Press Ctrl+ and K to search
请注意,本文编写于 45 天前,最后修改于 45 天前,其中某些信息可能已经过时。
目录
一、安装IngressNginxController
先到图形化界面
二、配置harbor仓库私服信息
然后去主节点和工作节点都加上docker配置
jsvi /etc/docker/daemon.json
js{
"registry-mirrors": [
"https://docker.m.daocloud.io",
"https://docker.1panel.live",
"https://hub.rat.dev"
],
"insecure-registries":["192.168.201.107:80"]
}
然后重启docker,测试是否能登录,记住测试登录加端口,不然docker默认是https协议就是443
三、先准备部署到k8s的yml文件
ymlapiVersion: v1
kind: Namespace
metadata:
name: test1test
labels:
app: test1test
pipeline.yml
ymlapiVersion: apps/v1
kind: Deployment
metadata:
name: test1test
namespace: test1test
labels:
app: test1test
spec:
replicas: 2
selector:
matchLabels:
app: test1test
template:
metadata:
labels:
app: test1test
spec:
containers:
- name: test1test
image: 192.168.201.107:80/mytest1test/mytest1test:V8.0.2
imagePullPolicy: Always
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: test1test
namespace: test1test
labels:
app: test1test
spec:
selector:
app: test1test
ports:
- protocol: TCP
port: 8081
targetPort: 8080
type: NodePort
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: test1test
namespace: test1test
labels:
app: test1test
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: ingress
rules:
- host: songxuan.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: test1test
port:
number: 8081
启动后访问ing的IP+Service暴露的32403端口进行访问测试
测试没有问题
四、去Jenkins整合到k8s中
在gitlab创建一个pipeline.yml文件,把上面的yml文件沾上去
先去主节点服务器创建一个目录
jsmkdir /songxuan
然后去Jenkins全局配置新增一个远程连接到k8s服务器的配置
然后生成语法
jssshPublisher(publishers: [sshPublisherDesc(configName: 'K8S', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline.yml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
在gitlab更改Jenkinsfile文件,把之前的第6步替换掉
然后进入Jenkins容器内部配置免密登录 如果没有~/.ssh目录下没有东西或没目录,用以下命令重新生成一下
js# 强制创建.ssh目录并设置权限
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# 生成RSA密钥对(无密码)
ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -N ""
# 设置密钥权限
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub
# 将公钥追加到authorized_keys
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
把Jenkins内部容器的公钥给到master节点
js$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGYg72GXNQmFPwEEp986OqHF7vCcVxJw6mox5iKifJReaUKdcLEXqjUcu6mUi29j3hFMi4QT7Oc3+JmgEeAxWLWmC4zADm0NWqzKDJ6qdptU01cMkFlukpBU9u/GBAyCLQ6sgK75O62HTIq2MVe9TqXOficr90IOSxpObPFq1ZEnWp6i76Ag7hMO3e8Hm4wSD4e6edxbDIgzzRNo58GO1YikHEiYkd86sMzJTI/Xf2myw9ETgen7MlFGrOgdBPktmD4Wexg3Ug72uZJxOB96sn5TOXzIYs9YsGvJeOsZ/zTk9okrRCIybjBjDJvmfDmjUNFF77byIFHCu2UAWpYGHeui3BlVwSjRdaysHIPFUEmadUwi0Oa3JpgnhU600UfsEJn3fGVm2XrwtLR0bhrj/LTsvM0UmvsAs0RC4b8EzrExbPWPfQPwUJLxKZcEfyW1cK6a4y8+qb2WV7HXv7acBtywTwBHAuuYeo6HKweyYoz/c2/pTWjZ3PpGETBUYB6km3WWrjDEzfxYVlGFb5mB+GWh1m5Knak9wABv06k9XVt3NL6ZjzkwH0WBd5Lr0YvfFocLLurq8gGjaBiWQ0lOPjDqILLwaV6Xm9ZoXyUb2My9yIBwYm2w9VhA9LreI0H8G8JDOzF+hBYV8ikF/8meqFuJgJMGe+/RZSNDhU/3FKQw== jenkins@5ca614ac051b
把Jenkins的公钥放到master节点的~/.ssh/authorized_keys里面
jsvi ~/.ssh/authorized_keys
然后测试免密是否成功,在Jenkins容器内部执行ssh命令
最后去Jenkins生成语法
jssh 'ssh root@192.168.201.108 kubectl apply -f /songxuan/pipeline.yml'
然后去gitlab的Jenkins文件再加一条
jspipeline {
agent any
stages {
stage('1.拉取git仓库代码') {
steps {
checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: '41ccb3f5-d95e-4f7c-94cd-8af30c885e0d', url: 'http://192.168.201.105:8929/root/mytest1.git']])
}
}
stage('2.通过Maven构建项目') {
steps {
sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'
}
}
stage('3.质量代码检测') {
steps {
sh '/var/jenkins_home/sonar-scanner-4.8.0.2856-linux/bin/sonar-scanner -Dsonar.sources=./ -Dsonar.projectname=${JOB_NAME} -Dsonar.projectKey=${JOB_NAME} -Dsonar.java.binaries=./target/ -Dsonar.login=178e1842a7318cabd37749b7f2f5a5b88a5fb997'
}
}
stage('4.Docker制作镜像') {
steps {
sh '''cp -rf ./target/*.jar ./docker/
docker build -t ${JOB_NAME}:${tag} ./docker/'''
}
}
stage('5.自定义镜像推送Harbor') {
steps {
sh '''docker login 192.168.201.107:80 -u admin -p 123456
docker tag ${JOB_NAME}:${tag} 192.168.201.107:80/${JOB_NAME}/${JOB_NAME}:${tag}
docker push 192.168.201.107:80/${JOB_NAME}/${JOB_NAME}:${tag}'''
}
}
stage('6.将yml文件传到k8smaster节点上') {
steps {
sshPublisher(publishers: [sshPublisherDesc(configName: 'K8S', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline.yml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
}
}
stage('7.执行kubectl apply命令把k8s部署起来') {
steps {
sh 'ssh root@192.168.201.108 kubectl apply -f /songxuan/pipeline.yml'
}
}
}
post {
success {
dingtalk (
robot: 'jenkins-dingding',
type: 'MARKDOWN',
title: "构建成功: ${env.JOB_NAME}",
text: [
"### 项目: ${env.JOB_NAME}",
"### 版本: ${tag}",
"### 构建结果: SUCCESS",
"### 持续时间: ${currentBuild.durationString}"
],
at: []
)
}
failure {
dingtalk (
robot: 'jenkins-dingding',
type: 'MARKDOWN',
title: "构建失败: ${env.JOB_NAME}",
text: [
"### 项目: ${env.JOB_NAME}",
"### 版本: ${tag}",
"### 构建结果: FAILURE",
"### 持续时间: ${currentBuild.durationString}",
"**失败原因:**",
"${currentBuild.currentResult}"
],
atAll: true
)
}
}
}
最后去Jenkins执行任务
本文作者:松轩(^U^)
本文链接:
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
目录