k8s_jenkins CI/CD篇
1,安装jenkins,master[root@k8s-master jenkins]# lsdeployment.ymlingress.ymlrbac.ymlservice-account.ymlservice.yml[root@k8s-master jenkins]# kubectl apply -f .2,查看pod转态发现一直处于peding[ro...
1,安装jenkins ,master
[root@k8s-master jenkins]# ls
deployment.yml ingress.yml rbac.yml service-account.yml service.yml
[root@k8s-master jenkins]# kubectl apply -f .
2,查看pod转态发现一直处于peding
[root@k8s-master fek]# kubectl get pods
NAME READY STATUS RESTARTS AGE
jenkins-fcc9d45fc-wrfmv 0/1 Pending 0 13h
my-pod 1/1 Running 0 2d19h
nfs-client-provisioner-75b84f8458-cjq28 1/1 Running 0 2d19h
3,查看报错原因,发现资源不够,然后删除elk ,终于起来了
kubectl describe pods/jenkins-fcc9d45fc-wrfmv
Warning FailedScheduling 5m53s (x555 over 13h) default-scheduler 0/3 nodes are available: 1 node(s) had taints that the pod didn't tolerate, 2 Insufficient cpu.
4,安装k8s插件
所需插件: Git Parameter/Git/Pipeline/kubernetes/Kubernetes Continuous Deploy
在插件替换源 http://mirror.esuni.jp/jenkins/updates/update-center.json
5,配置
下面的地址填的是kubernetes的地址,下面写的是域名是因为k8s内部的解析指到了这个ip上
[root@k8s-master jenkins]# kubectl get ep
NAME ENDPOINTS AGE
fuseim.pri-ifs <none> 3d1h
java-demo <none> 4d23h
jenkins 10.244.2.42:50000,10.244.2.42:8080 19h
kubernetes 10.1.1.30:6443 13d
jenkins地址是地址+名称空间,default 默认其实可以不写,像上面的那样,配置完保存 ok
构建镜像:
[root@k8s-master jenkins-slave]# docker build -t 10.1.1.11/library/jenkins-slave-jdk:1.8 .
[root@k8s-master jenkins-slave]# cat Dockerfile
FROM centos:7
LABEL maintainer lizhenliang
RUN yum install -y java-1.8.0-openjdk maven curl git libtool-ltdl-devel && \
yum clean all && \
rm -rf /var/cache/yum/* && \
mkdir -p /usr/share/jenkins
COPY slave.jar /usr/share/jenkins/slave.jar
COPY jenkins-slave /usr/bin/jenkins-slave
COPY settings.xml /etc/maven/settings.xml
RUN chmod +x /usr/bin/jenkins-slave
ENTRYPOINT ["jenkins-slave"]
以上就是这3个文件,构建完然后push到仓库
docker pull 10.1.1.11/library/jenkins-slave-jdk
#######################################################################################
现在正式开始项目:
第一步:先测试流水线创建pipeline 测试
测试成功
#####################################################################################
第二步,创建凭据
harbor
git
k8s
kubectl create secret docker-registry dockerpullauth --docker-username=admin --docker-password=Harbor12345 --docker-server=10.1.1.11
了解
k8s凭据添加
