mirror of https://github.com/easzlab/kubeasz.git
update jenkins and plugins (#258)
lusyoe
jmgao
parent
fd75e942e5
commit
ecca73ae41
|
|
@ -1,7 +1,7 @@
|
|||
name: jenkins
|
||||
home: https://jenkins.io/
|
||||
version: 0.16.1
|
||||
appVersion: 2.107
|
||||
version: 0.16.6
|
||||
appVersion: 2.121.1
|
||||
description: Open source continuous integration server. It supports multiple SCM tools
|
||||
including CVS, Subversion and Git. It can execute Apache Ant and Apache Maven-based
|
||||
projects as well as arbitrary scripts.
|
||||
|
|
|
|||
|
|
@ -33,23 +33,24 @@ The following tables list the configurable parameters of the Jenkins chart and t
|
|||
| `Master.Name` | Jenkins master name | `jenkins-master` |
|
||||
| `Master.Image` | Master image name | `jenkinsci/jenkins` |
|
||||
| `Master.ImageTag` | Master image tag | `lts` |
|
||||
| `Master.ImagePullPolicy` | Master image pull policy | `IfNotPresent` |
|
||||
| `Master.ImagePullPolicy` | Master image pull policy | `Always` |
|
||||
| `Master.ImagePullSecret` | Master image pull secret | Not set |
|
||||
| `Master.Component` | k8s selector key | `jenkins-master` |
|
||||
| `Master.UseSecurity` | Use basic security | `true` |
|
||||
| `Master.AdminUser` | Admin username (and password) created as a secret if useSecurity is true | `admin` |
|
||||
| `Master.Cpu` | Master requested cpu | `200m` |
|
||||
| `Master.Memory` | Master requested memory | `512Mi` |
|
||||
| `Master.resources` | Resources allocation (Requests and Limits) | `{requests: {cpu: 50m, memory: 256Mi}, limits: {cpu: 2000m, memory: 2048Mi}}`|
|
||||
| `Master.InitContainerEnv` | Environment variables for Init Container | Not set |
|
||||
| `Master.ContainerEnv` | Environment variables for Jenkins Container | Not set |
|
||||
| `Master.UsePodSecurityContext` | Enable pod security context (must be `true` if `RunAsUser` or `FsGroup` are set) | `true` |
|
||||
| `Master.RunAsUser` | uid that jenkins runs with | `0` |
|
||||
| `Master.FsGroup` | uid that will be used for persistent volume | `0` |
|
||||
| `Master.ServiceAnnotations` | Service annotations | `{}` |
|
||||
| `Master.ServiceType` | k8s service type | `ClusterIP` |
|
||||
| `Master.ServiceType` | k8s service type | `LoadBalancer` |
|
||||
| `Master.ServicePort` | k8s service port | `8080` |
|
||||
| `Master.NodePort` | k8s node port | Not set |
|
||||
| `Master.HealthProbes` | Enable k8s liveness and readiness probes | `true` |
|
||||
| `Master.HealthProbesTimeout` | Set the timeout for the liveness and readiness probes | `120` |
|
||||
| `Master.HealthProbesLivenessTimeout` | Set the timeout for the liveness probe | `120` |
|
||||
| `Master.HealthProbesReadinessTimeout` | Set the timeout for the readiness probe | `60` |
|
||||
| `Master.HealthProbeLivenessFailureThreshold` | Set the failure threshold for the liveness probe | `12` |
|
||||
| `Master.ContainerPort` | Master listening port | `8080` |
|
||||
| `Master.SlaveListenerPort` | Listening port for agents | `50000` |
|
||||
|
|
@ -72,10 +73,11 @@ The following tables list the configurable parameters of the Jenkins chart and t
|
|||
| `Master.NodeSelector` | Node labels for pod assignment | `{}` |
|
||||
| `Master.Affinity` | Affinity settings | `{}` |
|
||||
| `Master.Tolerations` | Toleration labels for pod assignment | `{}` |
|
||||
| `Master.PodAnnotations` | Annotations for master pod | `{}` |
|
||||
| `NetworkPolicy.Enabled` | Enable creation of NetworkPolicy resources. | `false` |
|
||||
| `NetworkPolicy.ApiVersion` | NetworkPolicy ApiVersion | `extensions/v1beta1` |
|
||||
| `rbac.install` | Create service account and ClusterRoleBinding for Kubernetes plugin | `true` |
|
||||
| `rbac.apiVersion` | RBAC API version | `v1` |
|
||||
| `rbac.install` | Create service account and ClusterRoleBinding for Kubernetes plugin | `false` |
|
||||
| `rbac.apiVersion` | RBAC API version | `v1beta1` |
|
||||
| `rbac.roleRef` | Cluster role name to bind to | `cluster-admin` |
|
||||
|
||||
### Jenkins Agent
|
