Question

要点： K85s minikkube中的Jenkins工作正常并且在默认jnlp代理的情况下可以很好地扩展，但是坚持使用＆＃34;等待代理连接＆＃34;在自定义jnlp图像的情况下。

详细说明：

我正在使用Jenkins设置运行本地迷你管道。

Jenkins master dockerfile：

from jenkins/jenkins:alpine

# Distributed Builds plugins
RUN /usr/local/bin/install-plugins.sh ssh-slaves

# install Notifications and Publishing plugins
RUN /usr/local/bin/install-plugins.sh email-ext
RUN /usr/local/bin/install-plugins.sh mailer
RUN /usr/local/bin/install-plugins.sh slack

# Artifacts
RUN /usr/local/bin/install-plugins.sh htmlpublisher

# UI
RUN /usr/local/bin/install-plugins.sh greenballs
RUN /usr/local/bin/install-plugins.sh simple-theme-plugin

# Scaling
RUN /usr/local/bin/install-plugins.sh kubernetes

# install Maven
USER root
RUN apk update && \
    apk upgrade && \
    apk add maven
USER jenkins

部署：

 apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
      name: jenkins
    spec:
      replicas: 1
      template:
        metadata:
          labels:
            app: jenkins
        spec:
          containers:
            - name: jenkins
              image: ybushnev/my-jenkins-image:1.3
              env:
                - name: JAVA_OPTS
                  value: -Djenkins.install.runSetupWizard=false
              ports:
                - name: http-port
                  containerPort: 8080
                - name: jnlp-port
                  containerPort: 50000
              volumeMounts:
                - name: jenkins-home
                  mountPath: /var/jenkins_home
          volumes:
            - name: jenkins-home
              emptyDir: {}

服务

apiVersion: v1
kind: Service
metadata:
  name: jenkins
spec:
  type: NodePort
  ports:
    - port: 8080
      name: "http"
      targetPort: 8080
    - port: 50000
      name: "slave"
      targetPort: 50000
  selector:
    app: jenkins

部署后，我有这样的服务：

Yuris-MBP-2% kubectl get services       
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                          AGE
jenkins      NodePort    10.108.30.10   <none>        8080:30267/TCP,50000:31588/TCP   1h
kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP                          1h

Kubernetes大师正在运行：

Yuris-MBP-2%  kubectl cluster-info | grep master
Kubernetes master is running at https://192.168.99.100:8443

根据上面的配置，我在Jenkins中指定了云配置：

最后我为slave pod模板配置了这样的配置：

因此，通过k8s日志，我在主服务器上看到了这样的日志：

Waiting for agent to connect (41/100): kubernetes-agent-tgskx
Waiting for agent to connect (42/100): kubernetes-agent-tgskx
Waiting for agent to connect (43/100): kubernetes-agent-tgskx
Waiting for agent to connect (44/100): kubernetes-agent-tgskx
Waiting for agent to connect (45/100): kubernetes-agent-tgskx

Jenkins容器似乎是绿色的。 K8中没有日志，但发生了这样的事件：

Successfully assigned kubernetes-agent-517tl to minikube
MountVolume.SetUp succeeded for volume "workspace-volume"
MountVolume.SetUp succeeded for volume "default-token-8sgh6"

重要如果我不把＆＃39; jnlp＆＃39;容器名称内部（我想这是重要的，因为在另一种情况下，它需要一些默认的jnlp代理图像）奴隶正在旋转并连接到主人就好了，但即使我在＆＃39; Docker图像中有自定义docker镜像＆＃39;它并没有将它作为参考，因为我可以看到Jenkins奴隶没有这样的工具/文件，它假设它们基于提供的图像。上次我试图使用这张图片：＆＃34; gcr.io/cloud-solutions-images/jenkins-k8s-slave"但是对于我来说，如果我把“jnlp＆＃39;作为容器模板名称。我试着玩很多没有运气的图片......任何提示都会很高兴！

Answer 1

我认为您应该为主jenkins设置凭据以启动新的pod。

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: jenkins
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
  resources: ["pods/exec"]
  verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
  resources: ["pods/log"]
  verbs: ["get","list","watch"]
- apiGroups: [""]
  resources: ["secrets"]
  verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
  name: jenkins
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: jenkins
subjects:
- kind: ServiceAccount
  name: jenkins

然后在您的部署中使用帐户：

spec:           
      serviceAccountName: jenkins

在https://stackoverflow.com/a/47874390/2718151

查看我之前的回答

我希望这会有所帮助。

Answer 2

在“容器模板”下，您需要将名称“ jnlp”更改为其他名称。

Kubernetes插件将运行名为jnlp的小车容器，以连接到主服务器。如果您在主容器中使用名称jnlp，则会发生冲突。

Answer 3

自定义jnlp容器映像应具有入口点脚本，以向agent.jar文件提供必要的参数。例子是here

在Jenkins配置GUI中将容器模板的参数另外放在字段“传递给命令的参数”中，如下所示：

${computer.jnlpmac} ${computer.name}

自定义泊坞窗图像的Jenkins奴隶未与minikube中的master连接

3 个答案: