安装 Jenkins
将Jenkins部署到default命名空间下。要求完成离线插件的安装,设置Jenkins的登录信息和授权策略。
上传BlueOcean.tar.gz包
[root@k8s-master-node1 ~]#tar -zxvf BlueOcean.tar.gz
[root@k8s-master-node1 ~]#cd BlueOcean/images/
vim /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"insecure-registries": ["0.0.0.0/0"]
"registry-mirrors": ["https://hub.rat.dev"]
}
[root@k8s-master-node1 images]# docker load -i java_8-jre.tar
[root@k8s-master-node1 images]# docker load -i jenkins_jenkins_latest.tar
[root@k8s-master-node1 images]# docker load -i gitlab_gitlab-ce_latest.tar
[root@k8s-master-node1 images]# docker load -i maven_latest.tar
[root@k8s]# docker tag maven:latest 10.32.22.240/library/maven
#harbor仓库默认地址就是ip:80
默认账号admin,Harbor12345
[root@k8s-master-node1 images]# docker login 10.32.22.240
Username: admin
Password: (Harbor12345)
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
[root@k8s-master-node1 images]# docker push 10.32.22.240/library/maven
#安装Jenkins
[root@k8s-master-node1 BlueOcean]# kubectl create ns devops
[root@k8s-master-node1 BlueOcean]# vim jenkins.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: jenkins
name: jenkins
namespace: devops
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
nodeName: k8s-master-node1 # 强制调度到master节点
containers:
- image: jenkins/jenkins:latest
name: jenkins
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
name: jenkins8080
securityContext:
runAsUser: 0
privileged: true
volumeMounts:
- name: jenkins-home
mountPath: /var/jenkins_home
- name: docker-home
mountPath: /run/docker.sock
- name: docker
mountPath: /usr/bin/docker
- name: kubectl
mountPath: /usr/bin/kubectl
- name: kube
mountPath: /root/.kube
volumes:
- name: jenkins-home
hostPath:
path: /home/jenkins_home
- name: docker-home
hostPath:
path: /run/docker.sock
- name: docker
hostPath:
path: /usr/bin/docker
- name: kubectl
hostPath:
path: /usr/bin/kubectl
- name: kube
hostPath:
path: /root/.kube
[root@k8s-master-node1 BlueOcean]# kubectl apply -f jenkins.yaml
deployment.apps/jenkins created
[root@k8s-master-node1 ~]# kubectl get pod -n devops
NAME READY STATUS RESTARTS AGE
jenkins-7d4f5696b7-hqw9d 1/1 Running 0 88s进入jenkins,确定docker和kubectl成功安装
[root@k8s-master-node1 ~]# kubectl exec -it -n default jenkins-7d4f5696b7-hqw9d bash
[root@k8s-master-node1 BlueOcean]# vim jenkins.yaml # 进入修改
---
apiVersion: v1
kind: Service
metadata:
labels:
app: jenkins
name: jenkins
namespace: devops
spec:
ports:
- port: 8080
name: jenkins8080
nodePort: 30880
- name: jenkins50000
port: 50000
nodePort: 30850
selector:
app: jenkins
type: NodePort
[root@k8s-master-node1 BlueOcean]# kubectl apply -f jenkins.yaml
service/jenkins created
[root@k8s-master-node1 ~]# kubectl get -n devops svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
jenkins NodePort 10.96.53.170 <none> 8080:30880/TCP 10s
[root@k8s-master-node1 BlueOcean]# kubectl -n devops cp plugins/ jenkins-7d4f5696b7-hqw9d:/var/jenkins_home/
# 查看密码
[root@k8s-master-node1 BlueOcean]# kubectl -n devops exec jenkins-7d4f5696b7-hqw9d -- cat /var/jenkins_home/secrets/initialAdminPassword
32c47352c469a4ef58e8a797226949e88访问 ip:30880 进入jenkins*
前面安装了离线插件,所以这里需要重启 jenkins ,地址栏加入 restart 完成重启
ip:30880/restart
安装 GitLab
将 GitLab 部署到 default 命名空间下,要求设置 root 用户密码,新建公开项目,并将提供的代码上传到该项目。
[root@k8s-master-node1 BlueOcean]# vim gitlab.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: gitlab
name: gitlab
namespace: devops
spec:
replicas: 1
selector:
matchLabels:
app: gitlab
strategy: {}
template:
metadata:
labels:
app: gitlab
spec:
containers:
- image: gitlab/gitlab-ce:latest
imagePullPolicy: IfNotPresent
name: gitlab-ce
ports:
- containerPort: 80
env:
- name: GITLAB_ROOT_PASSWORD
value: admin@123
- name: GITLAB_RORT
value: “80”
ports:
- containerPort: 443
name: gitlab443
- containerPort: 80
name: gitlab80
[root@k8s-master-node1 BlueOcean]# kubectl apply -f gitlab.yaml
deployment.apps/gitlab created
[root@k8s-master-node1 BlueOcean]# kubectl get pod -n devops
NAME READY STATUS RESTARTS AGE
gitlab-5b47c8d994-8s9qb 1/1 Running 0 17s
jenkins-bbf477c4f-55vgj 1/1 Running 1 (15m ago) 34m
[root@k8s-master-node1 BlueOcean]# vim gitlab.yaml # 进入添加
---
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: gitlab
name: gitlab
namespace: devops
spec:
ports:
- port: 80
nodePort: 30888
- port: 443
nodePort: 30443
name: gitlab443
selector:
app: gitlab
type: NodePort
[root@k8s-master-node1 BlueOcean]# kubectl apply -f gitlab.yaml
deployment.apps/gitlab configured
service/gitlab created
[root@k8s-master-node1 BlueOcean]# kubectl get svc -n devops
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
gitlab NodePort 10.96.149.160 <none> 80:30888/TCP 6s
jenkins NodePort 10.96.174.123 <none> 8080:30880/TCP 8m7s访问IP:30888 root , admin@123 登录 Gitlab*
出现502或者无法访问是正常情况,gitlab启动就是慢
将springcloud文件夹中的代码上传到该项目,Gitlab提供了代码示例
[root@k8s-master-node1 BlueOcean]# cd springcloud/
[root@k8s-master-node1 springcloud]# git config --global user.name "Administrator"
[root@k8s-master-node1 springcloud]# git config --global user.email "admin@example.com"
[root@k8s-master-node1 springcloud]# git remote remove origin
[root@k8s-master-node1 springcloud]# git remote add origin http://192.168.100.23:30888/root/springcloud.git
[root@k8s-master-node1 springcloud]# git add .
