jenkins CI/CD流水线的实施操作
cd/cd流程的一些简单实施使用,本次实施架构:jenkins + k8s + docker + harbor + gitee
·
jenkins是安装的推荐插件,本次测试环境还需要安装的插件如下:
安装插件
Git 拉取代码
Git Parameter 列出仓库地址的分支和tag
Pipeline 流水线
kubernetes 用于连接Kubernetes动态创建Slave代理
Config File Provider 用于存储kubectl用于连接k8s集群的kubeconfig配置文件
1、jenkins凭证设置:
1.1 设置harbor凭证
系统管理 --> 凭证管理
系统管理 --> 凭证管理--> System --> 系统 --> 全局凭证
1.2 创建gitee凭证
登录gitee --> 设置 --> 私人令牌 --> 生成新令牌
记得复制
登录jenkins添加凭证,密码填写令牌
2、存储kubectl用于连接k8s集群的kubeconfig配置文件
3、 定制agent
[root@longxi-01 new]# vim Dockerfile
FROM jenkins/inbound-agent
USER root
#修改镜像时区
RUN ln -sf /usr/share/zoneinfo/Asia/ShangHai /etc/localtime && \
echo "Asia/Shanghai" > /etc/timezone && \
dpkg-reconfigure -f noninteractive tzdata #重新配置tzdata软件包,使得时区设置生效
#修改debia源
RUN echo "deb http://mirrors.163.com/debian/ buster main" > /etc/apt/sources.list && \
echo "deb http://mirrors.163.com/debian/ buster-updates main non-free contrib" >> /etc/apt/sources.list && \
echo "deb http://mirrors.163.com/debian-security/ buster/updates main non-free contrib" >> /etc/apt/sources.list
#安装docker相关依赖
RUN apt-get update && \
apt-get -y install apt-transport-https ca-certificates curl gnupg2 apt-utils lsb-release software-properties-common && \
curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/debian/gpg | apt-key add - && \
add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/debian $(lsb_release -cs) stable" && \
apt-get -y install docker-ce
#安装kubectl
RUN apt-get install -y apt-transport-https && \
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add - && \
echo "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list && \
apt-get install kubectl创建自己的jenkins-slave,构建时间比较长要等一下,如果用jenkins用户的话还需要装一下sudo
[root@longxi-01 new]# docker build -t harbor.yuanlinux.com/library/my-jenkins-slave:v5 .
上传到harbor
[root@longxi-01 new]# docker push harbor.yuanlinux.com/library/my-jenkins-slave:v54、jenkins创建流水线
我先前测试时已创建了一个,具体创建如下:
5、流水线语法:
5.1 使用流水线语法生成pipeline语法
如:拉取git仓库:
pipeline脚本如下:
pipeline {
parameters {
choice choices: ['dev', 'pro'], description: '命名空间,dev为测试环境,pro为线上环境', name: 'env_Namespace'
choice choices: ['1', '3', '5'], description: '副本集', name: 'env_replicas'
listGitBranches branchFilter: '.*', credentialsId: 'gitee凭证', defaultValue: '', listSize: '5', name: 'branch', quickFilterEnabled: false, remoteURL: '仓库地址', selectedValue: 'NONE', sortMode: 'NONE', tagFilter: '*', type: 'PT_BRANCH_TAG'
}
agent {
kubernetes {
cloud 'jenkins'
label "jenkins-slave"
yaml '''
apiVersion: v1
kind: Pod
metadata:
name: jenkins-slave
spec:
hostAliases:
- hostnames:
- harbor.yuanlinux.com
ip: 10.211.55.5
containers:
- name: jnlp
image: harbor.yuanlinux.com/library/my-jenkins-slave:v5
imagePullPolicy: Always
volumeMounts:
- name: docker-sock
mountPath: /var/run/docker.sock
volumes:
- name: docker-sock
hostPath:
path: /var/run/docker.sock
'''
}
}
environment {
HARBOR_ACCOUNT = credentials('2bde32ee-9ccd-44f2-84f9-21652686e4cb')
HARBOR_URL = 'harbor.yuanlinux.com'
BUILD_DATE = sh(script: 'date "+%Y%m%d%H%M%S"', returnStdout: true).trim()
PT_BRANCH_TAG = "${params.branch}".replaceAll('/','_')
VERSION_SUFFIX = "${PT_BRANCH_TAG}_${BUILD_DATE}"
K8S_AUTH = '525600e0-343f-4a48-95ad-7a17f63c8c1b'
}
stages {
stage('初始化环境') {
steps {
sh "docker login ${HARBOR_URL} -u '${HARBOR_ACCOUNT_USR}' -p '${HARBOR_ACCOUNT_PSW}'"
}
}
stage('命令测试') {
steps {
sh 'ls -l /etc/docker/certs.d/harbor.yuanlinux.com'
}
}
stage('拉取代码') {
steps {
checkout scmGit(branches: [[name: '${branch}']], extensions: [], userRemoteConfigs: [[credentialsId: 'jenkins凭证', url: '代码仓库']])
}
}
stage('构建镜像上传至harbor') {
steps {
sh "docker pull '${HARBOR_URL}'/library/php8.1.0-alpine:v3"
sh "docker build -t '${HARBOR_URL}'/library/${env.project_name}:${VERSION_SUFFIX} ."
