• kubernetes集群:向pod里的/etc/hosts添加解析


    K8S向pod里的/etc/hosts添加解析

    之前我们已经搭建了git,nexus,nacos,jenkins。域名都是临时添加的,非正式域名。所以pod没法解析这些地址。如图:

    解决办法

    利用hostAliases添加你需要的解析,如图:

    验证

    k8s集群搭建jenkins的配置文件

    # cat jenkins-rbac.yaml 
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: jenkins
      namespace: kube-ops
    
    ---
    
    kind: Role
    apiVersion: rbac.authorization.k8s.io/v1beta1
    metadata:
      name: jenkins
      namespace: kube-ops
    rules:
      - apiGroups: [""]
        resources: ["pods"]
        verbs: ["create","delete","get","list","patch","update","watch"]
      - apiGroups: [""]
        resources: ["pods/exec"]
        verbs: ["create","delete","get","list","patch","update","watch"]
      - apiGroups: [""]
        resources: ["pods/log"]
        verbs: ["get","list","watch"]
      - apiGroups: [""]
        resources: ["secrets"]
        verbs: ["get"]
    
    ---
    apiVersion: rbac.authorization.k8s.io/v1beta1
    kind: RoleBinding
    metadata:
      name: jenkins
      namespace: kube-ops
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: Role
      name: jenkins
    subjects:
      - kind: ServiceAccount
        name: jenkins
        namespace: kube-ops
    

    =====

    # cat jenkins-pvc.yaml 
    apiVersion: v1
    kind: PersistentVolume
    metadata:
      name: opspv
    spec:
      capacity:
        storage: 50Gi
      accessModes:
      - ReadWriteMany
      persistentVolumeReclaimPolicy: Delete
      nfs:
        server: 10.10.4.85
        path: /data/jenkins
    
    ---
    kind: PersistentVolumeClaim
    apiVersion: v1
    metadata:
      name: opspvc
      namespace: kube-ops
    spec:
      accessModes:
        - ReadWriteMany
      resources:
        requests:
          storage: 50Gi
    

    ===

    # cat jenkins-deployment.yaml
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: jenkins
      namespace: kube-ops
    spec:
      selector:
        matchLabels:
          app: jenkins
      template:
        metadata:
          labels:
            app: jenkins
        spec:
          hostAliases:
          - ip: "10.10.4.86"
            hostnames:
            - "jenkins.vonedao.com"
            - "gitlab.vonedao.com"
            - "nacos.vonedao.com"
            - "docker.vonedao.com"
            - "nexus.vonedao.com"
          terminationGracePeriodSeconds: 10
          serviceAccountName: jenkins
          containers:
          - name: jenkins
            image: jenkins/jenkins:lts
            imagePullPolicy: IfNotPresent
            ports:
            - containerPort: 8080
              name: web
              protocol: TCP
            - containerPort: 50000
              name: agent
              protocol: TCP
            resources:
              limits:
                cpu: 2000m
                memory: 4Gi
              requests:
                cpu: 1000m
                memory: 2Gi
            livenessProbe:
              httpGet:
                path: /login
                port: 8080
              initialDelaySeconds: 60
              timeoutSeconds: 5
              failureThreshold: 12
            readinessProbe:
              httpGet:
                path: /login
                port: 8080
              initialDelaySeconds: 60
              timeoutSeconds: 5
              failureThreshold: 12
            volumeMounts:
            - name: jenkinshome
              #subPath: jenkins
              mountPath: /var/jenkins_home
            env:
            - name: LIMITS_MEMORY
              valueFrom:
                resourceFieldRef:
                  resource: limits.memory
                  divisor: 1Mi
            - name: JAVA_OPTS
              value: -Xmx$(LIMITS_MEMORY)m -XshowSettings:vm -Dhudson.slaves.NodeProvisioner.initialDelay=0 -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85 -Duser.timezone=Asia/Shanghai
          securityContext:
            fsGroup: 1000
          volumes:
          - name: jenkinshome
            persistentVolumeClaim:
              claimName: opspvc
    
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: jenkins
      namespace: kube-ops
      labels:
        app: jenkins
    spec:
      selector:
        app: jenkins
      ports:
      - name: web
        port: 8080
        targetPort: web
      - name: agent
        port: 50000
        targetPort: agent
    

    ===

    # cat jenkins-ingress.yaml
    apiVersion: extensions/v1beta1
    kind: Ingress
    metadata:
      name: jenkins-ingress
      namespace: kube-ops
      annotations:
        nginx.ingress.kubernetes.io/proxy-body-size: "1024m"
        nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
        nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
        kubernetes.io/ingress.class: "nginx"
    spec:
      rules:
      - host: jenkins.vonedao.com
        http:
          paths:
          - backend:
              serviceName: jenkins
              servicePort: 8080
    
  • 相关阅读:
    新装CentOS7用yum安装软件提示 cannot find a valid baseurl for repobase7x86_64
    新手快速上手webpack4打包工具的使用详解
    2种方法教你,如何将exe注册为windows服务,直接从后台运行
    如何部署前端DIST目录
    安装了vs2019 编译node-sass node-gyp 找不到编译器的解决方法
    node-sass安装失败之npm ERR! Failed at the node-sass@4.9.4 postinstall script.
    Node.js安装及环境配置之Windows篇
    npm源切换,从淘宝源切换至npm源
    找不到Python问题解决 (转)
    redisson
  • 原文地址:https://www.cnblogs.com/zoujiaojiao/p/12564459.html
Copyright © 2020-2023  润新知