[root@k8s-master01 Dockerfile]# pwd /usr/local/kubernetes/yaml/jenkis/Dockerfile [root@k8s-master01 Dockerfile]# cp /root/.ssh/id_rsa . [root@k8s-master01 Dockerfile]# cp /root/.docker/config.json . [root@k8s-master01 Dockerfile]# curl -fsSL get.docker.com -o get-docker.sh [root@k8s-master01 Dockerfile]# ll 总用量 28 -rw------- 1 root root 153 6月 10 21:25 config.json -rw-r--r-- 1 root root 350 6月 10 17:39 dokerfile.yaml -rw-r--r-- 1 root root 14750 6月 10 21:27 get-docker.sh -rw------- 1 root root 1679 6月 10 21:25 id_rsa [root@k8s-master01 Dockerfile]#
[root@k8s-master01 Dockerfile]# vim dockerfile.yaml FROM hub.msjfkg.com/library/jenkins:2.289.1-lts-centos7 USER root RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone ADD id_rsa /root/.ssh/id_rsa ADD config.json /root/.docker/config.json ADD get-docker.sh /get-docker.sh RUN echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config && /get-docker.sh
[root@k8s-master01 Dockerfile]# mv dockerfile.yaml Dockerfile [root@k8s-master01 Dockerfile]# docker build . -t hub.msjfkg.com/infra/jenkins:v2.289.2 Sending build context to Docker daemon 20.99kB Step 1/7 : FROM hub.msjfkg.com/library/jenkins:2.289.1-lts-centos7 ---> 0fa08602adae Step 2/7 : USER root ---> Running in 3070c30dbf78 Removing intermediate container 3070c30dbf78 ---> a42f6e0533be Step 3/7 : RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone ---> Running in 7657b642a333 Removing intermediate container 7657b642a333 ---> 6de391b0c021 Step 4/7 : ADD id_rsa /root/.ssh/id_rsa ---> 276edd129f20 Step 5/7 : ADD config.json /root/.ssh/id_rsa ---> 1d194d23f57d Step 6/7 : ADD get-docker.sh /get-docker.sh ---> 850e076220df Step 7/7 : RUN echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config && /get-docker.sh ---> Running in 5b676f11bfe9 # Executing docker install script, commit: 7cae5f8b0decc17d6571f9f52eb840fbc13b2737 + sh -c 'yum install -y -q yum-utils' Package yum-utils-1.1.31-54.el7_8.noarch already installed and latest version + sh -c 'yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo' Loaded plugins: fastestmirror, ovl adding repo from: https://download.docker.com/linux/centos/docker-ce.repo grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo repo saved to /etc/yum.repos.d/docker-ce.repo + '[' stable '!=' stable ']' + sh -c 'yum makecache' Loaded plugins: fastestmirror, ovl Loading mirror speeds from cached hostfile * base: mirrors.huaweicloud.com * extras: mirrors.bfsu.edu.cn * updates: mirrors.huaweicloud.com Metadata Cache Created + '[' -n '' ']' + sh -c 'yum install -y -q docker-ce' warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/docker-ce-20.10.7-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY Public key for docker-ce-20.10.7-3.el7.x86_64.rpm is not installed Importing GPG key 0x621E9F35: Userid : "Docker Release (CE rpm) <docker@docker.com>" Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35 From : https://download.docker.com/linux/centos/gpg setsebool: SELinux is disabled. + '[' -n 1 ']' + sh -c 'yum install -y -q docker-ce-rootless-extras' Package docker-ce-rootless-extras-20.10.7-3.el7.x86_64 already installed and latest version ================================================================================ To run Docker as a non-privileged user, consider setting up the