k8s-jenkins

[root@k8s-master01 Dockerfile]# pwd
/usr/local/kubernetes/yaml/jenkis/Dockerfile
[root@k8s-master01 Dockerfile]# cp /root/.ssh/id_rsa .
[root@k8s-master01 Dockerfile]# cp /root/.docker/config.json .
[root@k8s-master01 Dockerfile]# curl -fsSL get.docker.com -o get-docker.sh
[root@k8s-master01 Dockerfile]# ll
总用量 28
-rw------- 1 root root   153 6月  10 21:25 config.json
-rw-r--r-- 1 root root   350 6月  10 17:39 dokerfile.yaml
-rw-r--r-- 1 root root 14750 6月  10 21:27 get-docker.sh
-rw------- 1 root root  1679 6月  10 21:25 id_rsa
[root@k8s-master01 Dockerfile]# 

[root@k8s-master01 Dockerfile]# vim dockerfile.yaml 

FROM hub.msjfkg.com/library/jenkins:2.289.1-lts-centos7
USER root
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&
    echo 'Asia/Shanghai' >/etc/timezone
ADD id_rsa /root/.ssh/id_rsa
ADD config.json /root/.docker/config.json
ADD get-docker.sh /get-docker.sh
RUN echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config &&
    /get-docker.sh

[root@k8s-master01 Dockerfile]# mv dockerfile.yaml Dockerfile
[root@k8s-master01 Dockerfile]# docker build . -t hub.msjfkg.com/infra/jenkins:v2.289.2
Sending build context to Docker daemon  20.99kB
Step 1/7 : FROM hub.msjfkg.com/library/jenkins:2.289.1-lts-centos7
 ---> 0fa08602adae
Step 2/7 : USER root
 ---> Running in 3070c30dbf78
Removing intermediate container 3070c30dbf78
 ---> a42f6e0533be
Step 3/7 : RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&    echo 'Asia/Shanghai' >/etc/timezone
 ---> Running in 7657b642a333
Removing intermediate container 7657b642a333
 ---> 6de391b0c021
Step 4/7 : ADD id_rsa /root/.ssh/id_rsa
 ---> 276edd129f20
Step 5/7 : ADD config.json /root/.ssh/id_rsa
 ---> 1d194d23f57d
Step 6/7 : ADD get-docker.sh /get-docker.sh
 ---> 850e076220df
Step 7/7 : RUN echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config &&    /get-docker.sh
 ---> Running in 5b676f11bfe9
# Executing docker install script, commit: 7cae5f8b0decc17d6571f9f52eb840fbc13b2737
+ sh -c 'yum install -y -q yum-utils'
Package yum-utils-1.1.31-54.el7_8.noarch already installed and latest version
+ sh -c 'yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo'
Loaded plugins: fastestmirror, ovl
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
+ '[' stable '!=' stable ']'
+ sh -c 'yum makecache'
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: mirrors.huaweicloud.com
 * extras: mirrors.bfsu.edu.cn
 * updates: mirrors.huaweicloud.com
Metadata Cache Created
+ '[' -n '' ']'
+ sh -c 'yum install -y -q docker-ce'
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/docker-ce-20.10.7-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Public key for docker-ce-20.10.7-3.el7.x86_64.rpm is not installed
Importing GPG key 0x621E9F35:
 Userid     : "Docker Release (CE rpm) <docker@docker.com>"
 Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
 From       : https://download.docker.com/linux/centos/gpg
setsebool:  SELinux is disabled.
+ '[' -n 1 ']'
+ sh -c 'yum install -y -q docker-ce-rootless-extras'
Package docker-ce-rootless-extras-20.10.7-3.el7.x86_64 already installed and latest version

================================================================================

To run Docker as a non-privileged user, consider setting up the
Docker daemon in rootless mode for your user:

    dockerd-rootless-setuptool.sh install

Visit https://docs.docker.com/go/rootless/ to learn about rootless mode.


