構建新的jenkins鏡像
docker pull jenkins/jenkins:2.190.3 mkdir -p /data/dockerfile/jenkins && cd /data/dockerfile/jenkins vim dockerfile FROM jenkins/jenkins:2.190.3 USER root ADD id_rsa /root/.ssh/id_rsa ADD config.json /root/.docker/config.json #把200 的/root/.docker/config.json cp 到Jenkins容器裏面。 ADD get-docker.sh /get-docker.sh RUN echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config &&\ /get-docker.sh --mirror Aliyun &&\ /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\ echo 'Asia/Shanghai' >/etc/timezone
ssh-keygen -t rsa -b 2048 -C "[email protected]" -N "" -f /root/.ssh/id_rsa #這個郵箱要用自己的,後面和gitee進行聯動。
基於 jenkins/jenkins:2.190.3 構建一個新的Jenkins 鏡像 dockerfile 說明: 設置容器內的時區 將ssh私鑰加入到容器,後來從gitee 拉取代碼會用到,配對的公鑰應配置在gitlab中 加入了登錄自建harbor倉庫的config文件 在容器裏安裝docker客戶端
[root@hdss7-200 jenkins]# ll
total 28
-rw------- 1 root root 151 May 4 21:48 config.json
-rw-r--r-- 1 root root 381 May 4 22:16 dockerfile
-rwxr-xr-x 1 root root 13328 May 4 21:34 get-docker.sh
-rw------- 1 root root 1679 May 4 21:38 id_rsa
[root@hdss7-200 jenkins]# pwd
/data/dockerfile/jenkins
# 構建鏡像,時間比較長。
docker build . -t harbor.od.com/infra/jenkins:v2.190.3
構建好了後 運行該鏡像 測試到gitee 的連接性:
docker run --rm harbor.od.com/infra/jenkins:v2.190.3 ssh -i /root/.ssh/id_rsa -T [email protected]
Warning: Permanently added 'gitee.com,212.64.62.174' (ECDSA) to the list of known hosts.
Hi xxx! You've successfully authenticated, but GITEE.COM does not provide shell access.
配置 nfs 共享
給Jenkins存儲用的
# 在所有主機上: yum install nfs-utils -y #在7.200 上 vim /etc/exports /data/nfs-volume 10.4.7.0/24(rw,no_root_squash) mkdir -p /data/nfs-volume systemctl start nfs systemctl enable nfs
jenkins yaml 配置文件
docker pull jenkins/jenkins:2.190.3 #Jenkins 鏡像
[root@hdss7-200 jenkins]# cat dp.yaml kind: Deployment apiVersion: extensions/v1beta1 metadata: name: jenkins namespace: infra labels: name: jenkins spec: replicas: 1 selector: matchLabels: name: jenkins template: metadata: labels: app: jenkins name: jenkins spec: volumes: - name: data nfs: server: hdss7-200 path: /data/nfs-volume/jenkins_home - name: docker hostPath: path: /run/docker.sock type: '' containers: - name: jenkins image: harbor.od.com/infra/jenkins:v2.190.3 imagePullPolicy: IfNotPresent ports: - containerPort: 8080 protocol: TCP env: - name: JAVA_OPTS value: -Xmx1024m -Xms1024m volumeMounts: - name: data mountPath: /var/jenkins_home - name: docker mountPath: /run/docker.sock imagePullSecrets: - name: harbor securityContext: runAsUser: 0 strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 maxSurge: 1 revisionHistoryLimit: 7 progressDeadlineSeconds: 600
=============================
spec: volumes: - name: data nfs: server: hdss7-200 path: /data/nfs-volume/jenkins_home
指定 遠程的nfs server ip 和遠程路徑
=============================================
[root@hdss7-200 jenkins]# cat ingress.yaml kind: Ingress apiVersion: extensions/v1beta1 metadata: name: jenkins namespace: infra spec: rules: - host: jenkins.od.com http: paths: - path: / backend: serviceName: jenkins servicePort: 80
[root@hdss7-200 jenkins]# cat svc.yaml kind: Service apiVersion: v1 metadata: name: jenkins namespace: infra spec: type: NodePort ports: - protocol: TCP port: 80 targetPort: 8080 nodePort: 22143 selector: app: jenkins
然後 apply -f 這四個文件
初始化Jenkins
在 dns server 7.11 上 增加A 記錄 jenkins A 10.4.7.10 瀏覽器訪問 jenkins.od.com 初始化密碼的位置 ,在nfs server 200 上。 jenkins_home]# cat /data/nfs-volume/jenkins_home/secrets/initialAdminPassword
安裝blue-ocean 插件 ,後面 流水線構建時候回用到
安裝blue-ocean 插件 ,後面 流水線構建時候回用到
現在jenkins 部署好了,下面可以通過jenkins 結合 gitee 進行流水線構建微服務了, 下篇寫。