首页 文章

自定义泊坞窗图像的Jenkins奴隶未与minikube中的master连接

提问于
浏览
1

Summary: 在K8s minikkube中的Jenkins工作正常并且在默认jnlp代理的情况下可以很好地扩展,但在自定义jnlp图像的情况下仍然使用"Waiting for agent to connect" .

Detailed description:

我正在运行Jenkins设置的本地迷你管 .

Jenkins master dockerfile:

from jenkins/jenkins:alpine

# Distributed Builds plugins
RUN /usr/local/bin/install-plugins.sh ssh-slaves

# install Notifications and Publishing plugins
RUN /usr/local/bin/install-plugins.sh email-ext
RUN /usr/local/bin/install-plugins.sh mailer
RUN /usr/local/bin/install-plugins.sh slack

# Artifacts
RUN /usr/local/bin/install-plugins.sh htmlpublisher

# UI
RUN /usr/local/bin/install-plugins.sh greenballs
RUN /usr/local/bin/install-plugins.sh simple-theme-plugin

# Scaling
RUN /usr/local/bin/install-plugins.sh kubernetes

# install Maven
USER root
RUN apk update && \
    apk upgrade && \
    apk add maven
USER jenkins

Deployment:

apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
      name: jenkins
    spec:
      replicas: 1
      template:
        metadata:
          labels:
            app: jenkins
        spec:
          containers:
            - name: jenkins
              image: ybushnev/my-jenkins-image:1.3
              env:
                - name: JAVA_OPTS
                  value: -Djenkins.install.runSetupWizard=false
              ports:
                - name: http-port
                  containerPort: 8080
                - name: jnlp-port
                  containerPort: 50000
              volumeMounts:
                - name: jenkins-home
                  mountPath: /var/jenkins_home
          volumes:
            - name: jenkins-home
              emptyDir: {}

Service:

apiVersion: v1
kind: Service
metadata:
  name: jenkins
spec:
  type: NodePort
  ports:
    - port: 8080
      name: "http"
      targetPort: 8080
    - port: 50000
      name: "slave"
      targetPort: 50000
  selector:
    app: jenkins

After deployment I have such services:

Yuris-MBP-2% kubectl get services       
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                          AGE
jenkins      NodePort    10.108.30.10   <none>        8080:30267/TCP,50000:31588/TCP   1h
kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP                          1h

Kubernetes master running on:

Yuris-MBP-2%  kubectl cluster-info | grep master
Kubernetes master is running at https://192.168.99.100:8443

Based on configuration above I specify the cloud config in Jenkins:

enter image description here

And finally I put such configuration for slave pod template:
enter image description here

因此,通过k8s日志,我在主服务器上看到了这样的日志:

Waiting for agent to connect (41/100): kubernetes-agent-tgskx
Waiting for agent to connect (42/100): kubernetes-agent-tgskx
Waiting for agent to connect (43/100): kubernetes-agent-tgskx
Waiting for agent to connect (44/100): kubernetes-agent-tgskx
Waiting for agent to connect (45/100): kubernetes-agent-tgskx

Jenkins容器似乎是绿色的 . K8中没有日志但是发生了这样的事件:

Successfully assigned kubernetes-agent-517tl to minikube
MountVolume.SetUp succeeded for volume "workspace-volume"
MountVolume.SetUp succeeded for volume "default-token-8sgh6"

IMPORTANT 如果我没有将'jnlp'放在容器名称中(我想这是重要的,因为在另一种情况下它需要一些默认的jnlp代理图像)奴隶正在旋转并连接到主人就好了,但即使我有里面的自定义docker图像'Docker image'字段它没有't take it as a reference as I can see that Jenkins slave doesn' t这样的工具/文件,它假设它们基于提供的图像 . 上次我尝试使用此图像:"gcr.io/cloud-solutions-images/jenkins-k8s-slave"但对我来说,如果我将'jnlp'作为容器模板名称,则对于任何图像都会失败 . 我尝试玩很多图像而没有运气......任何暗示都会很高兴!

jenkins jenkins-slave kubernetes

2 回答

  • 0

    我认为您应该为主jenkins设置凭据以启动新的pod .

    ---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: jenkins
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
  resources: ["pods/exec"]
  verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
  resources: ["pods/log"]
  verbs: ["get","list","watch"]
- apiGroups: [""]
  resources: ["secrets"]
  verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
  name: jenkins
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: jenkins
subjects:
- kind: ServiceAccount
  name: jenkins

    然后在您的部署中使用该帐户:

    spec:           
      serviceAccountName: jenkins

    https://stackoverflow.com/a/47874390/2718151查看我之前的回答

    我希望这有帮助 .

    回复于
  • 0

    在“容器模板”下,您需要将名称“jnlp”更改为其他名称 .

    Kubernetes插件将运行一个名为jnlp的sidecar容器,用于连接主服务器 . 如果对主容器使用名称jnlp,则会发生冲突 .

    回复于

相关问题