k8s部署jenkins
系统管理 - 全局安全配置 - 安全域 - LDAP。创建jenkins数据目录。
·
下载jenkins镜像
docker pull jenkins/jenkins:2.277.4
Dockerfile
FROM jenkins/jenkins:2.277.4
USER root
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\
echo 'Asia/Shanghai' >/etc/timezone
ADD id_rsa /root/.ssh/id_rsa
ADD config.json /root/.docker/config.json
构建镜像
docker build . -t harbor.uat.wuxingge.com.cn/uat/jenkins/jenkins:2.277.4
docker push harbor.uat.wuxingge.com.cn/uat/jenkins/jenkins:2.277.4
nfs配置
vim /etc/exports
/devops *(insecure,rw,sync,no_root_squash)
创建jenkins数据目录
mkdir /devops/jenkins
部署jenkins
jenkins_deploy_service.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: devops
labels:
name: jenkins
spec:
replicas: 1
selector:
matchLabels:
name: jenkins
template:
metadata:
labels:
app: jenkins
name: jenkins
spec:
volumes:
- name: data
nfs:
server: 10.10.98.32
path: /devops/jenkins
- name: docker-sock
hostPath:
path: /run/docker.sock
- name: docker
hostPath:
path: /usr/bin/docker
containers:
- name: jenkins
image: harbor.uat.wuxingge.com.cn/uat/jenkins/jenkins:2.277.4
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
name: web
protocol: TCP
- containerPort: 50000
name: agent
protocol: TCP
env:
- name: JAVA_OPTS
value: -Xmx512m -Xms512m
volumeMounts:
- name: data
mountPath: /var/jenkins_home
- name: docker-sock
mountPath: /run/docker.sock
- name: docker
mountPath: /usr/bin/docker
# imagePullSecrets:
# - name: harbor
securityContext:
runAsUser: 0
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: jenkins
namespace: devops
spec:
ports:
- name: web
port: 8080
targetPort: web
- name: agent
port: 50000
targetPort: agent
selector:
app: jenkins
ingress.yaml
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: jenkins
namespace: devops
spec:
rules:
- host: jenkins.uat.wuxingge.com.cn
http:
paths:
- path: /
backend:
serviceName: jenkins
servicePort: 8080
jenkin在k8s中的地址
http://jenkins.devops.svc.cluster.local:8080
jenkins ldap认证
系统管理 - 全局安全配置 - 安全域 - LDAP
Server:ldap://192.168.44.20:389
root DN:dc=wuxingge,dc=com,dc=cn
User search filter:(&(uid={0})(memberof=cn=jenkins,ou=application,dc=wuxingge,dc=com,dc=cn))
Group membership:选择 Search for LDAP groups containing user
Manager DN:cn=writeuser,cn=manager,dc=wuxingge,dc=com,dc=cn
Manager Password:password123
Test LDAP settings:User: ldap用户uid , Password: ldap用户密码 , Test 需要连接成功
更多推荐
已为社区贡献33条内容
所有评论(0)