这是一篇学习记录。记录kubernetes集群中如何将jenkins服务通过域名接入外部。由于是测试环境,域名是自定义的,解析写在/etc/hosts和自己本地的hosts中。
部署图:
一、部署后端Jenkins的pod和service
# cd ../
# mkdir demo
# cd demo
# cat deploy-jenkinsdemo.yaml
apiVersion: v1
kind: Service #资源类别是Service
metadata: #元数据
name: myapp #在同一个资源类别中,唯一的名字
namespace: default #名称空间
spec: #目标状态
selector: #
app: myapp
release: canary
ports:
- name: http
port: 8080
targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deploy
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: myapp
release: canary
template:
metadata:
labels:
app: myapp
release: canary
spec:
containers: #以下是容器的配置。与containers同级的配置属于pod的设置
- name: myapp
image: jenkins/jenkins:lts
ports:
- name: http
containerPort: 8080
#docker pull jenkins/jenkins:lts
#kubectl apply -f deploy-jenkinsdemo.yaml
# kubectl get pods -n default
NAME READY STATUS RESTARTS AGE
myapp-deploy-5565c495f4-9hz8d 1/1 Running 0 19h
# kubectl get svc -n default
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 77d
myapp ClusterIP 10.99.69.88 <none> 8080/TCP 19h
二、部署ingress-controller
https://github.com/kubernetes/ingress-nginx/tree/master/deploy/static 下载:
https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml(通用的部署方式,单用这文件可以部署)
我用基本的部署文件。先执行namespace.yaml,后执行configmap.yaml、rbac.yaml、with-rabc.yaml
#mkdir ingress-nginx
#cd ingress-nginx
#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/configmap.yaml
#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/namespace.yaml
#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/rbac.yaml
#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/with-rabc.yaml
#docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.0 (网络不好会比较慢,先下载)
#kubectl apply -f namespace.yaml
#kubectl apply -f ./
# kubectl get pods -n ingress-nginx
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-86449c74bb-4cp6c 1/1 Running 0 19h
三、部署Service(ingress-nginx)
# cat service-nodeport.yaml
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
type: NodePort
ports:
- name: http
port: 80
targetPort: 80
nodePort: 30080
protocol: TCP
- name: https
port: 443
targetPort: 443
nodePort: 30443
protocol: TCP
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
---
#kubectl apply -f service-nodeport.yaml
# kubectl get service -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.110.96.58 <none> 80:30080/TCP,443:30443/TCP 19h
启动service的ingres-nginx后,可以查看nginx.conf配置,配置会自动更新。
# kubectl exec -n ingress-nginx -it nginx-ingress-controller-86449c74bb-4cp6c -- /bin/sh
$ cat nginx.conf
查看所有节点的服务情况:
所有节点的30080端口都已经打开
域名myapp.magedu.com会负载均衡到所有节点。
四、验证
由于域名是自己编的,没有dns解析。所以:
1.在k8s集群的节点配置hosts:
# cat /etc/hosts
ip.204 myapp.magedu.com
ip.143 myapp.magedu.com
ip.240 myapp.magedu.com
2.在自己本地修改hosts
3.在本机浏览器中访问:
myapp.magedu.com:30080
4.复制Jenkins的密钥:
# kubectl exec -n default -it myapp-deploy-5565c495f4-9hz8d -- /bin/sh
$ cat /var/jenkins_home/secrets/initialAdminPassword
d7d3a04411734841a49cdac9b78e6ab4
5.正常使用Jenkins
