Kubernetes 创建 Jenkins 实现 CICD 配置指南
拉取 Jenkins 镜像并推送到当地仓库
- # 从官方仓库拉取镜像(若网络不通畅可使用国内镜像源)
- docker pull jenkins/jenkins:lts-jdk11
- # 国内用户可去下面地址寻找镜像源并拉取:
- https://docker.aityp.com
- # 推送到本地 Kubernetes 镜像仓库
- docker tag jenkins/jenkins:lts-jdk11 192.168.1.13:5000/datasafe/jenkins:lts-jdk11
- docker push 192.168.1.13:5000/datasafe/jenkins:lts-jdk11
- kubectl create ns jenkins
2.1 检查 ServiceAccount 是否存在
- kubectl get serviceaccount -n jenkins
- cat <<EOF | kubectl apply -f -
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: jenkins-admin
- namespace: jenkins
- EOF
集群管理员权限 (ClusterRoleBinding)
- cat <<EOF | kubectl apply -f -
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: jenkins-admin-binding
- subjects:
- - kind: ServiceAccount
- name: jenkins-admin
- namespace: jenkins
- roleRef:
- kind: ClusterRole
- name: cluster-admin
- apiGroup: rbac.authorization.k8s.io
- EOF
- cat <<EOF | kubectl apply -f -
- apiVersion: rbac.authorization.k8s.io/v1
- kind: RoleBinding
- metadata:
- name: jenkins-admin-binding
- namespace: jenkins
- subjects:
- - kind: ServiceAccount
- name: jenkins-admin
- namespace: jenkins
- roleRef:
- kind: Role
- name: jenkins-role
- apiGroup: rbac.authorization.k8s.io
- EOF
- ---
- kind: Deployment
- apiVersion: apps/v1
- metadata:
- name: jenkins
- namespace: jenkins
- spec:
- replicas: 1
- selector:
- matchLabels:
- app: jenkins
- template:
- metadata:
- labels:
- app: jenkins
- spec:
- volumes:
- - name: jenkinshome
- persistentVolumeClaim:
- claimName: jenkins-data-pvc
- containers:
- - name: jenkins
- image: '192.168.1.13:5000/datasafe/jenkins:lts-jdk11'
- ports:
- - name: web
- containerPort: 8080
- protocol: TCP
- - name: agent
- containerPort: 50000
- protocol: TCP
- env:
- - name: JAVA_OPTS
- value: '-Duser.timezone=Asia/Shanghai'
- volumeMounts:
- - name: jenkinshome
- mountPath: /var/jenkins_home
- serviceAccountName: jenkins-admin
- securityContext: {}
- ---
- kind: Service
- apiVersion: v1
- metadata:
- name: jenkins
- namespace: jenkins
- labels:
- app: jenkins
- spec:
- ports:
- - name: web
- protocol: TCP
- port: 8080
- targetPort: 8080
- nodePort: 30010
- selector:
- app: jenkins
- type: NodePort
- ---
- kind: Service
- apiVersion: v1
- metadata:
- name: jenkins-agent
- namespace: jenkins
- labels:
- app: jenkins
- spec:
- ports:
- - name: agent
- protocol: TCP
- port: 50000
- targetPort: 50000
- selector:
- app: jenkins
- type: ClusterIP
- ---
- kind: PersistentVolumeClaim
- apiVersion: v1
- metadata:
- name: jenkins-data-pvc
- namespace: jenkins
- spec:
- accessModes:
- - ReadWriteMany
- resources:
- requests:
- storage: 10Gi
- storageClassName: nfs-client
- 进入 Jenkins 管理界面
- 导航到"系统管理" → “根据管理”
- 创建 Git 和节点服务器凭证
- 纪录生成的唯一标识符
5. 绑定 Jenkins 服务器节点
5.1 预备工作
从节点需要安装以下环境:
添加 Maven 环境变量:
- echo 'export PATH=/usr/local/apache-maven-3.8.6/bin:$PATH' >> ~/.profile
- source ~/.profile
- 进入"系统管理" → “节点和云管理”
- 创建新节点
- 配置节点信息:
- 名称
- 长途工作目录
- 启动方式(通过SSH)
- 根据(使用之前创建的凭证)
5.3 常见题目及解决方案
题目1:Jenkins 毗连不上长途机器
错误信息:
- [SSH] Opening SSH connection to 192.168.1.4:22.
