我正在 K8S 集群中设置 Jenkins 机器,并希望为我的 Kubernetes 集群预先配置云属性。
出于这个原因,我想在启动时加载一个自定义的config.xml文件。
我的config.xml当前位于名为jenkins-config的 configMap 中,其中包含我的编辑的整个 XML 文件。
现在使用我正在使用的 Jenkins 映像,它会加载所有配置/var/jenkins_home/
这意味着config.xml文件在/var/jenkins_home. 当然,/var/jenkins_home正在坚持下去。
我将我的configMap介绍为VolumeMount。
我的部署.yaml 文件是:
spec:
replicas: 1
template:
metadata:
labels:
app: jenkins
release: 1.1.1
spec:
containers:
- name: jenkins
image: jenkins-master:1.0
env:
- name: JAVA_OPTS
value: -Djenkins.install.runSetupWizard=false
ports:
- name: http-port
containerPort: 8080
- name: jnlp-port
containerPort: 54000
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
readOnly: false
- name: jenkins-config
mountPath: /var/jenkins_home/config.xml
subPath: config.xml
volumes:
- name: jenkins-home
emptyDir: {}
- name: jenkins-config
configMap:
name: jenkins-config
现在我可以访问我的 pod 并验证新配置确实存在,但我的 Jenkins 给出了错误,例如:
WARNING: Unable to move atomically, falling back to non-atomic move.
java.nio.file.FileSystemException: /var/jenkins_home/atomic1870316694682040724tmp -> /var/jenkins_home/config.xml: Device or resource busy
at sun.nio.fs.UnixException.translateToIOException(UnixException.java:91)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
at sun.nio.fs.UnixCopyFile.move(UnixCopyFile.java:396)
at sun.nio.fs.UnixFileSystemProvider.move(UnixFileSystemProvider.java:262)
at java.nio.file.Files.move(Files.java:1395)
at hudson.util.AtomicFileWriter.commit(AtomicFileWriter.java:191)
at hudson.XmlFile.write(XmlFile.java:198)
at jenkins.model.Jenkins.save(Jenkins.java:3221)
at jenkins.model.Jenkins.saveQuietly(Jenkins.java:3227)
at jenkins.model.Jenkins.setSecurityRealm(Jenkins.java:2505)
at jenkins.model.Jenkins$16.run(Jenkins.java:3188)
at org.jvnet.hudson.reactor.TaskGraphBuilder$TaskImpl.run(TaskGraphBuilder.java:169)
at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:296)
at jenkins.model.Jenkins$5.runTask(Jenkins.java:1066)
at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:214)
at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Sep 15, 2018 10:06:23 PM hudson.util.AtomicFileWriter commit
INFO: The target file /var/jenkins_home/config.xml was already existing
Sep 15, 2018 10:06:23 PM hudson.util.AtomicFileWriter commit
WARNING: Unable to move /var/jenkins_home/atomic1870316694682040724tmp to /var/jenkins_home/config.xml. Attempting to delete /var/jenkins_home/atomic1870316694682040724tmp and abandoning.
Sep 15, 2018 10:06:23 PM jenkins.model.Jenkins saveQuietly
WARNING: null
java.nio.file.FileSystemException: /var/jenkins_home/config.xml: Device or resource busy
at sun.nio.fs.UnixException.translateToIOException(UnixException.java:91)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
at sun.nio.fs.UnixCopyFile.move(UnixCopyFile.java:447)
at sun.nio.fs.UnixFileSystemProvider.move(UnixFileSystemProvider.java:262)
at java.nio.file.Files.move(Files.java:1395)
at hudson.util.AtomicFileWriter.commit(AtomicFileWriter.java:206)
at hudson.XmlFile.write(XmlFile.java:198)
at jenkins.model.Jenkins.save(Jenkins.java:3221)
at jenkins.model.Jenkins.saveQuietly(Jenkins.java:3227)
at jenkins.model.Jenkins.setSecurityRealm(Jenkins.java:2505)
at jenkins.model.Jenkins$16.run(Jenkins.java:3188)
at org.jvnet.hudson.reactor.TaskGraphBuilder$TaskImpl.run(TaskGraphBuilder.java:169)
at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:296)
at jenkins.model.Jenkins$5.runTask(Jenkins.java:1066)
at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:214)
at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Suppressed: java.nio.file.FileSystemException: /var/jenkins_home/atomic1870316694682040724tmp -> /var/jenkins_home/config.xml: Device or resource busy
at sun.nio.fs.UnixException.translateToIOException(UnixException.java:91)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
at sun.nio.fs.UnixCopyFile.move(UnixCopyFile.java:396)
at sun.nio.fs.UnixFileSystemProvider.move(UnixFileSystemProvider.java:262)
at java.nio.file.Files.move(Files.java:1395)
at hudson.util.AtomicFileWriter.commit(AtomicFileWriter.java:191)
... 13 more
看起来 Jenkins 加载了默认的config.xml文件,然后用我发送的文件覆盖它,这让 Jenkins 吓坏了。
我可以使我的Docker映像成为该部分,但我想使用K8S覆盖,而不是在映像中创建文件。
关于如何在 Jenkins 中启动时安全地引入config.xml文件的任何想法?
编辑
另一个尝试 ::
我什至尝试了以下配置:
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
readOnly: false
volumes:
- name: jenkins-home
configMap:
name: jenkins-config
items:
- key: config.xml
path: config.xml
但这会产生:
kubectl logs -n jenkins-pipeline jenkins-bc879c4df-m8nlc
touch: cannot touch '/var/jenkins_home/copy_reference_file.log': Read-only file system
Can not write to /var/jenkins_home/copy_reference_file.log. Wrong volume permissions?
你基本上是在/var/jenkins_home之上挂载/var/jenkins_home/config.xml,而 Jenkins 无法写入它。试试这个:
spec:
replicas: 1
template:
metadata:
labels:
app: jenkins
release: 1.1.1
spec:
containers:
- name: jenkins
image: jenkins-master:1.0
env:
- name: JAVA_OPTS
value: -Djenkins.install.runSetupWizard=false
ports:
- name: http-port
containerPort: 8080
- name: jnlp-port
containerPort: 54000
volumeMounts:
- name: jenkins-home
mountPath: /etc/config
volumes:
- name: jenkins-home
hostPath:
# directory location on host
path: /data
# this field is optional
type: Directory
configMap:
name: jenkins-config
items:
- key: config
path: config.xml