// sh "docker push '${HARBOR_URL}'/library/${env.project_name}:${VERSION_SUFFIX}"
sh "docker rmi '${HARBOR_URL}'/library/${env.project_name}:${VERSION_SUFFIX}"
}
}
stage('部署至k8s的dev命名空间') {
when { expression { params.env_Namespace == "dev" } }
steps {
configFileProvider([configFile(fileId: "${K8S_AUTH}", targetLocation: 'admin-kubeconfig')]) {
sh """
sed -i 's#REPLICAS#${params.env_replicas}#' nginx.yaml
kubectl apply -f nginx.yaml -n ${params.env_Namespace} --kubeconfig=admin-kubeconfig
kubectl get pods,svc -n ${params.env_Namespace} --kubeconfig=admin-kubeconfig
sleep 10
kubectl delete -f nginx.yaml -n ${params.env_Namespace} --kubeconfig=admin-kubeconfig
"""
}
}
}
stage('部署至k8s的pro命名空间') {
when { expression { params.env_Namespace == "pro" } }
steps {
script {
wrap([$class: 'BuildUser']) {
BUILD_USER = "${env.BUILD_USER}"
}
//执行sh,查看时间并生成md5取前6位字符
random = sh(returnStdout: true, script: 'date +%s%N | md5sum | cut -c 1-6').trim()
approvalMap = input(
message: "是否确定发布?" ,
ok: "确定",
parameters: [
string(defaultValue: '', description: "请输入验证码 ${random}", name: 'random_ent', trim: true),
string(defaultValue: '', description: '请输入上线原因', name: 'deployReason', trim: true)
],
submitter: "admin",
submitterParameter: 'approver'
)
if (approvalMap['random_ent'] != random) {
error("验证码不匹配,终止本次发布操作。")
}
//获取上线原因值
def userInputRandom = approvalMap['deployReason']
env.release_Reason = userInputRandom.isEmpty() ? null : userInputRandom
}
configFileProvider([configFile(fileId: "${K8S_AUTH}", targetLocation: 'admin-kubeconfig')]) {
sh """
sed -i 's#REPLICAS#${params.env_replicas}#' nginx.yaml
kubectl apply -f nginx.yaml -n ${params.env_Namespace} --kubeconfig=admin-kubeconfig
kubectl get pods,svc -n ${params.env_Namespace} --kubeconfig=admin-kubeconfig
sleep 10
kubectl delete -f nginx.yaml -n ${params.env_Namespace} --kubeconfig=admin-kubeconfig
"""
}
}
post {
success {
echo "成功部署到pro✅"
}
failure {
echo "部署到pro失败❎"
}
}
}
}
}我这是测试环境,就测试了一下打包容器版本上传harbor和是否发布在k8s的功能。dockerfile文件和nginx.yaml文件都在仓库中
6、构建
接下来我们打包:
6.1 构建dev环境
6.2 构建pro环境,测试一下input
7、总结
本地测试环境部署完后,为了测试部署发布流程一直在踩坑,当时也没记录,文章不是很详细只能给大家提供一个思路和一些写法。。
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
31
0- 0
已为社区贡献7条内容
所有评论(0)