Docker daemon in rootless mode for your user: dockerd-rootless-setuptool.sh install Visit https://docs.docker.com/go/rootless/ to learn about rootless mode. To run the Docker daemon as a fully privileged service, but granting non-root users access, refer to https://docs.docker.com/go/daemon-access/ WARNING: Access to the remote API on a privileged Docker daemon is equivalent to root access on the host. Refer to the 'Docker daemon attack surface' documentation for details: https://docs.docker.com/go/attack-surface/ ================================================================================ Removing intermediate container 5b676f11bfe9 ---> caedf3e54cca Successfully built caedf3e54cca Successfully tagged hub.msjfkg.com/infra/jenkins:v2.289.2
主节点: [root@k8s-master01 ~]# kubectl create ns infra namespace/infra created [root@k8s-master01 ~]#
主节点: [root@k8s-master01 ~]# kubectl create secret docker-registry harbor --docker-server=hub.msjfkg.com --docker-username=admin --docker-password=Harbor12345 -n infra secret/harbor created [root@k8s-master01 ~]#
准备共享存储:NFS
需要持久化的目录:/var/lib/jenkinshome 所有的运算节点运行yum install nfs-utils -y命令 [root@k8s-harbor ~]# yum install nfs-utils -y 144节点作为共享存储的server 在/etc/exports中配置 /data/nfs-volume 10.0.110.0/24(rw,no_root_squash) [root@k8s-harbor ~]# systemctl start nfs [root@k8s-harbor ~]# systemctl enable nfs Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service. [root@k8s-harbor ~]#
[root@k8s-master01 k8s-yaml]# vim svc.yaml [root@k8s-master01 k8s-yaml]# vim ingress.yaml [root@k8s-master01 k8s-yaml]# file /run/docker.sock /run/docker.sock: socket [root@k8s-master01 k8s-yaml]# vim dp.yaml
[root@k8s-master01 k8s-yaml]# kubectl apply -f dp.yaml deployment.extensions/jenkins created [root@k8s-master01 k8s-yaml]# kubectl apply -f svc.yaml service/jenkins created [root@k8s-master01 k8s-yaml]# kubectl apply -f ingress.yaml ingress.extensions/jenkins created [root@k8s-master01 k8s-yaml]#
[root@k8s-master01 k8s-yaml]# kubectl get all -n infra NAME READY STATUS RESTARTS AGE pod/jenkins-659b969cbd-rj2wt 0/1 ContainerCreating 0 2m14s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/jenkins ClusterIP 10.111.142.244 <none> 80/TCP 114s NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/jenkins 0/1 1 0 2m14s NAME DESIRED CURRENT READY AGE replicaset.apps/jenkins-659b969cbd 1 1 0 2m14s [root@k8s-master01 k8s-yaml]#
[root@k8s-master01 ~]# ssh -i /root/.ssh/id_rsa -T git@10.0.110.52 Welcome to GitLab, tian! [root@k8s-master01 ~]#
文件缓存存放的位置
sh-4.2# cd /root/.m2/repository/ sh-4.2# ls -l total 4 drwxr-xr-x 3 root root 25 Jun 22 15:46 aopalliance drwxr-xr-x 4 root root 35 Jun 22 15:47 asm drwxr-xr-x 3 root root 38 Jun 22 15:50 backport-util-concurrent drwxr-xr-x 3 root root 17 Jun 22 15:31 ch drwxr-xr-x 3 root root 25 Jun 22 15:52 classworlds drwxr-xr-x 11 root root 141 Jun 22 15:50 com drwxr-xr-x 3 root root 27 Jun 22 15:55 commons-codec drwxr-xr-x 3 root root 24 Jun 22 15:45 commons-io drwxr-xr-x 3 root root 29 Jun 22 15:55 commons-logging drwxr-xr-x 8 root root 105 Jun 22 15:30 io drwxr-xr-x 5 root root 53 Jun 22 15:32 jakarta drwxr-xr-x 5 root root 56 Jun 22 15:46 javax drwxr-xr-x 3 root root 19 Jun 22 15:52 junit drwxr-xr-x 5 root root 50 Jun 22 15:54 net drwxr-xr-x 25 root root 4096 Jun 22 15:54 org sh-4.2#