二进制部署Jenkins,对接k8s,部署前端微服务
二进制部署Jenkins,对接k8s、harbor,部署前端微服务
·
1.二进制安装–2.387.1
下载地址:点击跳转
[root@jenkins ~]# yum install wget -y
[root@jenkins ~]# yum install java-11-openjdk java-11-openjdk-devel -y
[root@jenkins ~]# mkdir -p /data/jenkins
[root@jenkins ~]# useradd jenkins
[root@jenkins ~]# chown -R jenkins.jenkins /data/jenkins
[root@jenkins ~]# su - jenkins
[jenkins@jenkins ~]$ cd /data/jenkins/
[jenkins@jenkins jenkins]$ export version=2.387.1
[jenkins@jenkins jenkins]$ wget https://get.jenkins.io/war-stable/$version/jenkins.war --no-check-certificate
[jenkins@jenkins jenkins]$ cat > jenkins.sh <<EOF
#!/bin/bash
#JAVA_HOME=/usr/local/jdk1.8.0_171
pid=\`ps -ef | grep jenkins.war | grep -v 'grep'| awk '{print $2}'| wc -l\`
if [ "\$1" = "start" ];then
if [ \$pid -gt 0 ];then
echo 'jenkins is running...'
else
nohup java -jar -Xmx2048m -XX:MaxPermSize=1024M -Djava.awt.headless=true -Dhudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION=true /data/jenkins/jenkins.war --httpPort=8090 2>&1 &
fi
elif [ "\$1" = "stop" ];then
exec ps -ef | grep jenkins | grep -v grep | awk '{print \$2}'| xargs kill -9
echo 'jenkins is stop..'
else
echo "Please input like this:"./jenkins.sh start" or "./jenkins stop""
fi
EOF
[jenkins@jenkins jenkins]$ chmod +x jenkins.sh
[jenkins@jenkins jenkins]$ sh jenkins.sh start # 停止:sh jenkins.sh stop
[jenkins@jenkins jenkins]$ cat /home/jenkins/.jenkins/secrets/initialAdminPassword
[jenkins@jenkins jenkins]$ exit
安装工具
maven
注意 maven 与 jdk 版本适配 https://maven.apache.org/docs/history.html
下载地址 https://dlcdn.apache.org/maven/maven-3/
[root@jenkins ~]# wget --no-check-certificate https://dlcdn.apache.org/maven/maven-3/3.9.1/binaries/apache-maven-3.9.1-bin.tar.gz
[root@jenkins ~]# tar -zxvf apache-maven-3.9.1-bin.tar.gz -C /usr/local/
[root@jenkins ~]# ln -sv /usr/local/apache-maven-3.9.1 /usr/local/maven
[root@jenkins ~]# vim /etc/profile.d/maven.sh
export MAVEN_HOME=/usr/local/maven
export PATH=$MAVEN_HOME/bin:$PATH
[root@jenkins ~]# source /etc/profile.d/maven.sh
# 验证
[root@jenkins ~]# mvn -v
nodeJS
前提条件:jenkins已安装nodeJS插件
[root@jenkins ~]# wget https://nodejs.org/dist/v16.17.0/node-v16.17.0-linux-x64.tar.xz
[root@jenkins ~]# tar -xf node-v16.17.0-linux-x64.tar.xz -C /usr/local/
[root@jenkins ~]# ln -sv /usr/local/node-v16.17.0-linux-x64 /usr/local/node
[root@jenkins ~]# ln -sv /usr/local/node/bin/node /usr/bin/node
[root@jenkins ~]# vim /etc/profile.d/node.sh
NODE_HOME=/usr/local/node
PATH=$PATH:$NODE_HOME/bin
NODE_PATH=$NODE_HOME/lib/node_mudules
export PATH NODE_HOME NODE_PATH
[root@jenkins ~]# source /etc/profile.d/node.sh
# 验证
[root@jenkins ~]# node -v
[root@jenkins ~]# npm -v
## 扩展:安装yarn
[root@jenkins ~]# npm install -g yarn
## 扩展:全局安装vue cli
[root@jenkins ~]# npm install -g vue-cli --registry=https://registry.npmmirror.com
[root@jenkins ~]# vue --version
git
[root@jenkins ~]# yum install git -y
[root@jenkins ~]# which git
/usr/bin/git
安装插件
1.用户权限管理–Role-based Authorization Strategy
创建角色
添加角色可以看见的项目的名称
注意以
.*结尾,表示匹配所有
给用户授权角色
登录验证
2.前端服务构建命令npm–nodeJS
3.pipeline中使用docker构建镜像–Docker Pipeline
注意:使用docker命令时可能会报错,如下
这是因为权限不足导致
解决
# 方法一
chmod 777 /var/run/docker.sock
# 方法二
chown root:docker /var/run/docker.sock # 修改docker.sock权限为root:docker
groupadd docker # 添加docker用户组
gpasswd -a jenkins docker # 将jenkins用户添加至docker用户组
newgrp docker # 更新docker用户组
对接k8s
jenkins安装kubectl命令
# k8s master 操作
[root@master ~]# scp /opt/kube/bin/kubectl 192.168.1.23:/tmp/
[root@master ~]# scp /root/.kube/config 192.168.1.23:/tmp/
# jenkins 操作
[root@jenkins ~]# vi /etc/profile.d/kubectl.sh
KUBECTL_HOME=/home/jenkins
PATH=$PATH:$KUBECTL_HOME/bin
export PATH KUBECTL_HOME
[root@jenkins ~]# source /etc/profile.d/kubectl.sh
[root@jenkins ~]# mkdir -p /home/jenkins/{bin,.kube}
[root@jenkins ~]# cp /tmp/kubectl /home/jenkins/bin/
[root@jenkins ~]# cp /tmp/config /home/jenkins/.kube/
