Kubernetes – Jenkins 설치

By | 2022년 10월 25일
Table of Content

Kubernetes – Jenkins 설치

문서를 단순화하기 위해 hostPath 저장소를 선택합니다.
운영환경에서는 NFS 또는 클라우드에서 제공하는 저장소를 사용해야 합니다.

node 서버에 /jenkins-data 폴더가 있어야 하고,
권한은 0777 이어야 합니다.

저장소 생성

# node 서버에서 실행
sudo mkdir /jenkins-data
sudo chmod 777 /jenkins-data

ServiceAccount 생성

jenkins 는 하는 일이 많은 만큼 부여해야할 권한도 많다.

kubectl create namespace jenkins
# https://raw.githubusercontent.com/jenkins-infra/jenkins.io/master/content/doc/tutorials/kubernetes/installing-jenkins-on-kubernetes/jenkins-sa.yaml
vi jenkins-sa.yaml
---------------------------
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins
  namespace: jenkins
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
  labels:
    kubernetes.io/bootstrapping: rbac-defaults
  name: jenkins
rules:
- apiGroups:
  - '*'
  resources:
  - statefulsets
  - services
  - replicationcontrollers
  - replicasets
  - podtemplates
  - podsecuritypolicies
  - pods
  - pods/log
  - pods/exec
  - podpreset
  - poddisruptionbudget
  - persistentvolumes
  - persistentvolumeclaims
  - jobs
  - endpoints
  - deployments
  - deployments/scale
  - daemonsets
  - cronjobs
  - configmaps
  - namespaces
  - events
  - secrets
  verbs:
  - create
  - get
  - watch
  - delete
  - list
  - patch
  - update
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
  - list
  - watch
  - update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
  labels:
    kubernetes.io/bootstrapping: rbac-defaults
  name: jenkins
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: jenkins
subjects:
- apiGroup: rbac.authorization.k8s.io
  kind: Group
  name: system:serviceaccounts:jenkins
---------------------------
kubectl apply -f jenkins-sa.yaml

jenkins 설치

vi jenkins.yaml
---------------------------
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: jenkins
  namespace: jenkins
spec:
  serviceName: jenkins
  replicas: 1
  selector:
    matchLabels:
      app: jenkins
  template:
    metadata:
      labels:
        app: jenkins
    spec:
      serviceAccountName: jenkins
      containers:
      - name: jenkins
        image: jenkins/jenkins:lts
        ports:
          - name: http-port
            containerPort: 8080
        volumeMounts:
          - name: jenkins-vol
            mountPath: /var/jenkins_home
      volumes:
        - name: jenkins-vol
          hostPath:
            path: /jenkins-data
            type: Directory

---

apiVersion: v1
kind: Service
metadata:
  name: jenkins
  namespace: jenkins
spec:
  type: NodePort
  ports:
    - nodePort: 30088
      port: 8080
      targetPort: 8080
  selector:
    app: jenkins
---------------------------
kubectl apply -f jenkins.yaml

http://<node 서버 아이피>:30088/ 에 접속하면 젠킨스를 볼 수 있습니다.

kubectl get pods -n jenkins
kubectl exec -it -n jenkins jenkins-0 -- cat /var/jenkins_home/secrets/initialAdminPassword

오류해결

This Jenkins instance appears to be offline.

랜덤하게 위 오류가 발생한다.

저절로 고쳐지기도 하고 안고쳐지기도 한다.
그럴 땐 dnsPolicy: Default 를 해주면 고쳐진다.

kubectl edit StatefulSet jenkins -n jenkins
---------------------------
    spec:
      containers:
      - image: jenkins/jenkins:lts
        imagePullPolicy: IfNotPresent
        name: jenkins
        ports:
        - containerPort: 8080
          name: http-port
          protocol: TCP
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /var/jenkins_home
          name: jenkins-vol
      dnsPolicy: Default                                   # 여기
---------------------------

jenkins 삭제

kubectl delete -f jenkins.yaml
kubectl delete -f jenkins-sa.yaml

답글 남기기