- Searching for 192.168.1.4 in /var/jenkins_home/.ssh/known_hosts
- Searching for 192.168.1.4:22 in /var/jenkins_home/.ssh/known_hosts
- [04/21/25 12:59:00] [SSH] WARNING: No entry currently exists in the Known Hosts file for this host. Connections will be denied until this new host and its associated key is added to the Known Hosts file.
- Key exchange was not finished, connection is closed.
- SSH Connection failed with IOException: "Key exchange was not finished, connection is closed.", retrying in 15 seconds. There are 10 more retries left.
- # 进入 Jenkins 容器执行
- ssh-keyscan -H 从节点主机IP >> /var/jenkins_home/.ssh/known_hosts
错误信息:
- Starting agent process: cd "/data/jenkins" && java -jar remoting.jar -workDir /data/jenkins -jar-cache /data/jenkins/remoting/jarCache
- Error: A JNI error has occurred, please check your installation and try again
- Exception in thread "main" java.lang.UnsupportedClassVersionError: hudson/remoting/Launcher has been compiled by a more recent version of the Java Runtime (class file version 55.0), this version of the Java Runtime only recognizes class file versions up to 52.0
- at java.lang.ClassLoader.defineClass1(Native Method)
- at java.lang.ClassLoader.defineClass(ClassLoader.java:763)
- at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
- at java.net.URLClassLoader.defineClass(URLClassLoader.java:468)
- at java.net.URLClassLoader.access$100(URLClassLoader.java:74)
- at java.net.URLClassLoader$1.run(URLClassLoader.java:369)
- at java.net.URLClassLoader$1.run(URLClassLoader.java:363)
- at java.security.AccessController.doPrivileged(Native Method)
- at java.net.URLClassLoader.findClass(URLClassLoader.java:362)
- at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
- at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:349)
- at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
- at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:495)
- Agent JVM has terminated. Exit code=1
- 下载并安装 JDK 11 https://www.oracle.com/cn/java/technologies/javase/jdk11-archive-downloads.html#license-lightbox
- 在节点配置 → 启动方式 → 高级中指定 JDK11 路径
重新点击 launch agent即可
6. 创建 Pipeline 项目
6.1 Pipeline 脚本示例
- pipeline {
- agent {
- label 'java' // 使用标签选择节点
- }
-
- environment {
- IMAGE_NAME = "micro-datamap"
- K8S_NAMESPACE = "development"
- K8S_PORT = "31090"
- K8S_DEBUG_PORT = "31091"
- SPRING_PROFILES_ACTIVE = "dev"
- }
-
- parameters {
- string(
- name: 'BUILD_VERSION',
- defaultValue: '3.0.4_hz250117',
- description: '构建版本号'
- )
- }
-
- stages {
- stage("Checkout") {
- steps {
- echo "1. checkout integration branch"
- git branch: '分支',
- credentialsId: 'git凭据标识',
- url: '仓库地址'
- }
- }
-
- stage('Package&Build') {
- steps {
- echo "2.package project & build Image"
- script {
- sh "cat src/main/docker/Dockerfile"
- sh "cd src/main/docker/ && bash build.sh ${SPRING_PROFILES_ACTIVE} ${BUILD_VERSION}"
- }
- }
- }
-
- stage('Push') {
- steps {
- echo "3.push image"
- script {
- sh "docker push 镜像名称"
- }
- }
- }
-
- stage('Deploy') {
- steps {
- echo "4.deploy in k8s"
- script {
- sh "echo 'deleting current deployment...'"
- // 部署相关的kubectl命令
- }
- }
- }
- }
- }
|
