K8S部署Jenkins & 配置国内镜像源
0x01 k8s部署jenkins
1、docker file
可以在原先镜像上安装nodejs跟npm
FROM swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/jenkins/jenkins:lts-jdk17
USER root
# 1. 替换 APT 源(可选)
COPY sources.list /etc/apt/sources.list
# 2. 更新并安装基础工具(如 curl)
RUN apt update && apt install -y curl vim wget
# 3. 安装 Node.js 16 LTS(推荐方式)
RUN curl -fsSL https://deb.nodesource.com/setup_16.x | bash - && \
apt install -y nodejs && \
node -v && npm -v
# 4. 清理缓存(减小镜像体积)
RUN apt clean && rm -rf /var/lib/apt/lists/*
# 5. 切换回 Jenkins 用户
USER jenkins
2、yaml
# https://www.jenkins.io/doc/book/installing/kubernetes/
# kubectl exec -it "deployment.apps/jenkins" cat /var/jenkins_home/secrets/initialAdminPassword -n base-ops
# 常见问题解决 https://mp.weixin.qq.com/s/ajE8pRG--bl4KzSC8g__KA
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: jenkins-admin
rules:
- apiGroups: [""]
resources: ["*"]
verbs: ["*"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins-admin
namespace: base-ops
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: jenkins-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: jenkins-admin
subjects:
- kind: ServiceAccount
name: jenkins-admin
namespace: base-ops
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-server-data-pvc
namespace: base-ops
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: base-ops
spec:
replicas: 1
selector:
matchLabels:
app: jenkins-server
template:
metadata:
labels:
app: jenkins-server
spec:
securityContext:
fsGroup: 1000
runAsUser: 1000
serviceAccountName: jenkins-admin
containers:
- name: jenkins
image: swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/jenkins/jenkins:lts-jdk17
resources:
limits:
memory: "2Gi"
cpu: "1000m"
requests:
memory: "500Mi"
cpu: "500m"
ports:
- name: httpport
containerPort: 8080
- name: jnlpport
containerPort: 50000
livenessProbe:
httpGet:
path: "/login"
port: 8080
initialDelaySeconds: 90
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
readinessProbe:
httpGet:
path: "/login"
port: 8080
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
volumeMounts:
- name: jenkins-server-data
mountPath: /var/jenkins_home
volumes:
- name: jenkins-server-data
persistentVolumeClaim:
claimName: jenkins-server-data-pvc
---
apiVersion: v1
kind: Service
metadata:
name: jenkins-service
namespace: base-ops
annotations:
prometheus.io/scrape: 'true'
prometheus.io/path: /
prometheus.io/port: '8080'
spec:
selector:
app: jenkins-server
type: NodePort
ports:
- port: 8080
targetPort: 8080
0x02 配置jenkins镜像源
1、更换国内源
cd $JENKINS_HOME
vi hudson.model.UpdateCenter.xml
<?xml version='1.1' encoding='UTF-8'?>
<sites>
<site>
<id>default</id>
<url>https://mirrors.cloud.tencent.com/jenkins/updates/update-center.json</url>
</site>
</sites>
也可以通过jenkins的插件管理里进行更改,更改后重启jenkins
2、解决配置后不生效,报错的问题
更改后会发现下载源依旧不会生效会报错,日志信息显示download地址依旧为jenkins官方源的地址,jenkis本地还有校验源,所以我们要修改jenkins校验源defalut.json的内容,两个一致即可。
cd $JENKINS_HOME/updates/
cp default.json default.json.bak
sed -i 's/https:\/\/updates.jenkins.io\/download/http:\/\/mirrors.cloud.tencent.com\/jenkins/g' default.json
sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
参考链接:https://blog.csdn.net/qq_38452201/article/details/108455560