制作镜像
FROM harbor.basepoint.net/library/rockylinux:9.3
COPY ca.crt /etc/pki/ca-trust/source/anchors/
COPY kubectl /usr/local/bin
COPY helm /usr/local/bin
COPY jenkins-agent /usr/local/bin
COPY build/go1.22.5.linux-amd64.tar.gz /tmp
COPY build/openjdk-22.0.2_linux-x64_bin.tar.gz /tmp
WORKDIR /usr/share/jenkins
COPY agent.jar /usr/share/jenkins
RUN yum -y install yum-utils git wget vim && \
#yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo && \
#sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo &&\
#yum -y install docker-ce && \
tar -C /usr/local -xzf /tmp/go1.22.5.linux-amd64.tar.gz && \
tar -C /usr/local -xzf /tmp/openjdk-22.0.2_linux-x64_bin.tar.gz && \
update-ca-trust
ENV JAVA_HOME=/usr/local/jdk-22.0.2
ENV PATH=$PATH:/usr/local/go/bin:/usr/local/jdk-22.0.2/bin
ENV GOPATH=/usr/share/go
ENV GO111MODULE=on
ENV GOPRIVATE=gitee.cn
ENV GOPROXY=https://goproxy.cn,direct
WORKDIR /home/jenkins/agent
ENTRYPOINT ["/usr/local/bin/jenkins-agent"]创建节点
记录secret和name
创建Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins-slave01
namespace: devops
labels:
app: jenkins
spec:
replicas: 1
selector:
matchLabels:
app: jenkins-slave01
template:
metadata:
labels:
app: jenkins-slave01
spec:
# 污点
#tolerations:
#- effect: NoSchedule
# key: no-pod
# operator: Exists
# 运行在指定label的k8s节点
#nodeSelector:
# jenkins: "true"
imagePullSecrets:
- name: regcred
containers:
- name: agent
image: harbor.basepoint.net/library/rocky_build:jdk22-go1.22.5
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
env:
- name: JENKINS_URL
value: "http://jenkins.devops.svc.cluster.local"
- name: JENKINS_SECRET
value: "df59d1d6f6052defd5d102c242301a93a0698821d2557ed4bca1d7160e14ba3c"
- name: JENKINS_AGENT_WORKDIR
value: "/home/jenkins/agent"
- name: JENKINS_AGENT_NAME
valueFrom:
fieldRef:
fieldPath: metadata.labels['app']
# 以下不可用,静态节点必须写在一个容器内。
#- name: docker
# image: harbor.basepoint.net/library/docker:dind
# imagePullPolicy: Always
# securityContext:
# privileged: true
# volumeMounts:
# - name: ca
# mountPath: "/etc/docker/certs.d/"
# readOnly: true
#volumes:
# - name: ca
# secret:
# secretName: harbor-ca
# #secretName: devops-tls
# items:
# - key: ca.crt
# path: harbor.basepoint.net/ca.crt查看日志
出现Connected即可
查看节点状态
测试Pipeline
pipeline {
agent {
node {
// 与节点标签对应
label 'jenkins-slave01'
}
}
stages {
stage('Hello') {
steps {
echo 'Hello World'
sh 'java --version'
}
}
}
}