k8s部署CI/CD(jenkins,gitlab)
0. 创建PV存储卷# ubuntuapt install nfs-kernel-servermkdir -pv /root/data/nfschmod 777 /root/data/nfsvim /etc/sysconfig/nfs# 见下图vim /etc/exports # 见下图systemctl restart nfs-kernel-servernfsstatmkdir -pv /roo
·
部分ubuntu部署k8s的问题见
ubunt相关
0. 创建PV存储卷
# ubuntu
apt install nfs-kernel-server
mkdir -pv /root/data/nfs
chmod 777 /root/data/nfs
vim /etc/sysconfig/nfs # 见下图
vim /etc/exports # 见下图
systemctl restart nfs-kernel-server
nfsstat
mkdir -pv /root/data/nfs/pv0001
mkdir -pv /root/data/nfs/pv0002
mkdir -pv /root/data/nfs/pv0003
mkdir -pv /root/data/nfs/pv0004
1. 部署Jenkins
发现第一次安装时会出现UnknownHost: updates.jenkins.io的错误
此时重新rollout一次即可
kubectl rollout restart deploy jenkins
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
dnsConfig:
nameservers:
- 2.244.0.16
- 127.0.0.53
containers:
- name: jenkins
image: jenkins/jenkins
ports:
- name: http-port
containerPort: 8080
- name: jnlp-port
containerPort: 50000
volumeMounts:
- name: jenkins-vol
mountPath: /var/jenkins_vol
volumes:
- name: jenkins-vol
persistentVolumeClaim:
claimName: jenkins-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-pvc
spec:
#storageClassName: jenkins-pvc
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
1.1.Jenkins-svc
apiVersion: v1
kind: Service
metadata:
name: jenkins-svc
spec:
type: NodePort
ports:
- port: 8080
targetPort: 8080
nodePort: 30090
selector:
app: jenkins
---
apiVersion: v1
kind: Service
metadata:
name: jenkins-jnlp
spec:
type: ClusterIP
ports:
- port: 50000
targetPort: 50000
selector:
app: jenkins
1.2.Jenkins下流水线配置
流水线示例代码
gitee test-pipline 请参考里面的Jenkinsfile以及Dockerfile
1.1. 遇到问题 dns -> 8.8.8.8:53 time out
ubuntu下使用的resolv.con
# 直接修改默认dns规则,将forward改成 8.8.8.8
# 因为ubuntu会使用
kubectl edit -n kube-system configmap coredns
后来经过排查发现不是这里的问题
是/run/flannel/subnet.env种编写的参数有误,一下参数应该和Kubeadm init时指定的一致,或者每次Kubeadm init时应当删除该文件;
2. 部署的redis
kind: Deployment
metadata:
name: redis
labels:
name: redis
spec:
selector:
matchLabels:
name: redis
template:
metadata:
name: redis
labels:
name: redis
spec:
containers:
- name: redis
image: sameersbn/redis
imagePullPolicy: IfNotPresent
ports:
- name: redis
containerPort: 6379
volumeMounts:
- mountPath: /var/lib/redis
name: data
livenessProbe:
exec:
command:
- redis-cli
- ping
initialDelaySeconds: 5
timeoutSeconds: 1
volumes:
- name: data
persistentVolumeClaim:
claimName: redis-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: redis-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: Service
metadata:
name: redis
labels:
name: redis
spec:
ports:
- name: redis
port: 6379
targetPort: redis
selector:
name: redis
3.部署postgresql
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgresql
labels:
name: postgresql
spec:
selector:
matchLabels:
name: postgresql
template:
metadata:
name: postgresql
labels:
name: postgresql
spec:
containers:
- name: postgresql
image: sameersbn/postgresql:10
imagePullPolicy: IfNotPresent
env:
- name: DB_USER
value: "gitlab"
- name: DB_PASS
value: "123456"
- name: DB_NAME
value: "gitlab_production"
- name: DB_EXTENSION
value: "pg_trgm"
ports:
- name: postgres
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql
name: data
livenessProbe:
exec:
command:
- pg_isready
- -h
- localhost
- -U
- postgres
initialDelaySeconds: 30
timeoutSeconds: 5
readinessProbe:
exec:
command:
- pg_isready
- -h
- localhost
- -U
- postgres
initialDelaySeconds: 5
timeoutSeconds: 1
volumes:
- name: data
persistentVolumeClaim:
claimName: postgresql-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgresql-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: Service
metadata:
name: postgresql
labels:
name: postgresql
spec:
ports:
- name: postgresql-svc
port: 5432
targetPort: postgres
4.部署gitlab
---
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: gitlab
name: gitlab
namespace: devops
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: gitlab
template:
metadata:
labels:
k8s-app: gitlab
namespace: devops
name: gitlab
spec:
containers:
- name: gitlab
image: gitlab/gitlab-ce:12.6.0-ce.0
imagePullPolicy: Always
env:
- name: GITLAB_ROOT_PASSWORD
value: "gdufsdev"
ports:
- containerPort: 80
name: web
protocol: TCP
- containerPort: 22
name: agent
protocol: TCP
resources:
limits:
cpu: 1000m
memory: 4Gi
requests:
cpu: 500m
memory: 512Mi
livenessProbe:
httpGet:
path: /users/sign_in
port: 80
initialDelaySeconds: 600
timeoutSeconds: 5
failureThreshold: 12
readinessProbe:
httpGet:
path: /users/sign_in
port: 80
initialDelaySeconds: 600
timeoutSeconds: 5
failureThreshold: 12
volumeMounts:
# 持久化操作可使用PV
- name: gitlab-conf
mountPath: /etc/gitlab
- name: gitlab-log
mountPath: /var/log/gitlab
- name: gitlab-data
mountPath: /var/opt/gitlab
env:
- name: gitlab_HOME
value: /var/lib/gitlab
volumes:
- name: gitlab-conf
hostPath:
path: /data/devops/gitlab/config
type: Directory
- name: gitlab-log
hostPath:
path: /data/devops/gitlab/logs
type: Directory
- name: gitlab-data
hostPath:
path: /data/devops/gitlab/data
type: Directory
serviceAccountName: gitlab
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: gitlab
name: gitlab
namespace: devops
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: gitlab
name: gitlab
namespace: devops
spec:
type: NodePort
ports:
- name: web
port: 80
targetPort: 80
nodePort: 30088
- name: slave
port: 22
targetPort: 22
nodePort: 30022
selector:
k8s-app: gitlab
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: gitlab
namespace: devops
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: gitlab
namespace: devops
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: gitlab
subjects:
- kind: ServiceAccount
name: gitlab
namespace: devops
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitlab-data-pvc
namespace: devops
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
为gitlab用户添加权限
kubectl create clusterrolebinding gitlab-admin --clusterrole=cluster-admin --serviceaccount=devops:gitlab
更多推荐
已为社区贡献16条内容
所有评论(0)