[root@k8s-master ~]# cat .kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01EUXhNakEzTkRBeE5Gb1hEVE13TURReE1EQTNOREF4TkZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTDRyCkNEbFY2V0tmYmcrTndwTW1jeHlSNktIdUw4RDdtdmYrYzJocUVUei9qb2FFNjhiK3pkZ3Z4N0ZqSURpTFNoRm4KSGFRS29hUWpCeFpmS2lzZnR6WWNKV25hbUJrbFdsVHV5ZWFSZ1p0cUJ1RnAxYzk2UER6S255QzV6NFhWQmlFOApxQlFMR1RUVWg0bUVRbEZTdklydm0vYklLcGtCczBEVDBnWjQyRW9ybjZEaFdvZmt2ek9KZWdZaU9BT0hVbXBWCkdmOHhaamFGQ1BDMmliZ3QzeXk4cmRhdVBLcFVqcjJBdEh2OFcrTVZScmliU3FKYmtIVzFJa25qeGMwZFRiamcKQVBEdGUwSE9YTisxbloyaEV6WTdmNDl1bHJCeTJJb0JxREpRUjFFd2kwK2VEdFA3M2ZpbzhhWWVIeEN6ZDJUUwpFbXNHbFhEd2t0VjJtNWhGbXRzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFBZWJwcWtTNWJ1d2s0cElyOEdXUHBaS21lTDUKeXFwUE40K0F2R2IzWS9lVE9YeVBIVmQ0Z2ZZMk5zVVhTdndYc2dvWXNJbGVsSmNyTFFqb3U1NjdvZmhWY2dMNQpSUnFVWk4xa1ltdC9SaDhmVm1uMXdDWXI5NUdrdWlNNjdESXBxNVhxRmtWcmFKcUdQak93UnZMVlEvazk2S21tCmxkaWdnUVZwc3RwY0pibERPbTExR011SFcyNitxSlN5Y1doWmNYZ2pqT3gzODFOUkp3TG1zMFFSMlNDUlhHYmMKdkNaZlF5TXZUU0VKS0FTQm1iSHNXakk5cTRSa29heW5IRFZpTHkrR2lpb1g1ZW1OOWp4WVU3VHM0Wmpqb2dldQppMHFwcWFSeHdJYzM2RFlmVjZyUmN5KzFOWXFIOUJaVWFwM0F4cG1CdGxmeGFZY1BlUk5jS1VSSDNlcz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
server: https://10.1.1.30:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJU1VvNkFhMXFtOGd3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TURBME1USXdOelF3TVRSYUZ3MHlNVEEwTVRJd056UXdNVFphTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXFaZzRrejRiQmxIOTdtN3QKa0ZqZk55OTRzVGlBL3ljT0g0bnEzV3ZxZG94cXV4NTJBUWFJZE01MXFTd3pSeklrc0w5RWZLb05BTXRQTGVOcApvaGtBajZVb2h3SC83bmRxc0M1d09xbnRVQVZ5TjdhL3BCUHJPL0V0Sm5EVElheDhRY0FhNXA1L2xrRUdlWkVEClQ3d29KMEFoOG9LN0kvQnhLN2d6Y1pTdlE3RTJtbURQT01Pd3dlOFY3cG45VFJkcU5PN2pDNnY5TmpXQ2FVUkEKWlVhS2pmbzgwUWUrbW5IcUJ3ZVBDRFJEMjRXL2I3TnNTbmFaK0taNXFsVGlwY2J1bEs2T2c0dXY4WVo4QXZCNgpKbWVqSkYrQTBMckpmd2QzN0Y2S1YrMjlBNkJVK1pEQllkK1FKT3h5cXpvWDRLaVYyT2RXVlFETWo5U3ZjN1pKCnBGQnd1d0lEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFDdmN1Z1BCUDN1UTJrTjZVeEpKUjdxS01EZVl3aVJ0VUpTdAp5em53RDZ5clhYU2NteGRTY0Uzb1g0Mm9YWGlSMW1BUGRMS3J5a0Izd3ROZEdwWTN2dVYva2FUU2p1L2lIUnpoClRlRXk1aTdRRDZSQ0xpRTVSeW9VanFwS3JFQkZyZ0VUNmhTV21QZkdDd2tJRExKM3BUenVsQWpOTnlXOHdIaUkKMlpDby9BVFRnRG9yVVgxUUFoeXUydzdRU044OTdWUDJOVUVHeDQzMFhxcDVsZkV1cTFnM3ZPK0h5MjVNK2VPMApJN2NNY1JQWm95aFJHcS83a0FqOXpKalkwRW0xUFNOVlpGeStDUFVvendEQW1hcm16amJCRlRtWk9adXlPbmRkCjY0NzVOZTZJMGZDNitEQUZzUU1iTFh0bkcwTTZMdFBzc0J4Zk5JYSs5eXRSMjdCblJqZz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBcVpnNGt6NGJCbEg5N203dGtGamZOeTk0c1RpQS95Y09ING5xM1d2cWRveHF1eDUyCkFRYUlkTTUxcVN3elJ6SWtzTDlFZktvTkFNdFBMZU5wb2hrQWo2VW9od0gvN25kcXNDNXdPcW50VUFWeU43YS8KcEJQck8vRXRKbkRUSWF4OFFjQWE1cDUvbGtFR2VaRURUN3dvSjBBaDhvSzdJL0J4SzdnemNaU3ZRN0UybW1EUApPTU93d2U4VjdwbjlUUmRxTk83akM2djlOaldDYVVSQVpVYUtqZm84MFFlK21uSHFCd2VQQ0RSRDI0Vy9iN05zClNuYVorS1o1cWxUaXBjYnVsSzZPZzR1djhZWjhBdkI2Sm1lakpGK0EwTHJKZndkMzdGNktWKzI5QTZCVStaREIKWWQrUUpPeHlxem9YNEtpVjJPZFdWUURNajlTdmM3WkpwRkJ3dXdJREFRQUJBb0lCQVFDWnJnbWVTOG43YVRNYwo2OEkwYW9RaklzNVFjVzViU0EzQlFKM21kWkxxU0