||||
|
|
@ -84,12 +86,11 @@ The following tables list the configurable parameters of the Jenkins chart and t
|
|||
| ----------------------- | ----------------------------------------------- | ---------------------- |
|
||||
| `Agent.AlwaysPullImage` | Always pull agent container image before build | `false` |
|
||||
| `Agent.Enabled` | Enable Kubernetes plugin jnlp-agent podTemplate | `true` |
|
||||
| `Agent.Image` | Agent image name | `jenkins/jnlp-slave` |
|
||||
| `Agent.Image` | Agent image name | `jenkinsci/jnlp-slave` |
|
||||
| `Agent.ImagePullSecret` | Agent image pull secret | Not set |
|
||||
| `Agent.ImageTag` | Agent image tag | `latest` |
|
||||
| `Agent.ImageTag` | Agent image tag | `2.62` |
|
||||
| `Agent.Privileged` | Agent privileged container | `false` |
|
||||
| `Agent.Cpu` | Agent requested cpu | `200m` |
|
||||
| `Agent.Memory` | Agent requested memory | `256Mi` |
|
||||
| `Agent.resources` | Resources allocation (Requests and Limits) | `{requests: {cpu: 200m, memory: 256Mi}, limits: {cpu: 200m, memory: 256Mi}}`|
|
||||
| `Agent.volumes` | Additional volumes | `nil` |
|
||||
|
||||
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
|
||||
|
|
@ -149,7 +150,7 @@ It is possible to mount several volumes using `Persistence.volumes` and `Persist
|
|||
| `Persistence.Size` | The size of the PVC | `8Gi` |
|
||||
| `Persistence.volumes` | Additional volumes | `nil` |
|
||||
| `Persistence.mounts` | Additional mounts | `nil` |
|
||||
| `Persistence.StorageClass` | The PV Provisioner | `nfs-dynamic-class`|
|
||||
| `Persistence.StorageClass` | The PV Provisioner | `nfs-dynamic-class`|
|
||||
|
||||
#### Existing PersistentVolumeClaim
|
||||
|
||||
|
|
|
|||
|
|
@ -67,10 +67,13 @@ data:
|
|||
<command></command>
|
||||
<args>${computer.jnlpmac} ${computer.name}</args>
|
||||
<ttyEnabled>false</ttyEnabled>
|
||||
<resourceRequestCpu>{{.Values.Agent.Cpu}}</resourceRequestCpu>
|
||||
<resourceRequestMemory>{{.Values.Agent.Memory}}</resourceRequestMemory>
|
||||
<resourceLimitCpu>{{.Values.Agent.Cpu}}</resourceLimitCpu>
|
||||
<resourceLimitMemory>{{.Values.Agent.Memory}}</resourceLimitMemory>
|
||||
# Resources configuration is a little hacky. This was to prevent breaking
|
||||
# changes, and should be cleanned up in the future once everybody had
|
||||
# enough time to migrate.
|
||||
<resourceRequestCpu>{{.Values.Agent.Cpu | default .Values.Agent.resources.requests.cpu}}</resourceRequestCpu>
|
||||
<resourceRequestMemory>{{.Values.Agent.Memory | default .Values.Agent.resources.requests.memory}}</resourceRequestMemory>
|
||||
<resourceLimitCpu>{{.Values.Agent.Cpu | default .Values.Agent.resources.limits.cpu}}</resourceLimitCpu>
|
||||
<resourceLimitMemory>{{.Values.Agent.Memory | default .Values.Agent.resources.limits.memory}}</resourceLimitMemory>
|
||||
</org.csanchez.jenkins.plugins.kubernetes.ContainerTemplate>
|
||||
</containers>
|
||||
<envVars/>
|
||||
|
|
|
|||
|
|
@ -24,6 +24,9 @@ spec:
|
|||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
||||
annotations:
|
||||
checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }}
|
||||
{{- if .Values.Master.PodAnnotations }}
|
||||
{{ toYaml .Values.Master.PodAnnotations | indent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.Master.NodeSelector }}
|
||||
nodeSelector:
|
||||
|
|
@ -37,12 +40,14 @@ spec:
|
|||
affinity:
|
||||
{{ toYaml .Values.Master.Affinity | indent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.Master.UsePodSecurityContext }}
|
||||
securityContext:
|
||||
runAsUser: {{ default 0 .Values.Master.RunAsUser }}
|
||||
{{- if and (.Values.Master.RunAsUser) (.Values.Master.FsGroup) }}
|
||||
{{- if not (eq .Values.Master.RunAsUser 0.0) }}
|
||||
fsGroup: {{ .Values.Master.FsGroup }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ if .Values.rbac.install }}{{ template "jenkins.fullname" . }}{{ else }}"{{ .Values.rbac.serviceAccountName }}"{{ end }}
|
||||
initContainers:
|
||||
|
|
@ -128,19 +133,23 @@ spec:
|
|||
httpGet:
