【发布时间】:2018-09-16 09:53:01
【问题描述】:
我正在 K8S 集群中设置 Jenkins 机器,并希望为我的 Kubernetes 集群预配置云属性。
出于这个原因,我想在启动时加载一个自定义的config.xml 文件。
我的 config.xml 当前位于名为 jenkins-config 的 configMap 中,并包含我编辑的整个 XML 文件。
现在使用我正在使用的 Jenkins 映像,它会加载 /var/jenkins_home/ 下的所有配置
这意味着config.xml 文件位于/var/jenkins_home 下。
/var/jenkins_home 当然是持久化的。
我将我的 configMap 介绍为 VolumeMount。
我的 deployment.yaml 文件是:
spec:
replicas: 1
template:
metadata:
labels:
app: jenkins
release: 1.1.1
spec:
containers:
- name: jenkins
image: jenkins-master:1.0
env:
- name: JAVA_OPTS
value: -Djenkins.install.runSetupWizard=false
ports:
- name: http-port
containerPort: 8080
- name: jnlp-port
containerPort: 54000
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
readOnly: false
- name: jenkins-config
mountPath: /var/jenkins_home/config.xml
subPath: config.xml
volumes:
- name: jenkins-home
emptyDir: {}
- name: jenkins-config
configMap:
name: jenkins-config
现在我可以访问我的 pod 并验证新配置是否确实存在,但我的 Jenkins 给出的错误如下:
WARNING: Unable to move atomically, falling back to non-atomic move.
java.nio.file.FileSystemException: /var/jenkins_home/atomic1870316694682040724tmp -> /var/jenkins_home/config.xml: Device or resource busy
at sun.nio.fs.UnixException.translateToIOException(UnixException.java:91)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
at sun.nio.fs.UnixCopyFile.move(UnixCopyFile.java:396)
at sun.nio.fs.UnixFileSystemProvider.move(UnixFileSystemProvider.java:262)
at java.nio.file.Files.move(Files.java:1395)
at hudson.util.AtomicFileWriter.commit(AtomicFileWriter.java:191)
at hudson.XmlFile.write(XmlFile.java:198)
at jenkins.model.Jenkins.save(Jenkins.java:3221)
at jenkins.model.Jenkins.saveQuietly(Jenkins.java:3227)
at jenkins.model.Jenkins.setSecurityRealm(Jenkins.java:2505)
at jenkins.model.Jenkins$16.run(Jenkins.java:3188)
at org.jvnet.hudson.reactor.TaskGraphBuilder$TaskImpl.run(TaskGraphBuilder.java:169)
at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:296)
at jenkins.model.Jenkins$5.runTask(Jenkins.java:1066)
at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:214)
at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Sep 15, 2018 10:06:23 PM hudson.util.AtomicFileWriter commit
INFO: The target file /var/jenkins_home/config.xml was already existing
Sep 15, 2018 10:06:23 PM hudson.util.AtomicFileWriter commit
WARNING: Unable to move /var/jenkins_home/atomic1870316694682040724tmp to /var/jenkins_home/config.xml. Attempting to delete /var/jenkins_home/atomic1870316694682040724tmp and abandoning.
Sep 15, 2018 10:06:23 PM jenkins.model.Jenkins saveQuietly
WARNING: null
java.nio.file.FileSystemException: /var/jenkins_home/config.xml: Device or resource busy
at sun.nio.fs.UnixException.translateToIOException(UnixException.java:91)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
at sun.nio.fs.UnixCopyFile.move(UnixCopyFile.java:447)
at sun.nio.fs.UnixFileSystemProvider.move(UnixFileSystemProvider.java:262)
at java.nio.file.Files.move(Files.java:1395)
at hudson.util.AtomicFileWriter.commit(AtomicFileWriter.java:206)
at hudson.XmlFile.write(XmlFile.java:198)
at jenkins.model.Jenkins.save(Jenkins.java:3221)
at jenkins.model.Jenkins.saveQuietly(Jenkins.java:3227)
at jenkins.model.Jenkins.setSecurityRealm(Jenkins.java:2505)
at jenkins.model.Jenkins$16.run(Jenkins.java:3188)
at org.jvnet.hudson.reactor.TaskGraphBuilder$TaskImpl.run(TaskGraphBuilder.java:169)
at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:296)
at jenkins.model.Jenkins$5.runTask(Jenkins.java:1066)
at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:214)
at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Suppressed: java.nio.file.FileSystemException: /var/jenkins_home/atomic1870316694682040724tmp -> /var/jenkins_home/config.xml: Device or resource busy
at sun.nio.fs.UnixException.translateToIOException(UnixException.java:91)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
at sun.nio.fs.UnixCopyFile.move(UnixCopyFile.java:396)
at sun.nio.fs.UnixFileSystemProvider.move(UnixFileSystemProvider.java:262)
at java.nio.file.Files.move(Files.java:1395)
at hudson.util.AtomicFileWriter.commit(AtomicFileWriter.java:191)
... 13 more
看起来 Jenkins 加载了默认的 config.xml 文件,然后用我发送的文件覆盖了它,这让 Jenkins 吓坏了。
我可以制作我的 Docker 镜像的这一部分,但我想使用 K8S 覆盖而不是在镜像中制作文件。
关于如何在 Jenkins 启动时安全地引入 config.xml 文件有什么想法吗?
编辑
另一个尝试::
我什至尝试了以下配置:
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
readOnly: false
volumes:
- name: jenkins-home
configMap:
name: jenkins-config
items:
- key: config.xml
path: config.xml
但这会产生:
kubectl logs -n jenkins-pipeline jenkins-bc879c4df-m8nlc
touch: cannot touch '/var/jenkins_home/copy_reference_file.log': Read-only file system
Can not write to /var/jenkins_home/copy_reference_file.log. Wrong volume permissions?
【问题讨论】:
-
coderanger.net/jenkins 的强制插件,它解释了一个更好的方法来做到这一点。与其尝试完全控制 config.xml(Jenkins 讨厌),不如使用 Groovy 脚本系统在每次启动时进行配置。
标签: jenkins kubernetes