[root@k8s-master-node1 springcloud]# git commit -m "Initial commit"
# On branch master
nothing to commit, working directory clean
[root@k8s-master-node1 springcloud]# git push -u origin master
Username for 'http://192.168.100.23:30888': root
Password for 'http://root@192.168.100.23:30888':(admin@123)
Counting objects: 3192, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (1428/1428), done.
Writing objects: 100% (3192/3192), 1.40 MiB | 0 bytes/s, done.
Total 3192 (delta 1233), reused 3010 (delta 1207)
remote: Resolving deltas: 100% (1233/1233), done.
To http://192.168.100.23:30888/root/springcloud.git
* [new branch] master -> master
Branch master set up to track remote branch master from origin.配置 Jenkins 与 GitLab 集成
在 Jenkins 中新建流水线任务,配置 GitLab 连接 Jenkins
在GitLab生成名为jenkins的“Access Tokens” * CEhJMTAanzJQWDYHk318
返回 jenkins
回到 Gitlab ,复制 token
复制后填写到此
构建 CI/CD 环境
在流水线任务中编写流水线脚本,完成后触发构建,要求基于 GitLab 中的 项目自动完成代码编译、镜像构建与推送、并自动发布服务到 Kubernetes 集群 中。
创建命名空间
[root@k8s-master-node1 ~]# kubectl create ns springcloud
新建流水线
添加 Gitlab 用户密码
记住脚本路径的名称 Jenkinsfile ,后面创建的流水线文件名与此匹配
Harbor 仓库创建公开项目 springcloud
返回 Gitlab 准备编写流水线
# 添加映射
[root@k8s-master-node1 ~]# cat /etc/hosts
192.168.200.100 apiserver.cluster.local # 选择这一行
# 进入jenkins 添加映射
[root@k8s-master-node1 ~]# kubectl exec -it -n devops jenkins-bbf477c4f-55vgj bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
root@jenkins-bbf477c4f-55vgj:/# echo "192.168.200.100 apiserver.cluster.local" >> /etc/hosts
root@jenkins-bbf477c4f-55vgj:/# cat /etc/hosts # 查看是否成功
# 编写流水线
pipeline{
agent none
stages{
stage('mvn-build'){
agent{
docker{
image '192.168.200.100/library/maven'
args '-v /root/.m2:/root/.m2'
}
}
steps{
sh 'cp -rvf /opt/repository /root/.m2'
sh 'mvn package -DskipTests'
}
}
stage('image-build'){
agent any
steps{
sh 'cd gateway && docker build -t 192.168.200.100/springcloud/gateway -f Dockerfile .'
sh 'cd config && docker build -t 192.168.200.100/springcloud/config -f Dockerfile .'
sh 'docker login 192.168.200.100 -u=admin -p=Harbor12345'
sh 'docker push 192.168.200.100/springcloud/gateway'
sh 'docker push 192.168.200.100/springcloud/config'
}
}
stage('cloud-deployment'){
agent any
steps{
sh 'sed -i "s/sqshq\\/piggymetrics-gateway/192.168.200.100\\/springcloud\\/gateway/g" yaml/deployment/gateway-deployment.yaml'
sh 'sed -i "s/sqshq\\/piggymetrics-config/192.168.200.100\\/springcloud\\/config/g" yaml/deployment/config-deployment.yaml'
sh 'kubectl apply -f /var/jenkins_home/workspace/springcloud/yaml/deployment/gateway-deployment.yaml'
sh 'kubectl apply -f /var/jenkins_home/workspace/springcloud/yaml/deployment/config-deployment.yaml'
sh 'kubectl apply -f /var/jenkins_home/workspace/springcloud/yaml/svc/gateway-svc.yaml'
sh 'kubectl apply -f /var/jenkins_home/workspace/springcloud/yaml/svc/config-svc.yaml'
}
}
}
}保存流水线文件,配置Webhook触发构建
http://192.168.200.100:30880/job/springcloud
创建成功进行测试,成功后返回 jenkins 会发现流水线已经开始自动构建
流水线执行成功
springcloud 项目镜像上传成功
# 流水线构建的项目全部运行
[root@k8s-master-node1 ~]# kubectl get pod -n springcloud
NAME READY STATUS RESTARTS AGE
config-77c74dd878-8kl4x 1/1 Running 0 28s
gateway-5b46966894-twv5k 1/1 Running 1 (19s ago) 28s
[root@k8s-master-node1 ~]# kubectl -n springcloud get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
config NodePort 10.96.137.40 <none> 8888:30015/TCP 4m3s
gateway NodePort 10.96.121.82 <none> 4000:30010/TCP 4m4s
* *等待 PIg 微服务启动,访问 ip:30010 查看构建成功*本文由博客一文多发平台 OpenWrite 发布!
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。