|
||||
path: /login
|
||||
port: http
|
||||
initialDelaySeconds: {{ .Values.Master.HealthProbesTimeout }}
|
||||
initialDelaySeconds: {{ .Values.Master.HealthProbesLivenessTimeout }}
|
||||
timeoutSeconds: 5
|
||||
failureThreshold: {{ .Values.Master.HealthProbeLivenessFailureThreshold }}
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /login
|
||||
port: http
|
||||
initialDelaySeconds: {{ .Values.Master.HealthProbesTimeout }}
|
||||
initialDelaySeconds: {{ .Values.Master.HealthProbesReadinessTimeout }}
|
||||
{{- end }}
|
||||
resources:
|
||||
{{ if or .Values.Master.Cpu .Values.Master.Memory }}
|
||||
requests:
|
||||
cpu: "{{ .Values.Master.Cpu }}"
|
||||
memory: "{{ .Values.Master.Memory }}"
|
||||
{{ else }}
|
||||
{{ toYaml .Values.Master.resources | indent 12 }}
|
||||
{{ end }}
|
||||
volumeMounts:
|
||||
{{- if .Values.Persistence.mounts }}
|
||||
{{ toYaml .Values.Persistence.mounts | indent 12 }}
|
||||
|
|
|
|||
|
|
@ -18,8 +18,13 @@ Master:
|
|||
UseSecurity: true
|
||||
AdminUser: admin
|
||||
AdminPassword: admin
|
||||
Cpu: "200m"
|
||||
Memory: "512Mi"
|
||||
resources:
|
||||
requests:
|
||||
cpu: "50m"
|
||||
memory: "256Mi"
|
||||
limits:
|
||||
cpu: "2000m"
|
||||
memory: "2048Mi"
|
||||
# Environment variables that get added to the init container (useful for e.g. http_proxy)
|
||||
# InitContainerEnv:
|
||||
# - name: http_proxy
|
||||
|
|
@ -31,6 +36,10 @@ Master:
|
|||
# JavaOpts: "-Xms512m -Xmx512m"
|
||||
# JenkinsOpts: ""
|
||||
# JenkinsUriPrefix: "/jenkins"
|
||||
|
||||
# Enable pod security context (must be `true` if RunAsUser or FsGroup are set)
|
||||
# UsePodSecurityContext: true
|
||||
|
||||
# Set RunAsUser to 1000 to let Jenkins run as non-root user 'jenkins' which exists in 'jenkins/jenkins' docker image.
|
||||
# When setting RunAsUser to a different value than 0 also set FsGroup to the same value:
|
||||
# RunAsUser: <defaults to 0>
|
||||
|
|
@ -47,9 +56,10 @@ Master:
|
|||
# NodePort: <to set explicitly, choose port between 30000-32767
|
||||
ContainerPort: 8080
|
||||
# Enable Kubernetes Liveness and Readiness Probes
|
||||
# ~ 2 minutes to allow Jenkins to restart when upgrading plugins. Set ReadinessTimeout to be shorter than LivenessTimeout.
|
||||
HealthProbes: true
|
||||
HealthProbesTimeout: 60
|
||||
# ~2 minutes to allow Jenkins to restart when upgrading plugins
|
||||
HealthProbesLivenessTimeout: 90
|
||||
HealthProbesReadinessTimeout: 60
|
||||
HealthProbeLivenessFailureThreshold: 12
|
||||
SlaveListenerPort: 50000
|
||||
DisabledAgentProtocols:
|
||||
|
|
@ -84,12 +94,12 @@ Master:
|
|||
|
||||
# List of plugins to be install during Jenkins master start
|
||||
InstallPlugins:
|
||||
- kubernetes:1.6.3
|
||||
- kubernetes:1.10.0
|
||||
- workflow-aggregator:2.5
|
||||
- workflow-job:2.21
|
||||
- credentials-binding:1.16
|
||||
- git:3.9.0
|
||||
- gitlab:1.5.6
|
||||
- git:3.9.1
|
||||
- gitlab:1.5.8
|
||||
# Used to approve a list of groovy functions in pipelines used the script-security plugin. Can be viewed under /scriptApproval
|
||||
# ScriptApproval:
|
||||
# - "method groovy.json.JsonSlurperClassic parseText java.lang.String"
|
||||
|
|
@ -115,6 +125,7 @@ Master:
|
|||
NodeSelector: {}
|
||||
|
||||
Tolerations: {}
|
||||
PodAnnotations: {}
|
||||
|
||||
Ingress:
|
||||
ApiVersion: extensions/v1beta1
|
||||
|
|
@ -129,13 +140,18 @@ Master:
|
|||
|
||||
Agent:
|
||||
Enabled: true
|
||||
Image: jenkins/jnlp-slave
|
||||
Image: jenkinsci/jnlp-slave
|
||||
ImageTag: alpine
|
||||
# ImagePullSecret: jenkins
|
||||
Component: "jenkins-slave"
|
||||
Privileged: false
|
||||
Cpu: "200m"
|
||||
Memory: "256Mi"
|
||||
resources:
|
||||
requests:
|
||||
cpu: "200m"
|
||||
memory: "256Mi"
|
||||
limits:
|
||||
cpu: "200m"
|
||||
memory: "256Mi"
|
||||
# You may want to change this to true while testing a new image
|
||||
AlwaysPullImage: false
|
||||
# You can define the volumes that you want to mount for this container
|
||||
|
|
|
|||
Loading…
Reference in New Issue