我是 Kubernetes 新手,当我在 GKE 中创建 Jenkins pod 时,/var/jenkins_home/init.groovy.d 文件未加载(仅加载 tcp-slave-agent-port.groovy 文件)。我已经从官方镜像创建了我的 jenkins 镜像(用于填充插件和上传 groovy 脚本)。如果我在没有卷附件的情况下运行部署,一切都会正常工作。有人可以帮我吗?
我的 Docker 文件:
FROM jenkins
MAINTAINER Bujail
# Install plugins
COPY plugins.txt /usr/share/jenkins/plugins
RUN /usr/local/bin/install-plugins.sh $(cat /usr/share/jenkins/plugins | tr '\n' ' ')
# Setup Security with User
COPY security.groovy /var/jenkins_home/init.groovy.d/security.groovy
# Disabling setup wizard
ENV JAVA_OPTS="-Djenkins.install.runSetupWizard=false -Djenkins.CLI.disabled=true"
Groovy 脚本:
#!groovy
import jenkins.model.*
import hudson.security.*
import jenkins.security.s2m.AdminWhitelistRule
def instance = Jenkins.getInstance()
println "--> creating local user 'admin'"
def hudsonRealm = new HudsonPrivateSecurityRealm(false)
hudsonRealm.createAccount('admin','admin@123')
instance.setSecurityRealm(hudsonRealm)
def strategy = new
hudson.security.FullControlOnceLoggedInAuthorizationStrategy()
strategy.setAllowAnonymousRead(false)
instance.setAuthorizationStrategy(strategy)
println "--> Enable Agent → Master Access Control"
Jenkins.instance.getInjector().getInstance(AdminWhitelistRule.class)
.setMasterKillSwitch(false);
instance.save()
插件.txt
maven-plugin:2.15.1
bitbucket:1.1.5
artifactory:2.10.3
sonar:2.6.1
kubernetes:0.11
Kubernetes 部署文件:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: jenkins
namespace: immediate
spec:
replicas: 1
template:
metadata:
labels:
app: master
spec:
containers:
- name: master
image: bujail/private:jenkins
ports:
- containerPort: 8080
- containerPort: 50000
readinessProbe:
httpGet:
path: /login
port: 8080
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 2
failureThreshold: 5
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
resources:
limits:
cpu: 500m
memory: 1500Mi
requests:
cpu: 500m
memory: 1500Mi
securityContext:
fsGroup: 1000
seLinuxOptions:
level: "s0:c123,c456"
imagePullSecrets:
- name: docker-buju
volumes:
- name: jenkins-home
persistentVolumeClaim:
claimName: jenkins
存储类别:
apiVersion: storage.k8s.io/v1beta1
kind: StorageClass
metadata:
name: jenkins
namespace: immediate
provisioner: kubernetes.io/gce-pd
parameters:
type: pd-ssd
zone: asia-east1-c
持久卷声明:
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: jenkins
namespace: immediate
annotations:
pv.beta.kubernetes.io/gid: "1000"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: jenkins
并且 Jenkins 将在不启用安全性的情况下加载。如果我尝试手动启用安全性,我不会坚持下去。
kubectl 日志:
Running from: /usr/share/jenkins/jenkins.war
webroot: EnvVars.masterEnvVars.get("JENKINS_HOME")
Jun 07, 2017 8:45:03 AM Main deleteWinstoneTempContents
WARNING: Failed to delete the temporary Winstone file /tmp/winstone/jenkins.war
Jun 07, 2017 8:45:03 AM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: Logging initialized @2087ms
Jun 07, 2017 8:45:03 AM winstone.Logger logInternal
INFO: Beginning extraction from war file
Jun 07, 2017 8:45:07 AM org.eclipse.jetty.util.log.JavaUtilLog warn
WARNING: Empty contextPath
Jun 07, 2017 8:45:08 AM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: jetty-9.2.z-SNAPSHOT
Jun 07, 2017 8:45:11 AM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: NO JSP Support for /, did not find org.eclipse.jetty.jsp.JettyJspServlet
Jenkins home directory: /var/jenkins_home found at: EnvVars.masterEnvVars.get("JENKINS_HOME")
Jun 07, 2017 8:45:14 AM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: Started w.@3e34ace1{/,file:/var/jenkins_home/war/,AVAILABLE}{/var/jenkins_home/war}
