1、安装nfs服务器
yum install nfs-utils
vi /etc/exports
/data/devops/k8s/kubernetescluster/jenkins/storage *(rw,no_root_squash)
systemctl start nfs
systemctl enable nfs
systemctl enable nfs
每个节点安装utils
测试: showmount -e 10.14.0.63
2、执行jenkinsyaml目录里的所有yaml文件
kubernetes create -f .
安装地址参考:http://www.mydlq.club/article/6/
3、jenkins上更改国内插件搜索地址:http://mirror.esuni.jp/jenkins/updates/update-center.json
替换nfs上共享文件里updates的文件内容:sed -i ‘s/http://updates.jenkins-ci.org/download/https://mirrors.tuna.tsinghua.edu.cn/jenkins/g’ default.json && sed -i ‘s/http://www.google.com/https://www.baidu.com/g’ default.json
kubectl delete deployments.apps jenkins
kubectl delete persistentvolumeclaims jenkins-home
kubectl delete serviceaccounts jenkins-admin
kubectl get PersistentVolumeClaims -n kube-ops
kubectl describe PersistentVolumeClaims jenkins-home-jenkins-0 -n kube-ops
kubectl get storageclass.storage.k8s.io
kubectl get pods -n kube-ops
kubectl describe pod jenkins-6fcc986c45-h9jk7 -n mydlqcloud
kubectl apply -f jenkins-pv-pvc.yaml -n mydlqcloud
kubectl describe service jenkins -n mydlqcloud
4、安装插件
Chinese
Git
Pipeline
Extended Choice Parameter
Kubernetes
进入jenkins管理界面配置云信息:
Kubernetes 地址:https://kubernetes.default.svc.cluster.local
Jenkins 地址:http://jenkins.yhdjenkins.svc.cluster.local:8080
5、构建Jenkins-Slave自定义镜像
Dockerfile文件内容如下:
FROM jenkins/jnlp-slave:latest
MAINTAINER itcast
切换到 root 账户进行操作
USER root
安装 maven
COPY apache-maven-3.6.2-bin.tar.gz .
RUN tar -zxf apache-maven-3.6.2-bin.tar.gz &&
mv apache-maven-3.6.2 /usr/local &&
rm -f apache-maven-3.6.2-bin.tar.gz &&
ln -s /usr/local/apache-maven-3.6.2/bin/mvn /usr/bin/mvn &&
ln -s /usr/local/apache-maven-3.6.2 /usr/local/apache-maven && \
mkdir -p /usr/local/apache-maven/repo
COPY settings.xml /usr/local/apache-maven/conf/settings.xml
USER jenkins
构建出一个新镜像:jenkins-slave-maven:latest ,把镜像上传到Harbor的公共库library中
docker build -t jenkins-slave-maven:latest .
docker tag jenkins-slave-maven:latest 10.14.0.64:85/library/jenkins-slave-maven:latest
docker login -u admin -p Harbor12345 10.14.0.64:85
docker push 10.14.0.64:85/library/jenkins-slave-maven:latest
6、流水线脚本构建测试:
创建gitlab凭证,然后把id填入到def git_auth中。
def git_address = “http://10.14.0.64:82/devops-group/microservice-parent.git”
def git_auth = “3f1ead65-9ba1-4f33-8dbf-88059ff375bb”
//创建一个Pod的模板,label为jenkins-slave
podTemplate(label: ‘jenkins-slave’, cloud: ‘kubernetes’, containers: [
containerTemplate(
name: ‘jnlp’,
image: “10.14.0.64:85/library/jenkins-slave-maven:latest”
)
]
)
{
//引用jenkins-slave的pod模块来构建Jenkins-Slave的pod
node(“jenkins-slave”){
// 第一步
stage(‘拉取代码’){
checkout([
c
l
a
s
s
:
′
G
i
t
S
C
M
′
,
b
r
a
n
c
h
e
s
:
[
[
n
a
m
e
:
′
m
a
s
t
e
r
′
]
]
,
u
s
e
r
R
e
m
o
t
e
C
o
n
f
i
g
s
:
[
[
c
r
e
d
e
n
t
i
a
l
s
I
d
:
"
class: 'GitSCM', branches: [[name: 'master']], userRemoteConfigs: [[credentialsId: "
class:′GitSCM′,branches:[[name:′master′]],userRemoteConfigs:[[credentialsId:"{git_auth}", url: “${git_address}”]]])
}
}
}
7、微服务项目部署到k8s
7.1、添加maven共享目录
vim /etc/exports
/data/devops/k8s/kubernetescluster/jenkins/storage/maven *(rw,no_root_squash)
systemctl restart nfs
测试:showmount -e 10.14.0.63
7.2、jenkins 上添加参数化构建过程:
7.2.1、Extended Choice Parameter
name -> project_name
Description --> 请选择需要构建的项目
7.2.2、Basic Parameter Types: Check Boxes
Number of Visible Items -> 4
Delimiter -> ,
7.2.3、Choose Source for Value
eureka-server01@10086,gateway-server-sentinel@10020,order-service@9001,product-service@9002
7.2.4、Choose Source for Default Value
eureka-server01@10086
7.2.5、Choose Source for Value Description
注册中心,服务网关,订单微服务,商品微服务
7.3、添加harbor凭证生成id
7.4、添加参数:
字符参数:
名称:branch
默认值:master
描述:请输入一个分支名称
7.5、安装Kubernetes Continuous Deploy插件
7.6、添加k8s凭证
类型:Kubernetes configuration
名称:k8s-auth
去k8s主节点:
