参考：http://www.mydlq.club/article/47/

必要的RBAC权限

apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins-admin       #ServiceAccount名
  namespace: cicd           #指定namespace，一定要修改成你自己的namespace
  labels:
    name: jenkins
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: jenkins-admin
  labels:
    name: jenkins
subjects:
  - kind: ServiceAccount
    name: jenkins-admin
    namespace: cicd
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

必要的数据持久存储

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: jenkins
  namespace: cicd
spec:
  storageClassName: cephfs
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 100Gi

服务和部署模板示例

apiVersion: v1
kind: Service
metadata:
  name: jenkins
  namespace: cicd
  labels:
    app: jenkins
spec:
  type: NodePort
  ports:
  - name: http
    port: 8080          #服务端口
    targetPort: 8080
    nodePort: 32001     #NodePort方式暴露 Jenkins 端口
  - name: jnlp
    port: 50000         #代理端口
    targetPort: 50000
    nodePort: 32002
  selector:
    app: jenkins
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: jenkins
  namespace: cicd
  labels:
    app: jenkins
spec:
  selector:
    matchLabels:
      app: jenkins
  replicas: 1
  template:
    metadata:
      labels:
        app: jenkins
    spec:
      serviceAccountName: jenkins-admin
      containers:
      - name: jenkins
        image: jenkins:20200628-2
        securityContext:                     
          runAsUser: 0       #设置以ROOT用户运行容器
          privileged: true   #拥有特权
        ports:
        - name: http
          containerPort: 8080
        - name: jnlp
          containerPort: 50000
        resources:
          limits:
            memory: 2Gi
            cpu: "2000m"
          requests:
            memory: 2Gi
            cpu: "2000m"
        env:
        - name: LIMITS_MEMORY
          valueFrom:
            resourceFieldRef:
              resource: limits.memory
              divisor: 1Mi
        - name: "JAVA_TOOL_OPTIONS" #定义 JVM 环境变量，这里主要是设置编码参数，防止中文乱码
          value: "
                  -Dfile.encoding=UTF-8
                  -Dsun.jnu.encoding=UTF-8
                 "
        - name: "JAVA_OPTS"  #设置变量，指定时区和 jenkins slave 执行者设置
          value: " 
                  -Xmx$(LIMITS_MEMORY)m 
                  -XshowSettings:vm 
                  -Dhudson.slaves.NodeProvisioner.initialDelay=0
                  -Dhudson.slaves.NodeProvisioner.MARGIN=50
                  -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85
                  -Duser.timezone=Asia/Shanghai
                  -Djenkins.install.runSetupWizard=false
                  -Djenkins.CLI.disabled=true
                 "    
        - name: "JENKINS_OPTS"
          value: "--prefix=/"                #设置路径前缀
        volumeMounts:                        #设置要挂在的目录
        - name: data
          mountPath: /var/jenkins_home
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: jenkins      #设置PVC

K8s 部署 Jenkins 分布式说明