DevOpsJenkins

Helm 을 이용한 Jenkins 설치 - 01. 설치

목차

Jenkins 란

참고

1. Helm Repository 추가

helm repo add jenkins https://charts.jenkins.io

2. StorgaeClass 선언

StogeClass 로 AWS 의 EBS 볼륨을 사용하기 위해

  • jenkins-storageclass.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass 
metadata: 
  name: jenkins-ebs
  namespace: cicd
volumeBindingMode: Immediate
# volumeBindingMode: WaitForFirstConsumer 
provisioner: ebs.csi.aws.com
parameters:
  type: gp3

reclaimPolicy: Retain
# reclaimPolicy: Delete

2. value.yaml 준비

Jenkins 버전 및 JDK 버전 설정

Jenkins Controller 에 어떤 Image 를 사용할지에 대한 설정을 해준다.

controller:
  componentName: "jenkins-controller"
  image: "jenkins/jenkins"
  tag: "jdk11"
  tagLabel: jdk11
  imagePullPolicy: "Always"

StorageClass 지정

persistence:
  enabled: true
  storageClass: jenkins-ebs
  annotations: {}
  labels: {}
  accessMode: "ReadWriteOnce"
  size: "20Gi"

Node Group 선택

controller:
  nodeSelector:
    nodegroup-role: cicd

Timezone 변경

controller:
  javaOpts: "-Dorg.apache.commons.jelly.tags.fmt.timeZone=Asia/Seoul"

3. Jenkins 설치

Jenkins 를 설치하고자 하는 Kubernetes 의 Namespace 와 Version 을 설정한 후 설치를 진행한다.

helm install jenkins jenkins/jenkins --version <version> -n <namespace>

Jenkins 가 정상적으로 설치되면 admin Passwrod 를 확인할 수 있는 방법과 포트포워딩을 통해 jenkins 에 접속하는 방법에 대한 설명이 나온다.

NAME: jenkins
LAST DEPLOYED: Tue Mar  7 15:11:52 2023
NAMESPACE: cicd
STATUS: deployed
REVISION: 1
NOTES:
1. Get your 'admin' user password by running:
  kubectl exec --namespace cicd -it svc/jenkins -c jenkins -- /bin/cat /run/secrets/additional/chart-admin-password && echo
1. Get the Jenkins URL to visit by running these commands in the same shell:
  echo http://127.0.0.1:8080
  kubectl --namespace cicd port-forward svc/jenkins 8080:8080

1. Login with the password from step 1 and the username: admin
2. Configure security realm and authorization strategy
3. Use Jenkins Configuration as Code by specifying configScripts in your values.yaml file, see documentation: http://127.0.0.1:8080/configuration-as-code and examples: https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos

For more information on running Jenkins on Kubernetes, visit:
https://cloud.google.com/solutions/jenkins-on-container-engine

For more information about Jenkins Configuration as Code, visit:
https://jenkins.io/projects/jcasc/


NOTE: Consider using a custom image with pre-installed plugins

4. Jenkins Admin Password 확인 및 접속

# 실행
kubectl exec -n cicd -it svc/jenkins -c jenkins -- /bin/cat /run/secrets/additional/chart-admin-password && echo
# 결과
t2Xx7SyhfFGsCyu4OJ3huw
kubectl exec \
  -n cicd \
  -it jenkins-0 \
  -c jenkins \
  -- /bin/cat /var/jenkins_home/casc_configs/jcasc-default-config.yaml && echo
jenkins:
  authorizationStrategy:
    loggedInUsersCanDoAnything:
      allowAnonymousRead: false
  securityRealm:
    local:
      allowsSignup: false
      enableCaptcha: false
      users:
      - id: "${chart-admin-username}"
        name: "Jenkins Admin"
        password: "${chart-admin-password}"
  disableRememberMe: false
  mode: NORMAL
  numExecutors: 0
  labelString: ""
  projectNamingStrategy: "standard"
  markupFormatter:
    plainText
  clouds:
  - kubernetes:
      containerCapStr: "10"
      defaultsProviderTemplate: ""
      connectTimeout: "5"
      readTimeout: "15"
      jenkinsUrl: "http://jenkins.cicd.svc.cluster.local:8080"
      jenkinsTunnel: "jenkins-agent.cicd.svc.cluster.local:50000"
      maxRequestsPerHostStr: "32"
      name: "kubernetes"
      namespace: "cicd"
      serverUrl: "https://kubernetes.default"
  crumbIssuer:
    standard:
      excludeClientIPFromCrumb: true
security:
  apiToken:
    creationOfLegacyTokenEnabled: false
    tokenGenerationOnCreationEnabled: false
    usageStatisticsEnabled: true
unclassified:
  location:
    adminAddress: 
    url: https://jenkins.mbcp.co.kr/
Share