kubernetes helm 安裝 jenkins

項目上涉及到jenkins ，本地還原helm 安裝jenkins

一、下載helm

wget https://get.helm.sh/helm-v3.4.2-linux-amd64.tar.gz
tar xzvf helm-v3.4.2-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin/

二、添加國內源

helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
helm repo add azure   http://mirror.azure.cn/kubernetes/charts/

[root@k8s01 jenkins]# helm repo list                                          
azure   http://mirror.azure.cn/kubernetes/charts/             
stable  https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts

三、helm 檢索下helm內容

[root@k8s01 jenkins]# helm search repo stable/jenkins -l
NAME            CHART VERSION   APP VERSION DESCRIPTION                                       
stable/jenkins  0.13.5          2.73        Open source continuous integration server. It s...
stable/jenkins  0.13.2          2.73        Open source continuous integration server. It s...
stable/jenkins  0.9.0           2.67        Open source continuous integration server. It s...
stable/jenkins  0.8.6           2.67        Open source continuous integration server. It s...
stable/jenkins  0.8.2           2.67        Open source continuous integration server. It s...

四、建立命名空間

[root@k8s01 jenkins]# kubectl create namespace helm-jenkins
namespace/helm-jenkins created

[root@k8s01 jenkins]# kubectl get namespace
NAME              STATUS   AGE
default           Active   110d
helm-jenkins      Active   3s
kube-node-lease   Active   110d
kube-public       Active   110d
kube-system       Active   110d

五、搭建NFS Server

[root@localhost ~]# mkdir /nfs/k8s -p
[root@localhost ~]# chmod 777 /nfs/k8s
[root@localhost ~]# echo "/nfs/k8s 10.0.0.0(rw,async,no_root_squash)" >> /etc/exports

[root@localhost ~]# systemctl start rpcbind
[root@localhost ~]# systemctl start  nfs-server
[root@localhost ~]# systemctl enable nfs-server
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
[root@localhost ~]# systemctl enable rpcbind

k8s集羣掛載NFS ，略

六、建立pv pvc，查看下nfs權限是否OK

[root@k8s01 storage]# cat pvc.yaml 
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-test
spec:
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Recycle
  nfs:
    path: /nfs/k8s
    server: 10.0.0.181
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: pvc-test
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 100Mi

驗證能夠申請pv而且建立pvc

[root@k8s01 storage]# kubectl get pv
NAME      CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM              STORAGECLASS   REASON   AGE
pv-test   1Gi        RWX            Recycle          Bound    default/pvc-test                           21s
[root@k8s01 storage]# kubectl get pvc
NAME       STATUS   VOLUME    CAPACITY   ACCESS MODES   STORAGECLASS   AGE
pvc-test   Bound    pv-test   1Gi        RWX                           22s

七、建立provsioner

開啓rbac受權，安裝nfs-storage

apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-client-provisioner
  namespace: default
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-client-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-client-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    namespace: default
roleRef:
  kind: ClusterRole
  name: nfs-client-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
  namespace: default
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
  namespace: default
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    namespace: default
roleRef:
  kind: Role
  name: leader-locking-nfs-client-provisioner
  apiGroup: rbac.authorization.k8s.io

[root@k8s01 storage]# helm install nfs-storage azure/nfs-client-provisioner --set nfs.server=10.0.0.181 --set nfs.path=/nfs/k8s --set storageClass.name=nfs-storage --set storageClass.defaultClass=true
WARNING: This chart is deprecated
NAME: nfs-storage
LAST DEPLOYED: Fri Jan  1 23:49:25 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None

申請 pvc資源並驗證
[root@k8s01 storage]# cat nfs-pvc.yaml 
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-storageclass
spec:
  storageClassName: "nfs-storage"   
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 10Mi

[root@k8s01 storage]# kubectl get sc
NAME                    PROVISIONER                                        RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
nfs-storage (default)   cluster.local/nfs-storage-nfs-client-provisioner   Delete          Immediate           true                   42s

[root@k8s01 storage]# kubectl get pvc
NAME               STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
pvc-storageclass   Bound    pvc-6b3944f3-522e-4a6a-adc3-f73dcad5df4e   10Mi       RWX            nfs-storage    7m19s
pvc-test           Bound    pv-test                                    1Gi        RWX                           43m

執行helm 命令安裝,因爲k8s 1.15版本使用的是apps，helm配置文件用的是beta。須要修改deployment.yaml文件中的apiVersion，改成apps/v1
[root@k8s01 storage]# helm install stable/jenkins -n helm-jenkins
Error: unable to build kubernetes objects from release manifest: unable to recognize "": no matches for kind "Deployment" in version "extensions/v1beta1"

heml pull stable/jenkins
tar xf jenkins-0.13.5.tgz
vim jenkins-master-deployment.yaml

[root@k8s01 storage]# helm install jenkins ./jenkins -n helm-jenkins

查看jenkins登錄地址

登錄master節點的31700端口