FXemVEL2dZQVlwS3FsdVdsSkJNc3dTcWMrcTFBR2lkWmxUCmNON1k5NlVOaGRENnZqSW42bWh3TERTZ3hEajZxV1M5M2NrOUtwdWdIc1VXTDJqeSs3VkJjNDRzNnZXY3QySGgKcVNtQ0NIT3VWYXd0Y0krYVdwaUMwSkUxWEZHUm1UdkZrN2VQRHliYVJ6OVcxdUg3S21UOU4wL1VxK1JSNjFHSQo0YzUwVWI4cWJSZ0h4U2xHV2dPd2Nxa3FRL21LVE0wdG1BY2FkY2Jycng2clR2b0JMclZVTEZlN2FKVXVnMWRHCkRxdnMvL3pPWkpFbGtZL09VK0lmQm9vU0hkQXJJQ2RmK08wNmJxMTBmTyt1bUZGM3dmbXdIcjRTeXZMdWdHYmcKTHFRc0ppeUpBb0dCQU5LYlNFYlpJQ0pEQjBFeXJRVGkrQ1NkTHZvL21TaDBYMjZwdUUwN2NCc1krUXdDUkZWQQpkYmlsN2dDQnQ4czEzT1NFMEdMRWtPZVRNVFNtQ3p0Sm5ad0hJSVkxdHl4QjRpVXJlV0xDYWpCUlUvMVVVMDhjCjM3VE5IY0VLMFNQVVRrUkdiRDJoSWY0aHd4Mkt4YTFnUVZqMkdWN0J6dkQydTdDQTc4cVM0c3dWQW9HQkFNNG0KQWFqVmpRbXhvMHYwZCtBRklSZzRUaEp1Rjd0K01KcTNNeDRlZkpicW9UdDZMWVBkVFF4MHdtdjRsTmhJaFY0Sgo5MWVKUDBmRTI3SGViOWwrSzNuQ1pIL0tEeDdIMkNWdlZ4MVhQVVQzSjNkYTQ4UmZkVW5RbWZMWE51QU90V3VyCkNHdkE3anJvMDE0ZTlYeXBpZGVmYWRVMEVmMXNGbzN0ZlB2OUxlMlBBb0dCQU1XNU0yb1FmcktyNnl1eXYrMU8KaVZrV21Qd29xVW5wdDQ3Vm1Fb3ArMTMxWEJ1Q0pWVkVaMEVyeHY2Q3ltTGw5clEwWE0vZGE0MStDenc2aDJEcQpCQ1p3S29EVi9WcDNvREQxVjhqNGJXbGZjVkxzMENuK0dhaE15aHBxWlY4ViswVHVPTUREZm41d2hCWkFLc1pUCkVBYk5SWlJJc0ZoWnpHd3hJTzgyWitiaEFvR0FLZlIrUGZoSVhnS3pNMUFyM1lIdHZGb3BPWU1DZlh3dk5DMjQKejVadzBONHJ0a2tsWGtMNTNXRWQrSTk4NjQvRzVONnVZamhpa3A2ei83MC9ra29sV3dCL0o2cmQ3T3ZMUjhNagpQYXQxb3NXU1dLNDgwTWlFdkdNaUVkUlBMTWFSa2JvYldxTEhXV0h0TXFpbVdacS9uUXlxbzJPWGpiWWoyUHJPCmh4SjkrRzBDZ1lFQXU1RUE2eExxSy9aMmdqK2Q1YWNoNnlGSHRaQzUxbi8rMlVEeWVYRUk2cWlLcERCanYvd0QKRHkrMVVBaEdnQlNFcXArVGh6b08xN1J2S25ZaU04VUVlOTF1cHE4TWJZdnJFQkdtVlpqYThpYjNOQUJJbnduSQpmd0szYUp0MldhcVh1d3ZGakxaMWVvNkpseUVJNnptK0dSK0QrM2NvTlFpaDdSQXNOY25nUWFVPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
这样3个凭据就添加完成
##################################################################################################
部署项目
pipeline 脚本
// 所需插件: Git Parameter/Git/Pipeline/kubernetes/Kubernetes Continuous Deploy
// 公共
def registry = "10.1.1.11"
// 项目
def project = "library"
def app_name = "java-demo"
def image_name = "${registry}/${project}/${app_name}:${BUILD_NUMBER}"
def git_address = "http://10.1.1.11:9999/java/java-demo.git"
// 认证
def secret_name = "registry-pull-secret"
def docker_registry_auth = "165df68f-0111-498d-8e79-c1442f86a1eb"
def git_auth = "14f9637f-7a54-45ba-8fce-dfe1950a074d"
def k8s_auth = "e65d5877-aa77-4373-a897-f52a8390534b"
pipeline {
agent {
kubernetes {
label "jenkins-slave"
yaml """
kind: Pod
metadata:
name: jenkins-slave
spec:
containers:
- name: jnlp
image: "${registry}/library/jenkins-slave-jdk:1.8"
imagePullPolicy: Always
volumeMounts:
- name: docker-cmd
mountPath: /usr/bin/docker
- name: docker-sock
mountPath: /var/run/docker.sock
- name: maven-cache
mountPath: /root/.m2
