The initial conditions

Kubeadm builds the Kubenretes 1.20.5 cluster as shown below

In front of the Cilium Hubble was installed, HelM3 was installed.

Storage is integrated with Tencent Cloud’s CBS block storage

Network? Traefik proxy (pure HTTP, certificate given to Tencent Cloud Load Balancing CLB)

To prepare for integration planning, CICD should go through the traditional Jenkins GitHub Spinnaker integration. Set up the basic environment first. Let’s start with Jenkins

1. Repeat the installation of HELM3 again

1. Download the HELM application

Now the latest version 3.5.3? Find the corresponding system platform package download

2. Install the helm

Upload the tar.gz package to the server (I am the master node random)

Tar ZXVF helm-v3.5.3-linux-amd64.tar.gz mv linux-amd64/helm /usr/bin/helm

OK Helm installed successfully

2. Configuration and installation of Jenkins

2.1. Helm adds Jenkins warehouse. And pull the Jenkins version package

Helm repo add Jenkins helm pull Jenkins/Jenkins # so does my version or other version 3.3.0 tar ZXVF Jenkins - 3.3.0. TGZ

2.2. Change Value.YAML according to personal needs

CD Jenkins directory, change the values. Yaml installation personal requirements

Personally, Clusterzone was modified and the default storage was used by Tencent Cloud CBS.

3. Helm installs Jenkins into the specified namespace

3.1. Normal installation process

kubectl create ns kube-ops
helm install -f values.yaml jenkins  jenkins/jenkins -n kube-ops

3.2. Too long wait time for int to download plug-in in installation

You can comment out the process of installing the plugin in the Value.yaml file.

Comment out the Install plugin and install it manually

I just commented it out and deleted the Helm deployer and started over again.

helm delete jenkins -n kube-ops
helm install -f values.yaml jenkins  jenkins/jenkins -n kube-ops

Sure enough, comment it out and it just starts

4. A few things after initialization

4.1. Wait for POD initialization to complete

4.2 The initialization password is searched in the log

First look for the password the traditional way:

kubectl logs -f jenkins-0 jenkins -n kube-ops

Well, the password isn’t in the log

4.3. The correct way to get Jenkins’ initial password is secret

printf $(kubectl get secret --namespace kube-ops jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode); echo

5. Traefik represents Jenkins apps

( way of building and agent has been indicated above.)

Use the IngressRoute proxy Jenkins

cat jenkins-ingress.yaml

kind: IngressRoute
  namespace: kube-ops
  name: jenkins-http
    - web
    - match: Host(``)
      kind: Rule
        - name: jenkins
          port: 8080

kubectl apply -f jenkins-ingress.yaml

6. Web access to the Jenkins application

6.1. Log on to Jenkins Web

What did not input the account password? I don’t understand why the first time I log in after initialization, I can enter……. without password

6.2 Change the security Settings and do not allow users to log in anonymously

Create the initial administrator user

6.3 Install the Chinese plug-in

OK to start the installation of the plug-in, first install the Chinese plug-in, after installation restart….

Chinese plugin installation completed. Well, so far my personal password is still valid……

6.4 Install the plug-ins that Helm masked during initialization

Then manually install the shielded initialization plug-in in Helm? Just manually install the following four plug-ins. It is also a common Kubernetes plugin.

Wait for it to finish. Restart the Jenkins app

7. Eggs

Well, my password is wrong after rebooting… what

Holding the idea of trying to drive into the above 4.3 step I got the key well into…..

Jenkins Libraries Pipeline and Kubernetes Spinnaker GitLab are all built together.

8. Afterword.

Jenkins has updated the new version of TLS, how to play…… I directly modified Jenkins’ image tag in Value.yaml

helm upgrade -f values.yaml jenkins  jenkins/jenkins -n kube-ops