To run the Docker daemon as a fully privileged service, but granting non-root
users access, refer to https://docs.docker.com/go/daemon-access/

WARNING: Access to the remote API on a privileged Docker daemon is equivalent
         to root access on the host. Refer to the 'Docker daemon attack surface'
         documentation for details: https://docs.docker.com/go/attack-surface/

================================================================================

Removing intermediate container 5b676f11bfe9
 ---> caedf3e54cca
Successfully built caedf3e54cca
Successfully tagged hub.msjfkg.com/infra/jenkins:v2.289.2

主节点：
[root@k8s-master01 ~]# kubectl create ns infra
namespace/infra created
[root@k8s-master01 ~]# 

主节点：
[root@k8s-master01 ~]# kubectl create secret docker-registry harbor --docker-server=hub.msjfkg.com --docker-username=admin --docker-password=Harbor12345 -n infra
secret/harbor created
[root@k8s-master01 ~]# 

准备共享存储：NFS

需要持久化的目录：/var/lib/jenkinshome

所有的运算节点运行yum install nfs-utils -y命令
[root@k8s-harbor ~]# yum install nfs-utils -y

144节点作为共享存储的server
在/etc/exports中配置
/data/nfs-volume 10.0.110.0/24(rw,no_root_squash)

[root@k8s-harbor ~]# systemctl start nfs
[root@k8s-harbor ~]# systemctl enable nfs
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
[root@k8s-harbor ~]# 

[root@k8s-master01 k8s-yaml]# vim svc.yaml
[root@k8s-master01 k8s-yaml]# vim ingress.yaml
[root@k8s-master01 k8s-yaml]# file /run/docker.sock 
/run/docker.sock: socket
[root@k8s-master01 k8s-yaml]# vim dp.yaml 

[root@k8s-master01 k8s-yaml]# kubectl apply -f dp.yaml 
deployment.extensions/jenkins created
[root@k8s-master01 k8s-yaml]# kubectl apply -f svc.yaml 
service/jenkins created
[root@k8s-master01 k8s-yaml]# kubectl apply -f ingress.yaml 
ingress.extensions/jenkins created
[root@k8s-master01 k8s-yaml]# 

[root@k8s-master01 k8s-yaml]# kubectl get all -n infra
NAME                           READY   STATUS              RESTARTS   AGE
pod/jenkins-659b969cbd-rj2wt   0/1     ContainerCreating   0          2m14s


NAME              TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
service/jenkins   ClusterIP   10.111.142.244   <none>        80/TCP    114s


NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/jenkins   0/1     1            0           2m14s

NAME                                 DESIRED   CURRENT   READY   AGE
replicaset.apps/jenkins-659b969cbd   1         1         0       2m14s




[root@k8s-master01 k8s-yaml]# 

[root@k8s-master01 ~]# ssh -i /root/.ssh/id_rsa -T git@10.0.110.52
Welcome to GitLab, tian!
[root@k8s-master01 ~]# 

 文件缓存存放的位置

sh-4.2# cd /root/.m2/repository/
sh-4.2# ls -l
total 4
drwxr-xr-x  3 root root   25 Jun 22 15:46 aopalliance
drwxr-xr-x  4 root root   35 Jun 22 15:47 asm
drwxr-xr-x  3 root root   38 Jun 22 15:50 backport-util-concurrent
drwxr-xr-x  3 root root   17 Jun 22 15:31 ch
drwxr-xr-x  3 root root   25 Jun 22 15:52 classworlds
drwxr-xr-x 11 root root  141 Jun 22 15:50 com
drwxr-xr-x  3 root root   27 Jun 22 15:55 commons-codec
drwxr-xr-x  3 root root   24 Jun 22 15:45 commons-io
drwxr-xr-x  3 root root   29 Jun 22 15:55 commons-logging
drwxr-xr-x  8 root root  105 Jun 22 15:30 io
drwxr-xr-x  5 root root   53 Jun 22 15:32 jakarta
drwxr-xr-x  5 root root   56 Jun 22 15:46 javax
drwxr-xr-x  3 root root   19 Jun 22 15:52 junit
drwxr-xr-x  5 root root   50 Jun 22 15:54 net
drwxr-xr-x 25 root root 4096 Jun 22 15:54 org
sh-4.2#