volumes:
- name: docker-cmd
hostPath:
path: /usr/bin/docker
- name: docker-sock
hostPath:
path: /var/run/docker.sock
- name: maven-cache
hostPath:
path: /tmp/m2
"""
}
}
parameters {
gitParameter branch: '', branchFilter: '.*', defaultValue: 'master', description: '选择发布的分支', name: 'Branch', quickFilterEnabled: false, selectedValue: 'NONE', sortMode: 'NONE', tagFilter: '*', type: 'PT_BRANCH'
choice (choices: ['1', '3', '5', '7'], description: '副本数', name: 'ReplicaCount')
choice (choices: ['dev','test','prod'], description: '命名空间', name: 'Namespace')
}
stages {
stage('拉取代码'){
steps {
checkout([$class: 'GitSCM',
branches: [[name: "${params.Branch}"]],
doGenerateSubmoduleConfigurations: false,
extensions: [], submoduleCfg: [],
userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]]
])
}
}
stage('代码编译'){
steps {
sh """
mvn clean package -Dmaven.test.skip=true
"""
}
}
stage('构建镜像'){
steps {
withCredentials([usernamePassword(credentialsId: "${docker_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) {
sh """
echo '
FROM ${registry}/library/tomcat:v1
LABEL maitainer lizhenliang
RUN rm -rf /usr/local/tomcat/webapps/*
ADD target/*.war /usr/local/tomcat/webapps/ROOT.war
' > Dockerfile
docker build -t ${image_name} .
docker login -u ${username} -p '${password}' ${registry}
docker push ${image_name}
"""
}
}
}
stage('部署到K8S平台'){
steps {
sh """
sed -i 's#IMAGE_NAME#${image_name}#' deploy.yaml
sed -i 's#SECRET_NAME#${secret_name}#' deploy.yaml
sed -i 's#RSCOUNT#${ReplicaCount}#' deploy.yaml
sed -i 's#NS#${Namespace}#' deploy.yaml
"""
kubernetesDeploy configs: 'deploy.yaml', kubeconfigId: "${k8s_auth}"
}
}
}
}
创建名称空间
kubectl create ns dev
创建拉取规则
kubectl create secret docker-registry dockerpullauth --docker-username=admin --docker-password=Harbor12345 --docker-server=10.1.1.11 -n dev
gitlab部署 deploy.yaml yaml 脚本
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: web
spec:
replicas: 1
selector:
matchLabels:
app: java-demo
template:
metadata:
labels:
app: java-demo
spec:
imagePullSecrets:
- name: SECRET_NAME
containers:
- name: tomcat
image: IMAGE_NAME
ports:
- containerPort: 8080
name: web
livenessProbe:
httpGet:
path: /
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
readinessProbe:
httpGet:
path: /
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 5
failureThreshold: 12
---
apiVersion: v1
kind: Service
metadata:
name: web
spec:
type: NodePort
selector:
app: java-demo
ports:
- protocol: TCP
port: 80
targetPort: 8080
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: web
spec:
rules:
- host: java.example.com
http:
paths:
- path: /
backend:
serviceName: web
servicePort: 80
更多推荐
所有评论(0)