cd /root/.kube/
cat confgig
复制所有内容,填入到Enter directly中,生成id
7.7、生成k8s连接harbor的凭证
7.7.1、登陆harbor
docker login -u admin -p Harbor12345 10.14.0.64:85
7.7.2、生成秘钥
kubectl create secret docker-registry registry-auth-secret --docker-server=10.14.0.64:85 --docker-username=admin --docker-password=Harbor12345 --docker-email=644258812@qq.com
7.7.3、查看秘钥
kubectl get secret
def git_address = “http://10.14.0.64:82/devops-group/microservice-parent.git”
def git_auth = “3f1ead65-9ba1-4f33-8dbf-88059ff375bb”
//构建版本的名称
def tag = “latest”
//Harbor私服地址
def harbor_url = “10.14.0.64:85”
//Harbor的项目名称
def harbor_project_name = “tensquare”
//Harbor的凭证
def harbor_auth = “e3ec6622-e17c-478b-80a6-2f743db84779”
//k8s连接Harbor的凭证
def secret_name = “registry-auth-secret”
//k8s凭证
def k8s_auth = “42f00274-b1e5-44c1-abe2-db56ce5c3391”
podTemplate(label: ‘jenkins-slave’, cloud: ‘kubernetes’, containers: [
containerTemplate(
name: ‘jnlp’,
image: “10.14.0.64:85/library/jenkins-slave-maven:latest”
),
containerTemplate(
name: ‘docker’,
image: “docker:stable”,
ttyEnabled: true,
command: ‘cat’
),
],
volumes: [
hostPathVolume(mountPath: ‘/var/run/docker.sock’, hostPath: ‘/var/run/docker.sock’),
nfsVolume(mountPath: ‘/usr/local/apache-maven/repo’, serverAddress: ‘10.14.0.63’ , serverPath: ‘/data/devops/k8s/kubernetescluster/jenkins/storage/maven’),
],
)
{
node(“jenkins-slave”){
// 第一步
stage(‘拉取代码’){
checkout([
c
l
a
s
s
:
′
G
i
t
S
C
M
′
,
b
r
a
n
c
h
e
s
:
[
[
n
a
m
e
:
′
class: 'GitSCM', branches: [[name: '
class:′GitSCM′,branches:[[name:′{branch}’]], userRemoteConfigs: [[credentialsId: “
g
i
t
a
u
t
h
"
,
u
r
l
:
"
{git_auth}", url: "
gitauth",url:"{git_address}”]]])
}
// 第二步
stage('构建镜像,部署项目'){
//把选择的项目信息转为数组
def selectedProjects = "${project_name}".split(',')
for(int i=0;i<selectedProjects.size();i++){
//取出每个项目的名称和端口
def currentProject = selectedProjects[i];
//项目名称
def currentProjectName = currentProject.split('@')[0]
//项目启动端口
def currentProjectPort = currentProject.split('@')[1]
//定义镜像名称
def imageName = "${currentProjectName}:${tag}"
//编译,构建本地镜像
sh "mvn -f ${currentProjectName} clean package dockerfile:build"
container('docker') {
//给镜像打标签
sh "docker tag ${imageName} ${harbor_url}/${harbor_project_name}/${imageName}"
//登录Harbor,并上传镜像
withCredentials([usernamePassword(credentialsId: "${harbor_auth}", passwordVariable: 'password', usernameVariable: 'username')]) {
//登录
sh "docker login -u ${username} -p ${password} ${harbor_url}"
//上传镜像
sh "docker push ${harbor_url}/${harbor_project_name}/${imageName}"
}
//删除本地镜像
sh "docker rmi -f ${imageName}"
sh "docker rmi -f ${harbor_url}/${harbor_project_name}/${imageName}"
}
def deploy_image_name = "${harbor_url}/${harbor_project_name}/${imageName}"
//部署到K8S
sh """
sed -i 's#\$IMAGE_NAME#${deploy_image_name}#' ${currentProjectName}/deploy.yml
sed -i 's#\$SECRET_NAME#${secret_name}#' ${currentProjectName}/deploy.yml
"""
kubernetesDeploy configs: "${currentProjectName}/deploy.yml", kubeconfigId: "${k8s_auth}"
}
}
}
}
搜索安装:Kubernetes Continuous Deploy
构建凭证:k8s秘钥在master上/root/.kube/config
k8s的id:52225c22-4509-49de-bc53-2985e6eb68d8
provided port:50000 is not reachable
kubectl describe PersistentVolumeClaims jenkins-home-jenkins-0 -n yhd-jenkins
k8s操作:
3、修改vim /etc/kubernetes/manifests/kube-apiserver.yaml
- --feature-gates=RemoveSelfLink=false
新建:kubectl apply -f /etc/kubernetes/manifests/kube-apiserver.yaml
kubectl get pods -n kube-system
kubectl logs -f kube-apiserver -n kube-system
mount -t nfs -o nolock,vers=4 10.14.0.63:/data/devops/k8s/kubernetescluster/jenkins/storage /data/devops/k8s/nfs-data
kubectl get pods -n yhd-jenkins
kubectl describe pod jenkins-0 -n yhd-jenkins
kubectl logs -f jenkins-0 -n yhd-jenkins
kubectl replace --force -f StatefulSet.yaml #删除并替换