K8S集群DIND模式下jenkins构建

k8s中dind模式下jenkins使用podTemplate模板流水线

m0_37647271

688人浏览 · 2022-11-01 11:23:02

m0_37647271 · 2022-11-01 11:23:02 发布

本文使用腾讯TKE集群示例

准备步骤

集群部署DIND可使用DaemonSet模式

参考：

apiVersion: apps/v1
kind: DaemonSet
metadata:
  annotations:
    deprecated.daemonset.template.generation: "1"
  generation: 1
  managedFields:
  - apiVersion: apps/v1
    manager: tke-apiserver
  - apiVersion: apps/v1
    manager: kube-controller-manager
    operation: Update
    subresource: status
  name: docker-ci
  namespace: devops
spec:
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: docker-ci
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: docker-ci
    spec:
      containers:
      - command:
        - dockerd
        - --host=unix:///var/run/docker.sock
        - --host=tcp://0.0.0.0:8000
        image: docker:stable-dind
        imagePullPolicy: IfNotPresent
        name: docker-ci
        resources: {}
        securityContext:
          privileged: true
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /var/run
          name: host
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
      - hostPath:
          path: /var/run
          type: ""
        name: host
  updateStrategy:
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
    type: RollingUpdate

jenkins准备步骤

1. 安装kuberneters插件

2.配置对接集群配置

准备步骤完成

流水线编写

// properties内编写参数化内容
properties(
    [
        parameters([
            string(name: 'project', defaultValue: 'tomatotree'),
            gitParameter(branchFilter: 'origin/(.*)', defaultValue: 'master', name: 'BRANCH', type: 'PT_BRANCH_TAG', selectedValue: 'DEFAULT', sortMode: 'ASCENDING_SMART',),
            choice(choices: ['dev', 'devops', 'prod'], description: 'namespace', name: 'ENV')
        ])
    ]
)
environment {
      ENV = "$params.ENV"
    }
def label = "jenkins"
def HARBOR_HOST = "example"
podTemplate(label: label, cloud: 'kubernetes', imagePullSecrets: ['t-harbor'],
    containers: [
        containerTemplate(name: 'node', image: 'node:14.16.1-alpine3.10', ttyEnabled: true, command: 'cat'),
        containerTemplate(name: 'maven', image: 'maven:3.6.3-jdk-8', ttyEnabled: true, command: 'cat'),
        containerTemplate(name: 'docker', image: 'docker:20.10.12-dind', ttyEnabled: true, command: 'cat'),
        containerTemplate(name: 'kubectl', image: 'kumahq/kubectl:v1.20.15', ttyEnabled: true, command: 'cat'),
    ], volumes: [
        hostPathVolume(hostPath: '/var/run/', mountPath:'/var/run'),
        hostPathVolume(hostPath: '/etc/hosts', mountPath: '/etc/hosts'),
        persistentVolumeClaim(claimName: 'jenkins-build-pvc', mountPath: '/root/repo'),
        persistentVolumeClaim(claimName: 'jenkins-maven', mountPath: '/root/.m2')
    ], workspaceVolume: persistentVolumeClaimWorkspaceVolume(claimName: 'jenkins-workspace-pvc')
    )     {
    node(label) {
        stage('Git Clone') {
        git branch: "${params.BRANCH}", credentialsId: 'XXXX-TEST', url: 'example.git'
        }
// 增加sonar检测 这里的sonar请根据自己项目jdk版本选择使用
        // stage('SonarQube Analysis') {
        //     container('maven'){
        //     withSonarQubeEnv(credentialsId: 'sonar') {
        //         configFileProvider([configFile(fileId: 'csih-mvn', variable: 'SETTINGS')]){
        //         sh "mvn clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:3.2:sonar  -Dsonar.projectKey=example -s ${SETTINGS}"
        //         }
        //       }
        //     } 
        // }     
        stage('Maven Build') {
            container('maven'){
                configFileProvider([configFile(fileId: 'csih-mvn', variable: 'SETTINGS')]){
                sh "mvn clean package -s ${SETTINGS} -Dmaven.test.skip=true"
                }
            }
        }
        stage('Docker Build') {
            container('docker'){
                withCredentials([usernamePassword(credentialsId: "harbor", passwordVariable: 'HARBOR_PWD', usernameVariable: 'HARBOR_USERNAME')]) 
                {
                    sh "docker login " + HARBOR_HOST + " -u ${HARBOR_USERNAME} -p ${HARBOR_PWD}"
                    sh "docker build -t " + HARBOR_HOST + "/${params.project}/${JOB_NAME}:${params.BRANCH} ."
                    sh "docker push " + HARBOR_HOST + "/${params.project}/${JOB_NAME}:${params.BRANCH}"      
                }
            }
        }
// 部署方式根据自己风格选择滚动，脚本，模板均可此处直接使用滚动部署，镜像拉取策略为always
        stage('Deploy') {
            container('kubectl'){
            withKubeConfig([credentialsId: 'tke-config', serverUrl: 'https://10.1.0.13', namespace: 'devops']) {
            sh "kubectl rollout restart deployment ${JOB_NAME} -n ${params.ENV} "      
        //     kubernetesDeploy(configs: 'k8s-deployment.yml', kubeconfigId: "k8s-client")
              }
           }
        }
    }
}

最终执行效果

K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 | 韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号前言台湾作家林清玄在接受记者采访的时候，如此评价自己 30 多年写作生涯：“第一个十年我才华横溢，‘贼光闪现’，令周边黯然失色；第二个十年，我终于‘宝光现形’，不再去抢风头，反而与身边的美丽相得益彰；进入第三个十年，繁华落尽见真醇，我进入了‘醇光初现’的阶段，真正体味到了境界之美”。长夜有穷，真水无香。领略过了 K8s“身在江

K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台？

作者 | 孙健波（天元）导读：当前云原生 DevOps 体系现状如何？面临哪些挑战？如何通过 OAM 解决云原生 DevOps 场景下的诸多问题？云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答，并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps？为什么基于 Kub