這是一篇學習記錄。記錄kubernetes集群中如何將jenkins服務通過域名接入外部。由於是測試環境,域名是自定義的,解析寫在/etc/hosts和自己本地的hosts中。
部署圖:
一、部署后端Jenkins的pod和service
# cd ../
# mkdir demo
# cd demo
# cat deploy-jenkinsdemo.yaml
apiVersion: v1
kind: Service #資源類別是Service
metadata: #元數據
name: myapp #在同一個資源類別中,唯一的名字
namespace: default #名稱空間
spec: #目標狀態
selector: #
app: myapp
release: canary
ports:
- name: http port: 8080 targetPort: 8080 --- apiVersion: apps/v1 kind: Deployment metadata: name: myapp-deploy namespace: default spec: replicas: 1 selector: matchLabels: app: myapp release: canary template: metadata: labels: app: myapp release: canary spec: containers: #以下是容器的配置。與containers同級的配置屬於pod的設置 - name: myapp image: jenkins/jenkins:lts ports: - name: http containerPort: 8080
#docker pull jenkins/jenkins:lts
#kubectl apply -f deploy-jenkinsdemo.yaml
# kubectl get pods -n default
NAME READY STATUS RESTARTS AGE
myapp-deploy-5565c495f4-9hz8d 1/1 Running 0 19h
# kubectl get svc -n default
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 77d
myapp ClusterIP 10.99.69.88 <none> 8080/TCP 19h
二、部署ingress-controller
https://github.com/kubernetes/ingress-nginx/tree/master/deploy/static 下載:
https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml(通用的部署方式,單用這文件可以部署)
我用基本的部署文件。先執行namespace.yaml,后執行configmap.yaml、rbac.yaml、with-rabc.yaml
#mkdir ingress-nginx
#cd ingress-nginx
#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/configmap.yaml
#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/namespace.yaml
#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/rbac.yaml
#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/with-rabc.yaml
#docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.0 (網絡不好會比較慢,先下載)
#kubectl apply -f namespace.yaml
#kubectl apply -f ./
# kubectl get pods -n ingress-nginx
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-86449c74bb-4cp6c 1/1 Running 0 19h
三、部署Service(ingress-nginx)
# cat service-nodeport.yaml
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx spec: type: NodePort ports: - name: http port: 80 targetPort: 80 nodePort: 30080 protocol: TCP - name: https port: 443 targetPort: 443 nodePort: 30443 protocol: TCP selector: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx ---
#kubectl apply -f service-nodeport.yaml
# kubectl get service -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.110.96.58 <none> 80:30080/TCP,443:30443/TCP 19h
啟動service的ingres-nginx后,可以查看nginx.conf配置,配置會自動更新。
# kubectl exec -n ingress-nginx -it nginx-ingress-controller-86449c74bb-4cp6c -- /bin/sh
$ cat nginx.conf
查看所有節點的服務情況:
所有節點的30080端口都已經打開
域名myapp.magedu.com會負載均衡到所有節點。
四、驗證
由於域名是自己編的,沒有dns解析。所以:
1.在k8s集群的節點配置hosts:
# cat /etc/hosts
ip.204 myapp.magedu.com
ip.143 myapp.magedu.com
ip.240 myapp.magedu.com
2.在自己本地修改hosts
3.在本機瀏覽器中訪問:
myapp.magedu.com:30080
4.復制Jenkins的密鑰:
# kubectl exec -n default -it myapp-deploy-5565c495f4-9hz8d -- /bin/sh
$ cat /var/jenkins_home/secrets/initialAdminPassword
d7d3a04411734841a49cdac9b78e6ab4
5.正常使用Jenkins
