Jenkins 没有安装 AWS EFS 文件系统而是使用默认卷
Jenkins is not mounting the AWS EFS file system and using the default volume instead
我正在尝试将 jenkins 与 EKS 上的 EFS 持久性卷一起使用。然而,我试图让它使用提供的 EFS 文件系统的所有尝试都没有成功。让我感到奇怪的是,当我使用 busybox 映像进行测试时,EFS 已成功安装并且可以看到写入共享存储的数据。
EFS 定义
resource "aws_efs_file_system" "jenkins_shared_file_system" {
creation_token = "Jenkins shared file system"
performance_mode = "generalPurpose"
throughput_mode = "bursting"
encrypted = true
tags = {
Name = "Jenkins shared file system"
}
}
resource "aws_efs_mount_target" "jenkins_efs_private_subnet_1_mount_target" {
file_system_id = aws_efs_file_system.jenkins_shared_file_system.id
subnet_id = aws_subnet.ci_cd_private_subnet_1.id
security_groups = [aws_security_group.jenkins_efs_sg.id]
}
resource "aws_efs_mount_target" "jenkins_efs_private_subnet_2_mount_target" {
file_system_id = aws_efs_file_system.jenkins_shared_file_system.id
subnet_id = aws_subnet.ci_cd_private_subnet_2.id
security_groups = [aws_security_group.jenkins_efs_sg.id]
}
resource "aws_efs_access_point" "jenkins_efs_access_point" {
file_system_id = aws_efs_file_system.jenkins_shared_file_system.id
tags = {
Name = "Jenkins EFS access point"
}
posix_user {
gid = 1000
uid = 1000
}
root_directory {
path = "/jenkins"
creation_info {
owner_uid = 1000
owner_gid = 1000
permissions = 777
}
}
}
按照 https://docs.aws.amazon.com/eks/latest/userguide/efs-csi.html
的说明安装 CSI 驱动程序
这里是持久化配置
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: efs-sc
provisioner: efs.csi.aws.com
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: efs-pv
namespace: jenkins
spec:
capacity:
storage: 5Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: efs-sc
csi:
driver: efs.csi.aws.com
volumeHandle: fs-12345::fsap-12345
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: efs-pvc
namespace: jenkins
spec:
accessModes:
- ReadWriteMany
storageClassName: efs-sc
resources:
requests:
storage: 5Gi
和 jenkins 值配置
controller:
componentName: jenkins-controller
image: "jenkins/jenkins"
tag: lts-jdk11
imagePullPolicy: IfNotPresent
installPlugins: false
disableRememberMe: false
resources:
requests:
cpu: 2
memory: 2Gi
limits:
cpu: 6
memory: 4Gi
runAsUser: 1000
fsGroup: 1000
serviceType: ClusterIP
persistence:
enabled: true
existingClaim: efs-pvc
storageClassName: efs-sc
ingress:
enabled: true
apiVersion: "networking.k8s.io/v1"
ingressClassName: nginx
kubernetes.io/ingress.class: nginx
rules:
- host: foo.jenkins.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jenkins
port:
number: 80
tls:
- secretName: jenkins-tls
hosts:
- foo.jenkins.com
使用 helm 部署 jenkins 之前的结果
kubernetes git:(jenkins) ✗ kc get sc,pv,pvc -n jenkins
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
storageclass.storage.k8s.io/efs-sc efs.csi.aws.com Delete Immediate false 11m
storageclass.storage.k8s.io/gp2 (default) kubernetes.io/aws-ebs Delete WaitForFirstConsumer false 69m
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
persistentvolume/efs-pv 5Gi RWX Retain Bound jenkins/efs-pvc efs-sc 11m
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/efs-pvc Bound efs-pv 5Gi RWX efs-sc 11m
部署后
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
storageclass.storage.k8s.io/efs-sc efs.csi.aws.com Delete Immediate false 15m
storageclass.storage.k8s.io/gp2 (default) kubernetes.io/aws-ebs Delete WaitForFirstConsumer false 73m
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
persistentvolume/efs-pv 5Gi RWX Retain Bound jenkins/efs-pvc efs-sc 15m
persistentvolume/pvc-94adfdfb-a1db-4f16-8189-84ac20474607 8Gi RWO Delete Bound jenkins/jenkins gp2 12s
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/efs-pvc Bound efs-pv 5Gi RWX efs-sc 15m
persistentvolumeclaim/jenkins Bound pvc-94adfdfb-a1db-4f16-8189-84ac20474607 8Gi RWO gp2 17s
当我在 pod 中执行时 mount 的输出显示没有 NFS 安装卷。这真的很奇怪
非常感谢您的帮助。谢谢!
