第六课 Kubernetes生产级实践-CICD的实践
tags:
- k8s
- 慕课网
categories:
- CICD
- 健康检查
第一节 CICD流程介绍和工具
- 没有k8s时CICD流程。git服务器->maven构建->发布到指定服务器上->调用脚本(停止、启动)
- 这样做可能有一些问题。
- 服务间断
- 环境不可控(其他人修改)
- 多次构建 开发环境dev->测试环境test->预发布环境release->准生产环境pre->生产环境product
- 在k8s上的k8s流程。git ->maven->构建镜像->推送到仓库->k8s部署->k8s健康检查(配置自己的健康检查的api)
- k8s的CICD的好处。
- 环境稳定
- 服务不间断(k8s本身就保证了高可用,因为至少一个实例)
- 一次构建 多环境运行(代码中环境相关配置配置到配置中心或者configMap中)
第二节 jenkins安装部署使用
- jenkins官网:https://www.jenkins.io/
# 安装在主节点上
sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
yum install jenkins
systemctl restart jenkins
vim /root/script/build-image-web.sh
chmod 777 /root/script/build-image-web.sh
- 构建pipeline
node {
env.BUILD_DIR = "/root/build-workspace/"
env.MODULE = "web-demo"
stage('Preparation') { // for display purposes
// 下载代码
git 'https://gitee.com/qnhyn/mooc-k8s-demo-docker.git'
}
stage('Maven Build') { // for display purposes
// Maven构建
sh "mvn -pl ${MODULE} -am clean package"
}
stage('Preparation') { // for display purposes
// 构建镜像
sh "/root/script/build-image-web.sh"
}
}
- 完成构建镜像脚本文件
#!/bin/bash
if ["${BUILD_DIR}" == ""]; then
echo "env 'BUILD_DIR' is not set"
exit 1
fi
DOCKER_DIR=${BUILD_DIR}/${JOB_NAME}
if [ ! -d ${DOCKER_DIR} ]; then
mkdir -p ${DOCKER_DIR}
fi
echo "docker workspace: ${DOCKER_DIR}"
JENKINS_DIR=${WORKSPACE}/${MODULE}
echo "jenkins workspace: ${JENKINS_DIR}"
if [ ! -f ${JENKINS_DIR}/target/*.war ]; then
echo "target war file not found ${JENKINS_DIR}/target/*.war"
exit 1
fi
cd ${DOCKER_DIR}
rm -rf *
unzip -oq ${JENKINS_DIR}/target/*.war -d ./ROOT
mv ${JENKINS_DIR}/Dockerfile .
if [ -d ${JENKINS_DIR}/dockerfiles ]; then
mv ${JENKINS_DIR}/dockerfiles .
fi
VERSION=$(date +%Y%m%d%H%M%S)
IMAGE_NAME=192.168.242.130/k8s/${JOB_NAME}:${VERSION}
# 把镜像名字写到本地文件上
echo "${IMAGE_NAME}" > ${WORKSPACE}/IMAGE
docker build -t ${IMAGE_NAME} .
docker push ${IMAGE_NAME}
- 部署pipeline
node {
env.BUILD_DIR = "/root/build-workspace/"
env.MODULE = "web-demo"
stage('Preparation') { // for display purposes
// 下载代码
git 'https://gitee.com/qnhyn/mooc-k8s-demo-docker.git'
}
stage('Maven Build') { // for display purposes
// Maven构建
sh "mvn -pl ${MODULE} -am clean package"
}
stage('Deploy') { // for display purposes
// 构建镜像
sh "/root/script/deploy.sh"
}
}
- 创建一个部署模板
#deploy
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{name}}
spec:
selector:
matchLabels:
app: {{name}}
replicas: 1
template:
metadata:
labels:
app: {{name}}
spec:
containers:
- name: {{name}}
image: {{image}}
ports:
- containerPort: 8080
---
#service
apiVersion: v1
kind: Service
metadata:
name: {{name}}
spec:
ports:
- port: 80
protocol: TCP
targetPort: 8080
selector:
app: {{name}}
type: ClusterIP
---
#ingress
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{name}}
spec:
rules:
- host: {{host}}
http:
paths:
- path: /
backend:
serviceName: {{name}}
servicePort: 80
- 完成部署脚本。以及集群的健康检查。kubectl get deploy k8s-web-demo1 -o yaml
# 获取健康值
kubectl get deploy k8s-web-demo1 -o go-template='{{.status.replicas}},{{.status.updatedReplicas}},{{.status.readyReplicas}},{{.status.availableReplicas}}'
name=${JOB_NAME}
image=$(cat ${WORKSPACE}/IMAGE)
host=${HOST}
echo "deploying ... name: ${name}, image: ${image}, host: ${host}"
cp $(dirname "${BASH_SOURCE[0]}")/template/web.yaml .
# 替换模板中的变量
sed -i "s,{{name}},${name},g" web.yaml
sed -i "s,{{image}},${image},g" web.yaml
sed -i "s,{{host}},${host},g" web.yaml
echo "apply ok"
kubectl apply -f web.yaml
sleep 5
cat web.yaml
# 健康检查 取出有关健康检查的字段 kubectl get deployment
success=0
count=60
IFS=","
while [ ${count} -gt 0 ]
do
replicas=$(kubectl get deploy ${name} -o go-template='{{.status.replicas}},{{.status.updatedReplicas}},{{.status.readyReplicas}},{{.status.availableReplicas}}')
echo "replicas: ${replicas}"
arr=(${replicas})
if [ "${arr[0]}" == "${arr[1]}" -a "${arr[1]}" == "${arr[2]}" -a "${arr[2]}" == "${arr[3]}"];then
echo "health check success"
success=1
break
fi
((count--))
sleep 2
done
if [ ${successs} -ne 1]; then
echo "health check failed!"
exit 1
fi
- 可以看到我们刚启动容器就开始检测。可能会误报,可以通过延时个5秒,等他启动。更准确的方式是获取下面字段的值。启动前获取一次,启动后获取一次,会自动加一。保证他完成启动。