Jenkins kubernetes插件不起作用 [英] Jenkins kubernetes plugin not working
问题描述
我正在尝试使用jenkins-kubernetes插件设置Jenkins Dynamic奴隶创建.
I am trying to setup Jenkins Dynamic slaves creation using jenkins-kubernetes plugin.
我的詹金斯人在K8s群集之外运行.
链接: https://github.com/jenkinsci/kubernetes-plugin
我的詹金斯版本为 2.60.2 ,而Kubernetes插件版本为 1.1.2
My jenkins version is 2.60.2 and Kubernetes plugin version is 1.1.2
我按照自述文件中提到的步骤操作,并成功建立了连接.
I followed the steps mention on the readme and successfully setup the connection.
我的设置如下:
连接成功.
然后我使用pod模板创建了一个工作:
Then I created a job with pod template :
这里开始出现问题: 1.最初运行此作业时,它会运行,并且我的pod中的jenkins从属容器无法连接并抛出:
Here starts the problem: 1. When I run this job initially it runs and jenkins slave container inside my pod not able to connect and throws:
我已经启用了JNLP端口(50000),即使在Jenkins中使用随机选项进行了测试,也不确定它是否是正确的端口.
I have enabled JNLP port(50000) not sure if it is the right port even tested with random option in Jenkins nothing worked.
2.现在,我放弃了这个詹金斯工作,然后再次运行,上面写着:
Started by user Vaibhav Jain
[Pipeline] podTemplate
[Pipeline] {
[Pipeline] node
Still waiting to schedule task
Jenkins doesn’t have label defaultlabel
并且没有任何Pod在Kubernetes中开始使用. 这很奇怪.
and no pod is getting started in kubernetes. This is weird.
我不确定自己在做什么错. 需要帮助!
I am not sure what I am doing wrong. Need help!
推荐答案
我建议您不要使用证书,而是通过创建serviceAccount在kubernetes中使用凭据:
Instead of using certificates, I suggest you to use credentials in kubernetes, by creating a serviceAccount:
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: jenkins
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: jenkins
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: jenkins
subjects:
- kind: ServiceAccount
name: jenkins
并使用该serviceAccount部署jenkins:
and deploying jenkins using that serviceAccount:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: jenkins
name: jenkins
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
serviceAccountName: jenkins
....
我向您展示了Kubernetes插件的屏幕截图(请注意JNLP端口的Jenkins隧道,"jenkins"是我的kubernetes服务的名称):
I show you my screenshots for Kubernetes plugin (note Jenkins tunnel for the JNLP port, 'jenkins' is the name of my kubernetes service):
有关凭据:
然后填写文件(ID将自动生成,描述将显示在凭据列表框中),但是请确保像我之前说的那样在kubernetes中创建了serviceAccount:
Then fill the fileds (ID will be autogenerated, description will be shown in credentials listbox), but be sure to have created serviceAccount in kubernetes as I said before:
我的说明适用于kubernetes中的Jenkins大师.如果您要在群集外部(但从服务器内部),则必须使用简单的登录/密码凭据.
My instructions are for the Jenkins master inside kubernetes. If you want it outside the cluster (but slaves inside) I think you have to use simple login/password credentials.
关于您的上一个错误,这似乎是主机解析错误:从站无法解析您的主机.
For what concerns your last error, it seems to be a host resolution error: the slave cannot resolve your host.
希望对您有帮助.
这篇关于Jenkins kubernetes插件不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!