github/kubernetes-course
1
0
Fork 0
mirror of https://github.com/wardviaene/kubernetes-course.git synced 2026-02-14 17:49:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

jenkins/helm/kubernetes updates

Browse Source
This commit is contained in:
Edward Viaene
2023-03-17 10:48:08 -05:00
parent d0302bb534
commit 4fbb763a9b
2 changed files with 49 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
helm/jenkins/README.md
View File

@@ -1,5 +1,19 @@
# install jenkins
```
kubectl create -f serviceaccount.yaml
helm install --name jenkins --set rbac.create=true,master.runAsUser=1000,master.fsGroup=1000 stable/jenkins
helm install jenkins --set rbac.create=true,master.runAsUser=1000,master.fsGroup=1000,agent.enabled=true bitnami/jenkins
helm create -f jenkins-role-binding.yaml
kubectl patch svc jenkins --type merge -p '{"spec":{"ports": [{"port": 50000,"name":"agent-listener", "protocol": "TCP", "targetPort": "agent-listener"}, {"port": 80, "name": "http", "targetPort": "http"}]}}'
```
# Plugins
Ensure you install the following plugins within jenkins:
* Pipelines
* Kubernetes
* Git
To configure the Kubernetes plugin correctly, navigate to Manage Jenkins -> Manage Nodes and Clouds -> Configure Clouds -> Add a new cloud. The name should be pre-filled with "kubernetes". Fill out http://jenkins as Jenkins URL in the "Kubernetes Cloud details" and click "Save" without filling out anything extra. The Kubernetes plugin will now automatically find the Kubernetes cluster jenkins is installed on.
If you get a timeout on port 50000 then go to "Manage Jenkins" -> "Configure Global Security" -> under "Agents" check whether TCP port for inbound agents is set to "Fixed" 50000.
Note: ensure that you are running jenkins privately (non-internet facing), as port 50000 will also be exposed in this setup.

34
helm/jenkins/jenkins-role-binding.yaml Normal file
View File

@@ -0,0 +1,34 @@
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jenkins
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: jenkins
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: jenkins
subjects:
- kind: ServiceAccount
name: jenkins