jenkins - choisungwook/portfolio GitHub Wiki

default ingress ์„ค์ •

์ด ์˜ˆ์ œ๋Š” ingress subapth๋ฅผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค.

controller:
  image: "choisunguk/jenkins"
  tag: "v5"
  serviceType: ClusterIP
  jenkinsUriPrefix: "/jenkins1"
  installPlugins: []

  ingress:
    enabled: true
    hostName: "choilab.com"
    path: "/jenkins1"

docker.sock ๋งˆ์šดํŠธ

controller:
  image: "choisunguk/jenkins"
  tag: "v5"
  serviceType: ClusterIP
  jenkinsUriPrefix: "/jenkins1"
  installPlugins: []

  ingress:
    enabled: true
    hostName: "choilab.com"
    path: "/jenkins1"

persistence:
  volumes:
  - name: docker-sock
    hostPath:
      type: Socket
      path: /var/run/docker.sock
  mounts:
  - mountPath: /var/run/docker.sock
    name: docker-sock

cert-manager ์—ฐ๋™ ์˜ˆ์ œ

์ด ์˜ˆ์ œ๋Š” dns-01 solver์„ ์‚ฌ์šฉํ•˜๊ณ  cloudflare๋ฅผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค.

cloudflare ์•ก์„ธ์Šคํ† ํฐ secret ์ƒ์„ฑ

apiVersion: v1
kind: Secret
metadata:
  name: cloudflare-api-token-secret
  namespace: jenkins
type: Opaque
stringData:
  api-token: <your-token>

issuer ์ƒ์„ฑ

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: jenkins-prodissuser
  namespace: jenkins
spec:
  acme:
    # The ACME server URL
    server: https://acme-v02.api.letsencrypt.org/directory
    # Email address used for ACME registration
    email: <your email>
    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: jenkins-prodissuser
    # Enable the challenge provider
    solvers:
      - dns01:
          cloudflare:
            email: <your email>
            apiTokenSecretRef:
              name: cloudflare-api-token-secret #cloudflare api token
              key: api-token

helm override_values.yaml

controller:
  image: "choisunguk/jenkins"
  tag: "v5"
  serviceType: ClusterIP
  installPlugins: []

  ingress:
    enabled: true
    hostName: "jenkins.choilab.xyz"
    tls:
    - secretName: certmanager-jenkins
      hosts:
        - jenkins.choilab.xyz

    annotations:
      cert-manager.io/issuer: "jenkins-prodissuser"

nodeselector ์˜ˆ์ œ

์ด ์˜ˆ์ œ๋Š” docker๋ผ๋ฒจ์ด ํ™œ์„ฑํ™”๋œ ์›Œ์ปค๋…ธ๋“œ์— nodeselector๋ฅผ ์„ค์ •ํ•˜๋Š” ์˜ˆ์ œ์ž…๋‹ˆ๋‹ค.

label ์„ค์ •

kubectl label nodes <your-node-name> docker=activate

override_values.yaml

controller:
  image: "choisunguk/jenkins"
  tag: "v5"
  serviceType: ClusterIP
  installPlugins: []

  nodeSelector:
    docker: activate

agent:
  nodeSelector:
    docker: activate

๋ธ”๋กœ๊ทธ ์œ ํˆฌ๋ธŒ

โš ๏ธ **GitHub.com Fallback** โš ๏ธ