[root@jenkins ~]# chown -R jenkins.jenkins /home/jenkins/{bin,.kube}
## 验证
[root@jenkins ~]# su - jenkins
[jenkins@jenkins jenkins]$ kubectl get node
[jenkins@jenkins jenkins]$ kubectl get po -n kube-system
创建imagepullsecret资源
kubectl create secret -n mysql docker-registry myregistrykey --docker-server=192.168.1.23:80 --docker-username=admin --docker-password=Harbor12345
运行前端job
凭据创建
- 代码仓库
- harbor
流水线配置
代码目录结构
build.sh
# node版本10.14.0
/usr/local/node14/bin/npm config set user 0
/usr/local/node14/bin/npm config set unsafe-perm true
/usr/local/node14/bin/npm -q --cache-min Infinity install
echo "===========start to build==========="
/usr/local/node14/bin/npm run build
echo "===========build finished==========="
Dockerfile
#设置基础镜像
FROM nginx
#镜像创建者的信息
#MAINTAINER duolili "duolili@163.com"
#WORKDIR /home/apps/
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
echo "Asia/Shanghai" > /etc/timezone
#将dist文件中的内容复制到 /usr/share/nginx/html/ 这个目录下面
COPY dist/ /usr/share/nginx/html/
#删除nginx 默认配置
RUN rm /etc/nginx/conf.d/default.conf
#添加自己的配置 default.conf 在下面
ADD default.conf /etc/nginx/conf.d/
#使用自定义nginx.conf配置端口和监听
#COPY nginx.conf /etc/nginx/nginx.conf
RUN ln -sf /dev/stdout /var/log/nginx/broker.access.log \
&& ln -sf /dev/stderr /var/log/nginx/broker.error.log
#EXPOSE 8088
CMD ["nginx","-g","daemon off;"]
dev-k8s/Jenkinsfile3
pipeline {
agent any
parameters {
string(name: "branch", defaultValue: "dev", description: "code branch")
choice(name: 'module',choices: ['adminui'], description: 'module_name')
}
stages{
stage('setting env') {
agent any
options {
skipDefaultCheckout(true)
}
steps {
script {
env.NAMESPACE = "test"
env.PROJECT = "test"
env.IMAGE_NAME = "192.168.1.23:80/$PROJECT/$module:build-$BUILD_NUMBER"
}
}
}
stage('get code'){
steps{
git branch: '${branch}', credentialsId: '209653a1-f5b9-4214-bac8-a927c8b36060', url: 'https://gitee.com/duolili/adminui.git'
}
}
stage('adminui npm build'){
when {
environment name: 'module', value: 'adminui'
}
steps {
sh "sh build.sh"
}
}
stage('adminui image build'){
when {
environment name: 'module', value: 'adminui'
}
steps{
script {
def imageName = docker.build("$IMAGE_NAME")
docker.withRegistry('http://192.168.1.23:80/','5ed303ec-6229-488d-aa73-847e1bb8ee6c'){
imageName.push()
}
sh "/bin/docker rmi ${IMAGE_NAME}"
}
}
}
stage('adminui deploy k8s'){
when {
environment name: 'module', value: 'adminui'
}
steps{
script {
sh "sed -i 's/<BUILD_TAG>/${BUILD_NUMBER}/g' dev-k8s/k8s3.yaml"
sh "/home/jenkins/bin/kubectl apply -f dev-k8s/k8s3.yaml -n ${NAMESPACE} --kubeconfig /home/jenkins/.kube/config --record"
}
}
}
}
}
k8s-dev/k8s3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: adminui
labels:
k8s-app: adminui
spec:
replicas: 1
revisionHistoryLimit: 3
#滚动升级时70s后认为该pod就绪
minReadySeconds: 70
strategy:
rollingUpdate:
#滚动升级时会先启动1个pod
maxSurge: 1
#滚动升级时允许的最大Unavailable的pod个数
maxUnavailable: 1
selector:
matchLabels:
k8s-app: adminui
template:
metadata:
labels:
k8s-app: adminui
spec:
containers:
- name: adminui
image: 192.168.1.23:80/test/adminui:build-<BUILD_TAG>
#resources:
# need more cpu upon initialization, therefore burstable class
#limits:
# memory: 4096Mi
# cpu: 2000m
#requests:
# cpu: 1000m
# memory: 2048Mi
ports:
#容器的端口
- containerPort: 80
name: adminui
protocol: TCP
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 120
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 360
periodSeconds: 20
imagePullSecrets:
- name: myregistrykey
---
apiVersion: v1
kind: Service
metadata:
name: adminui
labels:
k8s-app: adminui
spec:
ports:
#集群IP的端口
- port: 80
name: adminui
protocol: TCP
#容器的端口
targetPort: 80
selector:
k8s-app: adminui
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: adminui-http
spec:
entryPoints:
- web
routes:
- match: Host(`adminui.test.com`) && PathPrefix(`/`)
kind: Rule
services:
- name: adminui
port: 80
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献5条内容
所有评论(0)