel-auth:${DOCKER_VERSION}

9.构建私有仓库服务
yaml文件

---
apiVersion: apps/v1
kind: Deployment
metadata:
  annotations: {}
  labels:
    k8s.kuboard.cn/layer: db
    k8s.kuboard.cn/name: jenkins
  name: jenkins
  namespace: study
  resourceVersion: '245717'
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      k8s.kuboard.cn/layer: db
      k8s.kuboard.cn/name: jenkins
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      annotations:
        kubectl.kubernetes.io/restartedAt: '2024-02-28T16:47:17+08:00'
      creationTimestamp: null
      labels:
        k8s.kuboard.cn/layer: db
        k8s.kuboard.cn/name: jenkins
    spec:
      containers:
        - image: 'jenkins/jenkins:2.447-jdk11'
          imagePullPolicy: IfNotPresent
          name: jenkins
          resources: {}
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          volumeMounts:
            - mountPath: /var/jenkins_home
              name: volume-4bxez
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
        - name: volume-4bxez
          persistentVolumeClaim:
            claimName: lionel-jenkins
status:
  availableReplicas: 1
  conditions:
    - lastTransitionTime: '2024-02-28T08:20:43Z'
      lastUpdateTime: '2024-02-28T08:20:43Z'
      message: Deployment has minimum availability.
      reason: MinimumReplicasAvailable
      status: 'True'
      type: Available
    - lastTransitionTime: '2024-02-27T08:54:14Z'
      lastUpdateTime: '2024-02-28T08:47:19Z'
      message: ReplicaSet "jenkins-777655c9fc" has successfully progressed.
      reason: NewReplicaSetAvailable
      status: 'True'
      type: Progressing
  observedGeneration: 10
  readyReplicas: 1
  replicas: 1
  updatedReplicas: 1

---
apiVersion: v1
kind: Service
metadata:
  annotations: {}
  labels:
    k8s.kuboard.cn/layer: db
    k8s.kuboard.cn/name: jenkins
  name: jenkins
  namespace: study
  resourceVersion: '221440'
spec:
  clusterIP: 10.111.46.153
  externalTrafficPolicy: Cluster
  ports:
    - name: rq2gsn
      nodePort: 8888
      port: 8080
      protocol: TCP
      targetPort: 8080
  selector:
    k8s.kuboard.cn/layer: db
    k8s.kuboard.cn/name: jenkins
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

10.镜像更新操作
生成CI/CD

curl -X PUT \
    -H "content-type: application/json" \
    -H "Cookie: KuboardUsername=admin; KuboardAccessKey=rciesf6kdcji.mr8izdd7dz5e43c8z7kj34kwihbmdtms" \
    -d '{"kind":"deployments","namespace":"study","name":"lionel-auth","images":{"10.15.0.10:8082/lionel-docker/lionel-auth":"10.15.0.10:8082/lionel-docker/lionel-auth:'${DOCKER_VERSION}'"}}' \
    "http://10.15.0.10:30080/kuboard-api/cluster/Lionel/kind/CICDApi/admin/resource/updateImageTag"

jenkins配置