github-mirror/jenkins
1
0
Fork 0
mirror of https://github.com/thejimnicholson/jenkins.git synced 2025-12-06 03:30:43 +00:00
Code Issues Projects Releases Wiki Activity

Initial Commit

Browse Source
This commit is contained in:
Jim Nicholson 2021-10-31 22:40:40 -07:00
commit 86c4957620
7 changed files with 192 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md Normal file
View File

@ -0,0 +1,4 @@
# Jenkins under Kubernetes
Deploys Jenkins to a kubernetes cluster.
Uses NFS for persistent storage.

76
credentials.yaml Normal file
View File

@ -0,0 +1,76 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: jenkins
rules:
- apiGroups:
- '*'
resources:
- statefulsets
- services
- replicationcontrollers
- replicasets
- podtemplates
- podsecuritypolicies
- pods
- pods/log
- pods/exec
- podpreset
- poddisruptionbudget
- persistentvolumes
- persistentvolumeclaims
- jobs
- endpoints
- deployments
- deployments/scale
- daemonsets
- cronjobs
- configmaps
- namespaces
- events
- secrets
verbs:
- create
- get
- watch
- delete
- list
- patch
- update
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: jenkins
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: jenkins
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: Group
name: system:serviceaccounts:jenkins

22
jenkins-ingress.yaml Normal file
View File

@ -0,0 +1,22 @@
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: jenkins-ingress
namespace: jenkins
annotations:
kubernetes.io/ingress.class: "traefik"
traefik.ingress.kubernetes.io/redirect-entry-point: https
cert-manager.io/cluster-issuer: http-clusterissuer
spec:
rules:
- host: jenkins.thejimnicholson.com
http:
paths:
- backend:
serviceName: jenkins
servicePort: 8080
tls:
- hosts:
- jenkins.thejimnicholson.com
secretName: jenkins.thejimnicholson.com

26
jenkins-service.yaml Normal file
View File

@ -0,0 +1,26 @@
apiVersion: v1
kind: Service
metadata:
name: jenkins
namespace: jenkins
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
selector:
app: jenkins
---
apiVersion: v1
kind: Service
metadata:
name: jenkins-jnlp
namespace: jenkins
spec:
type: ClusterIP
ports:
- port: 50000
targetPort: 50000
selector:
app: jenkins

28
jenkins-volume.yaml Normal file
View File

@ -0,0 +1,28 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-pv
namespace: jenkins
spec:
accessModes:
- ReadWriteOnce
capacity:
storage: 20Gi
persistentVolumeReclaimPolicy: Retain
mountOptions:
- nolock
nfs:
server: 10.0.97.2
path: /volume1/storage/jenkins
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-pvc
namespace: jenkins
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi

30
jenkins.yaml Normal file
View File

@ -0,0 +1,30 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: jenkins
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
containers:
- name: jenkins
image: jenkins/jenkins:jdk11
ports:
- name: http-port
containerPort: 8080
- name: jnlp-port
containerPort: 50000
volumeMounts:
- name: jenkins-vol
mountPath: /var/jenkins_home
volumes:
- name: jenkins-vol
persistentVolumeClaim:
claimName: jenkins-pvc

6
kustomize.yaml Normal file
View File

@ -0,0 +1,6 @@
resources:
- credentials.yaml
- jenkins-volume.yaml
- jenkins.yaml
- jenkins-service.yaml
- jenkins-ingress.yaml