文章目录
使用阿里云主机ECS:
主机信息如下:
server1 ---- 47.108.54.185(公)10.0.0.2(私)---- harbor、Jenkins(容器实例)
server2 ---- 47.108.140.166(公)10.0.0.84(私) ---- gitlab
master1 ---- 47.108.28.42(公)10.0.0.5(私) ---- k8s集群主节点
node1 ---- 47.108.165.125(公)10.0.0.88(私)---- k8s集群worker
node2 ---- 47.109.47.202(公)10.0.0.91(私)---- k8s集群worker
下载Jenkins
拉取Jenkins镜像
运行Jenkins容器实例
进入容器查看Jenkins初始化密码
Jenkins与k8s集群主节点免密认证
下载安装gitlab
更新gitlab配置文件
查看gitlab状态,并查看初始化密码
登录之后,修改语言
修改初始化密码
Jenkins与gitlab做免密认证
gitlab节点与gitlab工具做免密
创建gitlab空白项目
gitlab节点拉取新建的项目
创建Jenkins自由风格项目
连接gitlab项目,并触发构建
创建harbor公开项目
上传测试代码至gitlab
上述代码编写为:
deploy—>base—>deploy.yaml文件内容为:
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: wm-project
name: gocode
spec:
replicas: 3
selector:
matchLabels:
app: gocode
template:
metadata:
labels:
app: gocode
spec:
imagePullSecrets:
- name: wm-secret
containers:
- name: gocode
env:
- name: ENV
value: prod
image: reg.westos.org/imagename
# resources:
# limits:
# memory: "128Mi"
# cpu: "500m"
ports:
- containerPort: 9000
deploy—>base—>kustomization.yaml文件内容为:
resources:
- namespace.yaml
# - configmap.yaml
- deploy.yaml
- svc.yaml
deploy—>base—>namespace.yaml文件内容为:
apiVersion: v1
kind: Namespace
metadata:
name: wm-project
deploy—>base—>svc.yaml文件内容为:
apiVersion: v1
kind: Service
metadata:
name: gocode
namespace: wm-project
spec:
type: NodePort
selector:
app: gocode
ports:
- port: 9000
targetPort: 9000
nodePort: 30001
deploy—>overlays—>prod—>kustomization.yaml文件内容为:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../base
deploy—>overlays—>qa—>deploy-patch.yaml文件内容为:
- op: replace
path: /spec/template/spec/containers/0/env/0/value
value: qa
deploy—>overlays—>qa—>kustomization.yaml文件内容为:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../base
patches:
- path: deploy-patch.yaml
target:
kind: Deployment
src—>main.go文件内容为:
package main
import (
"fmt"
"net/http"
"time"
)
//一个http请求 响应一个时间
func main() {
http.HandleFunc("/time", func(rw http.ResponseWriter, r *http.Request) {
timeStr := "现在是:" + time.Now().In(time.FixedZone("CST", 8*3600)).Format("2006-01-02 15:04:05")
fmt.Println(timeStr)
rw.Write([]byte(timeStr))
})
port := 9000
fmt.Printf("listen %d server started!!!\r\n", port)
err := http.ListenAndServe(fmt.Sprintf(":%d", port), nil)
if err != nil {
fmt.Println(err)
}
}
Dockerfile文件内容为:
# 构建编译文件
FROM golang:1.17 as builder
# 拷贝项目文件到镜像中
COPY . /app
# 设置命令工作目录
WORKDIR /app
# 执行命令编译项目文件
RUN go mod tidy && make build
# 构建运行时文件
FROM alpine:3.13
# 添加作者
LABEL author=wm
# 设置工作目录
WORKDIR /app
# 从上一阶段中拷贝可执行文件
COPY --from=builder /app/bin/app /app/bin/app
# 声明暴露的端口
EXPOSE 9000/tcp
# 调整动态链接地址
RUN mkdir /lib64 && ln -s /lib/libc.musl-x86_64.so.1 /lib64/ld-linux-x86-64.so.2
# 启动服务
ENTRYPOINT [ "/app/bin/app" ]
Makefile文件内容为:
GOROOT?=/usr/local/go
GOBIN?=go
moduleName:=$(shell head -n 1 go.mod | awk '{print $$2}')
GOMODCACHE:=$(shell $(GOBIN) env GOMODCACHE)
run:
bin/app
build:
$(GOBIN) build -o ./bin/app $(moduleName)/src
go.mod文件内容为:
module github.com/pingwazi0101/gocode
go 1.17
编写Jenkins构建任务,并测试触发构建
镜像上传失败,
原因是还没有给k8s集群配置私有harbor仓库
k8s集群连接私有harbor仓库
主节点指向harbor仓库
node1节点指向harbor仓库
node2节点指向harbor仓库
拷贝harbor认证证书至k8s集群节点
主节点登录仓库
Jenkins触发构建任务,上传镜像失败
仓库未认证成功
kubesphere平台查看pod运行错误
集群主节点上创建secret
下面一步不需要有,因为上面创建secret时已经明确指定了password。