• DevOps
  • 使用自定义Jenkins agent,运行流水线报错'400 Bad Request'

执行kubesphere流水线使用自定义的jenkins agent运行报错,我的yaml文件是这样写的,只新增了下面的内容,其他都是默认的

templates:
- name: "ruoyi"
namespace: "kubesphere-devops-worker"
label: "ruoyi"
nodeUsageMode: "EXCLUSIVE"
idleMinutes: 0
containers:
- name: "maven"
image: "swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.0-podman"
command: "cat"
args: ""
ttyEnabled: true
privileged: true
resourceRequestCpu: "100m"
resourceLimitCpu: "4000m"
resourceRequestMemory: "100Mi"
resourceLimitMemory: "8192Mi"
- name: "jnlp"
image: "swr.cn-southwest-2.myhuaweicloud.com/ks/jenkins/inbound-agent:4.10-2"
args: "^${computer.jnlpmac} ^${computer.name}"
resourceRequestCpu: "50m"
resourceLimitCpu: "500m"
resourceRequestMemory: "400Mi"
resourceLimitMemory: "1536Mi"
workspaceVolume:
emptyDirWorkspaceVolume:
memory: false
volumes:
- hostPathVolume:
hostPath: "/var/run/docker.sock"
mountPath: "/var/run/docker.sock"
- hostPathVolume:
hostPath: "/var/data/jenkins_maven_cache"
mountPath: "/root/.m2"
- hostPathVolume:
hostPath: "/var/data/jenkins_sonar_cache"
mountPath: "/root/.sonar/cache"
yaml: |
spec:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
- key: node-role.kubernetes.io/worker
operator: In
values:
- ci
tolerations:
- key: "node.kubernetes.io/ci"
operator: "Exists"
effect: "NoSchedule"
- key: "node.kubernetes.io/ci"
operator: "Exists"
effect: "PreferNoSchedule"
containers:
- name: "maven"
resources:
requests:
ephemeral-storage: "1Gi"
limits:
ephemeral-storage: "10Gi"
volumeMounts:
- name: config-volume
mountPath: /opt/apache-maven-3.5.3/conf/settings.xml
subPath: settings.xml
volumes:
- name: config-volume
configMap:
name: ks-devops-agent
items:
- key: MavenSetting
path: settings.xml
securityContext:
fsGroup: 1000
- name: "ruoyi-maven"
label: "ruoyi-maven"
inheritFrom: "ruoyi"
containers:
- name: "maven"
image: "swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.1-jdk11-podman"

我是想实现使用不同的容器放到一个pod里去进行打包编译,已经写好了,但是运行有问题

看起来是你自定义的agent没有运行。请确保修改 casc cm 中的 jenkins_user.yaml 而不是 jenkins.yaml, 若确认修改正确但仍然运行失败,请重启jenkins。

    stoneshi-yunify 好滴,我能确认一下这个问题x509要怎么跳过证书验证吗?我在/etc/containers/registries.conf配置文件中添加了跳过验证registries = [‘harbor.threatbook.com’]

      993034494

      参考这个。 172.31.17.46:30003 是我部署的harbor。

      root@base-mdcqq:/home/jenkins/agent# cat /etc/containers/registries.conf | tail -n 20
      # [[registry.mirror]]
      # location = "example-mirror-1.local/mirrors/foo"
      # insecure = true
      # # Given the above, a pull of example.com/foo/image:latest will try:
      # # 1. example-mirror-0.local/mirror-for-foo/image:latest
      # # 2. example-mirror-1.local/mirrors/foo/image:latest
      # # 3. internal-registry-for-example.com/bar/image:latest
      # # in order, and use the first one that exists.
      #
      unqualified-search-registries = ["172.31.17.46:30003"]
      
      [[registry]]
      prefix = "docker.io"
      location = "docker.io"
      
      [[registry]]
      prefix = "172.31.17.46:30003"
      location = "172.31.17.46:30003"
      insecure = true

      podman login xxx –tls-verify=false