良好的休息和清醒的头脑帮助我在一整天的头撞墙后解决了这个问题。
问题是持久化块应该是独立的,而不是在控制器块下。
persistence:
enabled: true
existingClaim: efs-pvc
storageClassName: efs-sc
controller:
componentName: jenkins-controller
image: "jenkins/jenkins"
tag: lts-jdk11
imagePullPolicy: IfNotPresent
installPlugins: false
disableRememberMe: false
resources:
requests:
cpu: 2
memory: 2Gi
limits:
cpu: 6
memory: 4Gi
runAsUser: 1000
fsGroup: 1000
serviceType: ClusterIP
ingress:
enabled: true
apiVersion: "networking.k8s.io/v1"
ingressClassName: nginx
kubernetes.io/ingress.class: nginx
rules:
- host: foo.jenkins.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jenkins
port:
number: 80
tls:
- secretName: jenkins-tls
hosts:
- foo.jenkins.com
我正在尝试将 jenkins 与 EKS 上的 EFS 持久性卷一起使用。然而,我试图让它使用提供的 EFS 文件系统的所有尝试都没有成功。让我感到奇怪的是,当我使用 busybox 映像进行测试时,EFS 已成功安装并且可以看到写入共享存储的数据。
EFS 定义
resource "aws_efs_file_system" "jenkins_shared_file_system" {
creation_token = "Jenkins shared file system"
performance_mode = "generalPurpose"
throughput_mode = "bursting"
encrypted = true
tags = {
Name = "Jenkins shared file system"
}
}
resource "aws_efs_mount_target" "jenkins_efs_private_subnet_1_mount_target" {
file_system_id = aws_efs_file_system.jenkins_shared_file_system.id
subnet_id = aws_subnet.ci_cd_private_subnet_1.id
security_groups = [aws_security_group.jenkins_efs_sg.id]
}
resource "aws_efs_mount_target" "jenkins_efs_private_subnet_2_mount_target" {
file_system_id = aws_efs_file_system.jenkins_shared_file_system.id
subnet_id = aws_subnet.ci_cd_private_subnet_2.id
security_groups = [aws_security_group.jenkins_efs_sg.id]
}
resource "aws_efs_access_point" "jenkins_efs_access_point" {
file_system_id = aws_efs_file_system.jenkins_shared_file_system.id
tags = {
Name = "Jenkins EFS access point"
}
posix_user {
gid = 1000
uid = 1000
}
root_directory {
path = "/jenkins"
creation_info {
owner_uid = 1000
owner_gid = 1000
permissions = 777
}
}
}
按照 https://docs.aws.amazon.com/eks/latest/userguide/efs-csi.html
的说明安装 CSI 驱动程序这里是持久化配置
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: efs-sc
provisioner: efs.csi.aws.com
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: efs-pv
namespace: jenkins
spec:
capacity:
storage: 5Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: efs-sc
csi:
driver: efs.csi.aws.com
volumeHandle: fs-12345::fsap-12345
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: efs-pvc
namespace: jenkins
spec:
accessModes:
- ReadWriteMany
storageClassName: efs-sc
resources:
requests:
storage: 5Gi
和 jenkins 值配置
controller:
componentName: jenkins-controller
image: "jenkins/jenkins"
tag: lts-jdk11
imagePullPolicy: IfNotPresent
installPlugins: false
disableRememberMe: false
resources:
requests:
cpu: 2
memory: 2Gi
limits:
cpu: 6
memory: 4Gi
runAsUser: 1000
fsGroup: 1000
serviceType: ClusterIP
persistence:
enabled: true
existingClaim: efs-pvc
storageClassName: efs-sc
ingress:
enabled: true
apiVersion: "networking.k8s.io/v1"
ingressClassName: nginx
kubernetes.io/ingress.class: nginx
rules:
- host: foo.jenkins.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jenkins
port:
number: 80
tls:
- secretName: jenkins-tls
hosts:
- foo.jenkins.com
使用 helm 部署 jenkins 之前的结果
kubernetes git:(jenkins) ✗ kc get sc,pv,pvc -n jenkins
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
storageclass.storage.k8s.io/efs-sc efs.csi.aws.com Delete Immediate false 11m
storageclass.storage.k8s.io/gp2 (default) kubernetes.io/aws-ebs Delete WaitForFirstConsumer false 69m
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
persistentvolume/efs-pv 5Gi RWX Retain Bound jenkins/efs-pvc efs-sc 11m
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/efs-pvc Bound efs-pv 5Gi RWX efs-sc 11m
部署后
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
storageclass.storage.k8s.io/efs-sc efs.csi.aws.com Delete Immediate false 15m
storageclass.storage.k8s.io/gp2 (default) kubernetes.io/aws-ebs Delete WaitForFirstConsumer false 73m
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
persistentvolume/efs-pv 5Gi RWX Retain Bound jenkins/efs-pvc efs-sc 15m
persistentvolume/pvc-94adfdfb-a1db-4f16-8189-84ac20474607 8Gi RWO Delete Bound jenkins/jenkins gp2 12s
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/efs-pvc Bound efs-pv 5Gi RWX efs-sc 15m
persistentvolumeclaim/jenkins Bound pvc-94adfdfb-a1db-4f16-8189-84ac20474607 8Gi RWO gp2 17s
当我在 pod 中执行时 mount 的输出显示没有 NFS 安装卷。这真的很奇怪
非常感谢您的帮助。谢谢!
良好的休息和清醒的头脑帮助我在一整天的头撞墙后解决了这个问题。 问题是持久化块应该是独立的,而不是在控制器块下。
persistence:
enabled: true
existingClaim: efs-pvc
storageClassName: efs-sc
controller:
componentName: jenkins-controller
image: "jenkins/jenkins"
tag: lts-jdk11
imagePullPolicy: IfNotPresent
installPlugins: false
disableRememberMe: false
resources:
requests:
cpu: 2
memory: 2Gi
limits:
cpu: 6
memory: 4Gi
runAsUser: 1000
fsGroup: 1000
serviceType: ClusterIP
ingress:
enabled: true
apiVersion: "networking.k8s.io/v1"
ingressClassName: nginx
kubernetes.io/ingress.class: nginx
rules:
- host: foo.jenkins.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jenkins
port:
number: 80
tls:
- secretName: jenkins-tls
hosts:
- foo.jenkins.com