一、配置Kubernetes插件
1、在K8S集群添加kubernetes插件,用于连接k8s集群,安装Kubernetes Continuous Deploy(目前测试高版本存在无法发布的问题,建议使用1.0.0版本)插件,用于发布deployment到k8s集群。
2、通过k8s的config文件生成证书并上传jenkins。
查看 /root/.kube/config文件,文件中有三个值 certificate-authority-data 、client-certificate-data 、 client-key-data
解码它们获得证书 ,注意将上面的值替换称自己的一大长传字符串
echo certificate-authority-data | base64 -d > ca.crt echo client-certificate-data | base64 -d > client.crt echo client-key-data | base64 -d > client.key
根据这三个文件生成一个PKCS12格式的客户端证书文件
openssl pkcs12 -export -out cert.pfx -inkey client.key -in client.crt -certfile ca.crt
将生成的 cert.pfx 上传到jenkins凭证,选择PKCS证书。
3、在jenkins上添加k8s
系统管理=》节点管理=》Configure Cloud
服务证书key内容为前面生成的ca.crt内容,凭据选择前面添加的PKCS证书。
以上配置后kubernetes插件内容已配置完成。
二、配置Kubernetes Continuous Deploy插件
1、kubernetes CD 只需要安装插件,然后在jenkins配置证书就可以连接,Content内容即为k8s集群中.kube/config内容,全部复制粘贴即可。
三、在以下路径指定jenkins代理端口
jenkins系统管理–>全局安全配置–>代理
四、创建pipeline流水线任务。
env.CREDENTIALSID = 'pipelinetest'
env.GIT_URL = 'http://192.168.1.100:8088/pipelinecloud.git'
env.params_SERVER_NAME = 'socket'
env.params_SERVER_PORT = '8080'
env.params_SERVER_PATH = 'server/socket'
env.HARBOR = '192.168.1.140/server/socket'
podTemplate(name: 'jenkins-slave',label: 'jenkins-slave', cloud: 'kubernetes-test',namespace: 'jenkins', containers: [
containerTemplate(
name: 'jnlp',
image: '192.168.1.140/library/jnlp-slave-maven:latest',
ttyEnabled: true,
privileged: false,
alwaysPullImage: false,
)
],
volumes:[
hostPathVolume(mountPath: '/var/run/docker.sock', hostPath: '/var/run/docker.sock'),
hostPathVolume(mountPath: '/etc/localtime', hostPath: '/etc/localtime'),
hostPathVolume(mountPath: '/usr/bin/docker', hostPath: '/usr/bin/docker'),
nfsVolume(mountPath: '/usr/local/maven',serverAddress: '192.168.1.10',serverPath: '/var/Data/maven', readOnly: false),
nfsVolume(mountPath: '/home/jenkins/Deployment',serverAddress: '192.168.1.10',serverPath: '/var/Data/Deployment', readOnly: false),
nfsVolume(mountPath: '/root/.m2',serverAddress: '192.168.1.10',serverPath: '/var/Data/.m2', readOnly: false),
]
) {
node('jenkins-slave') {
//拉取代码
stage('get clone repo') {
git branch: 'test', credentialsId: env.CREDENTIALSID, url: env.GIT_URL
}
//代码编译
stage('Mave Build'){
sh 'pwd'
//sleep 10000
sh '/usr/local/maven/bin/mvn -pl ./${params_SERVER_PATH} -am clean package -Ptest -Dmaven.test.skip=true'
}
stage('Build Image'){
sh 'pwd'
sh "sed -e 's#{SERVER_NAME}#${params_SERVER_PATH}#g' /home/jenkins/Deployment/Dockerfile.tpl > Dockerfile "
sh 'cat Dockerfile'
sh 'docker build -t ${HARBOR}:${BUILD_NUMBER} .'
}
stage('Push Image'){
withDockerRegistry(credentialsId: 'JenkinsForHarbor', url: 'http://192.168.1.140'){
sh 'docker push ${HARBOR}:${BUILD_NUMBER}'
}
}
stage('Clean Image'){
sh "docker rmi $HARBOR:${BUILD_NUMBER}"
}
stage('Deploy') {
println '发布测试'
sh "sed -e 's#{IMAGE_TAG}#${BUILD_NUMBER}#g;s#{APP_NAME}#${params_SERVER_NAME}#g;s#{APP_PORT}#${params_SERVER_PORT}#g;s#{SPRING_PROFILE}#test#g' /home/jenkins/Deployment/k8s-deployment-multiport.tpl > k8s-deployment.yml "
sh 'cat k8s-deployment.yml'
kubernetesDeploy configs: 'k8s-deployment.yml',kubeconfigId: 'pipelinetest',enableConfigSubstitution: true
}
}
}