Jun 07, 2017 8:45:14 AM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: Started ServerConnector@5778826f{HTTP/1.1}{0.0.0.0:8080}
Jun 07, 2017 8:45:14 AM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: Started @12793ms
Jun 07, 2017 8:45:14 AM winstone.Logger logInternal
INFO: Winstone Servlet Engine v2.0 running: controlPort=disabled
Jun 07, 2017 8:45:17 AM jenkins.InitReactorRunner$1 onAttained
INFO: Started initialization
Jun 07, 2017 8:45:38 AM jenkins.InitReactorRunner$1 onAttained
INFO: Listed all plugins
Jun 07, 2017 8:45:55 AM jenkins.InitReactorRunner$1 onAttained
INFO: Prepared all plugins
Jun 07, 2017 8:46:02 AM jenkins.InitReactorRunner$1 onAttained
INFO: Started all plugins
Jun 07, 2017 8:46:02 AM jenkins.InitReactorRunner$1 onAttained
INFO: Augmented all extensions
Jun 07, 2017 8:46:02 AM jenkins.InitReactorRunner$1 onAttained
INFO: Loaded all jobs
Jun 07, 2017 8:46:03 AM hudson.model.AsyncPeriodicWork$1 run
INFO: Started Download metadata
Jun 07, 2017 8:46:04 AM jenkins.util.groovy.GroovyHookScript execute
INFO: Executing /var/jenkins_home/init.groovy.d/tcp-slave-agent-port.groovy
Jun 07, 2017 8:46:06 AM jenkins.InitReactorRunner$1 onAttained
INFO: Completed initialization
Jun 07, 2017 8:46:06 AM hudson.WebAppMain$3 run
INFO: Jenkins is fully up and running
--> setting agent port for jnlp
Jun 07, 2017 8:46:18 AM hudson.TcpSlaveAgentListener$ConnectionHandler run
INFO: Accepted connection #1 from /10.20.1.21:59828
--> setting agent port for jnlp... done
Jun 07, 2017 8:46:28 AM hudson.model.UpdateSite updateData
INFO: Obtained the latest update center data file for UpdateSource default
Jun 07, 2017 8:46:30 AM hudson.model.DownloadService$Downloadable load
INFO: Obtained the updated data file for hudson.tasks.Maven.MavenInstaller
Jun 07, 2017 8:46:31 AM hudson.model.DownloadService$Downloadable load
INFO: Obtained the updated data file for hudson.tasks.Ant.AntInstaller
Jun 07, 2017 8:46:32 AM hudson.model.DownloadService$Downloadable load
INFO: Obtained the updated data file for hudson.plugins.gradle.GradleInstaller
Jun 07, 2017 8:46:33 AM hudson.model.DownloadService$Downloadable load
INFO: Obtained the updated data file for hudson.plugins.sonar.MsBuildSonarQubeRunnerInstaller
Jun 07, 2017 8:46:34 AM hudson.model.DownloadService$Downloadable load
INFO: Obtained the updated data file for hudson.plugins.sonar.SonarRunnerInstaller
Jun 07, 2017 8:46:40 AM hudson.model.DownloadService$Downloadable load
INFO: Obtained the updated data file for hudson.tools.JDKInstaller
Jun 07, 2017 8:46:40 AM hudson.model.AsyncPeriodicWork$1 run
INFO: Finished Download metadata. 36,995 ms
Jun 07, 2017 3:36:21 PM org.eclipse.jetty.util.log.JavaUtilLog warn
WARNING: Illegal character 0x4 in state=START for buffer HeapByteBuffer@1c2e6542[p=1,l=10,c=16384,r=9]={\x04<<<\x01\x00P_\xD5\xB1|0\x00>>> HTTP/1.1\r\nHost: ...\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}
Jun 07, 2017 3:36:22 PM org.eclipse.jetty.util.log.JavaUtilLog warn
WARNING: badMessage: 400 Illegal character 0x4 for HttpChannelOverHttp@479b05c8{r=0,c=false,a=IDLE,uri=}
最佳答案
我学到了一个重要的教训。如果我们将卷安装到图像(容器)内的现有文件夹,它将用附加卷的内容替换所有内容。 为了解决我的问题,我编辑了 Dockerfile 将 groovy 脚本复制到/usr/share/jenkins/ref/init.groovy.d/。加载容器时,启动脚本会将整个文件从该文件夹复制到 jenkins home!
关于Kubernetes 上的 Jenkins 未加载外部卷中的/var/jenkins_home/init.groovy.d 文件,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44418070/