k8s部署jenkins
登录 / 注册
标签搜索
侧边栏壁纸
博主昵称

  • 累计撰写 112 篇文章
  • 累计收到 940 条评论
Jenkins k8s

k8s部署jenkins

axing
axing
2025-07-27 / 0 评论 / 3 阅读 / 正在检测是否收录...
温馨提示:
本文最后更新于2025年07月28日,已超过27天没有更新,若内容或图片失效,请留言反馈。

一、创建资源
1.1 jenkins-deployment.yaml

cat > deployment.yaml  << EOF
# jenkins-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: jenkins
  namespace: cicd
spec:
  replicas: 1
  selector:
    matchLabels:
      app: jenkins
  template:
    metadata:
      labels:
        app: jenkins
    spec:
      securityContext:
        fsGroup: 1000  # 确保 Jenkins 用户有存储写入权限
      serviceAccountName: jenkins-admin
      containers:
      - name: jenkins
        image: registry.cn-guangzhou.aliyuncs.com/xingcangku/jenkins-jenkins-lts-jdk17:lts-jdk17
        imagePullPolicy: IfNotPresent
        ports:
          - containerPort: 8080
          - containerPort: 50000
            #env:
            #- name: JAVA_OPTS
            #value: "-Djenkins.install.runSetupWizard=false -Xmx2g"  # 跳过初始化向导,内存限制
        volumeMounts:
          - name: jenkins-data
            mountPath: /var/jenkins_home
        resources:
          limits:
            cpu: "1"
            memory: "3Gi"
          requests:
            cpu: "0.5"
            memory: "1Gi"
        livenessProbe:
          httpGet:
            path: /login
            port: 8080
          initialDelaySeconds: 90
          periodSeconds: 10
      volumes:
        - name: jenkins-data
          persistentVolumeClaim:
            claimName: jenkins-pvc  # 绑定 CephFS PVC
EOF

1.2 jenkins-pvc.yaml

cat > pvc.yaml  << EOF 
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: jenkins-pvc  # PVC 的名称
  namespace: cicd  # 建议创建一个专门的命名空间,如 devops
spec:
  storageClassName: ceph-cephfs  # ⚠️ 确保这里与你部署的 StorageClass 名称完全一致
  accessModes:
    - ReadWriteMany  # Jenkins 适合使用多个节点可读写的存储
  resources:
    requests:
      storage: 20Gi  # 根据你的需求调整存储大小,建议至少 10-20Gi
EOF

1.3 jenkins-rbac.yaml

cat > rbac.yaml << EOF
# rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins-admin
  namespace: cicd
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: jenkins-admin-crb
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: edit  # 授予命名空间内管理权限
subjects:
  - kind: ServiceAccount
    name: jenkins-admin
    namespace: jenkins
EOF

1.4 jenkins-svc.yaml

cat > svc.yaml << EOF 
# service.yaml
apiVersion: v1
kind: Service
metadata:
  name: jenkins-service
  namespace: cicd
spec:
  type: NodePort
  ports:
    - port: 8080
      targetPort: 8080
      name: http
    - port: 50000
      targetPort: 50000
      name: agent
  selector:
    app: jenkins
EOF

1.5 账号密码

账号admin
密码去容器里面中查看 cat /var/jenkins_home/secrets/initialAdminPassword

mdlr3f2d.png

0
暂无标签
版权属于: axing
本文链接: https://axzys.cn/index.php/archives/457/
作品采用: 署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0) 》许可协议授权

评论 (0)

取消