98. k8s使用jenkins实现自动部署
文章目录
-
- 9. k8s与jenkins集成实现cd
-
- 9.1 搭建gitlab并上传代码【可以选择gitee】
- 9.2 部署jenkins,并自动构建docker镜像
-
- 9.2.1 安装jenkins
- 9.2.2 访问jenkins
- 9.2.3 配置jenkins拉取gitlab代码凭据
- 9.2.4 拉取代码测试
- 9.2.5 编写dockerfile并测试
- 9.2.6 上传dockerfile和.dockerignore到私有仓库
- 9.2.7 jenkins立即构建,自动构建docker镜像并上传到私有仓库
- 9.3 jenkins自动部署应用到k8s
-
- 9.3.1 jenkins实现代码上线与更新
- 9.3.2 jenkins实现一键回滚
- 9.3.3 命令行手动执行回滚:
- 9.3.4 脚本方式:
9. k8s与jenkins集成实现cd
| ip地址 | 服务 | 内存 |
|---|---|---|
| 10.0.0.11 | kube-apiserver 8080 | 2G |
| 10.0.0.12 | kube-apiserver 8080,dev提交代码 | 2G |
| 10.0.0.13 | jenkins(tomcat + jdk) 8080 | 4G |
| 10.0.0.110 | Gitlab | 2G |
9.1 搭建gitlab并上传代码【可以选择gitee】
1. 安装
[root@gitlab ~]# yum install -y curl openssh-server postfix wget
[root@gitlab ~]# wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-12.7.2-ce.0.el7.x86_64.rpm
[root@gitlab ~]# yum localinstall gitlab-ce-12.7.2-ce.0.el7.x86_64.rpm -y
2. 配置gitlab
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
external_url 'http://gitlab.cheng.com'
配置gitlab邮箱:
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = "[email protected]" # 发件邮箱
gitlab_rails['gitlab_email_display_name'] = 'cheng-GitLab' # 发件人显示名称
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "[email protected]" #发件人邮箱账户
gitlab_rails['smtp_password'] = "" #发件人邮箱客户端授权码
gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
关闭不用的程序
1385 prometheus['enable'] = false
1474 node_exporter['enable'] = false
1493 redis_exporter['enable'] = false
1511 postgres_exporter['enable'] = false
1560 grafana['enable'] = false
3. gitlab初始化
gitlab-ctl reconfigure
4. 使用浏览器访问http://gitlab.cheng.com,修改root用户密码,创建project
上传代码到git仓库
[root@gitlab ~]# cd putaojiu/
git config --global user.name "Administrator"
git config --global user.email "[email protected]"
git init
git add .
git commit -m "Initial commit"
[root@gitlab putaojiu]# git remote add origin [email protected]:root/jiuzhuang.git
[root@gitlab putaojiu]# git push -u origin master
9.2 部署jenkins,并自动构建docker镜像
9.2.1 安装jenkins
jenkins部署教程:
这里使用yum方式安装:
yum install java -y
rpm -ivh jenkins-2.176.1-1.1.noarch.rpm
[root@k8s-node-2 ~]# systemctl start jenkins
[root@k8s-node-2 ~]# systemctl enable jenkins
netstat -lntup 查看8080端口是否开启
9.2.2 访问jenkins
访问http://jenkins.cheng.com:8080/,默认账号密码admin:123456
9.2.3 配置jenkins拉取gitlab代码凭据
a:在jenkins上生成秘钥对
ssh-keygen -t rsa
b:复制公钥粘贴gitlab上--->部署管理
c:jenkins上创建全局凭据--->添加root私钥
9.2.4 拉取代码测试
9.2.5 编写dockerfile并测试
1.编写dockerfile
[root@k8s-node-1 putaojiu]# vim dockerfile
FROM 10.0.0.11:5000/nginx:1.13
add . /usr/share/nginx/html
2.添加docker build构建时不add的文件
vim .dockerignore dockerfile
[root@k8s-node-1 putaojiu]# docker build -t putaojiu:v1 .
[root@k8s-node-1 putaojiu]# docker run -d -p 80:80 putaojiu:v1
打开浏览器测试访问酒庄的项目
9.2.6 上传dockerfile和.dockerignore到私有仓库
git add docker .dockerignore
git commit -m "fisrt commit"
git push -u origin master
9.2.7 jenkins立即构建,自动构建docker镜像并上传到私有仓库
9.3 jenkins自动部署应用到k8s
1. 测试一下远程连接
[root@k8s-master tags]# kubectl -s 10.0.0.11:8080 get nodes
NAME STATUS AGE
10.0.0.12 Ready 2d
10.0.0.13 Ready 1d
2. master创建namespace
[root@k8s-master ~]# kubectl create namespace jiuzhuang
3. 运行Pod
[root@k8s-master ~]# kubectl run jiuzhuang -n jiuzhuang --image=10.0.0.11:5000/putaojiu:v1 --replicas=2 --record
4. 查看
[root@k8s-master ~]# kubectl get all -n jiuzhuang 检查一下
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
deploy/jiuzhuang 2 2 2 2 5s
NAME DESIRED CURRENT READY AGE
rs/jiuzhuang-688366331 2 2 2 5s
NAME READY STATUS RESTARTS AGE
po/jiuzhuang-688366331-1glbf 1/1 Running 0 5s
po/jiuzhuang-688366331-v4gqc 1/1 Running 0 5s
5. 查看记录
[root@k8s-master ~]# kubectl rollout history -n jiuzhuang deployment jiuzhuang
deployments "jiuzhuang"
REVISION CHANGE-CAUSE
1 kubectl run jiuzhuang -n jiuzhuang --image=10.0.0.11:5000/putaojiu:v1 --replicas=2 --record
6. 命令行更新代码||镜像
[root@k8s-master ~]# kubectl set image -n jiuzhuang deployment jiuzhuang jiuzhuang=10.0.0.11:5000/putaojiu:v2
deployment "jiuzhuang" image updated
7. 查看更新记录
[root@k8s-master ~]# kubectl rollout history -n jiuzhuang deployment jiuzhuang
deployments "jiuzhuang"
REVISION CHANGE-CAUSE
1 kubectl run jiuzhuang -n jiuzhuang --image=10.0.0.11:5000/putaojiu:v1 --replicas=2 --record
2 kubectl set image -n jiuzhuang deployment jiuzhuang jiuzhuang=10.0.0.11:5000/putaojiu:v2
8. 暴露80端口
[root@k8s-master ~]# kubectl expose -n jiuzhuang deployment jiuzhuang --port=80 --target-port=80 --type=NodePort
service "jiuzhuang" exposed
9. 查看pod信息
[root@k8s-master ~]# kubectl get all -n jiuzhuang -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
deploy/jiuzhuang 2 3 2 1 6m
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
svc/jiuzhuang 10.254.130.72 <nodes> 80:47364/TCP 2m run=jiuzhuang
NAME DESIRED CURRENT READY AGE CONTAINER(S) IMAGE(S) SELECTOR
rs/jiuzhuang-688366331 1 1 1 6m jiuzhuang 10.0.0.11:5000/putaojiu:v1 pod-template-hash=688366331,run=jiuzhuang
rs/jiuzhuang-763273980 2 2 0 3m jiuzhuang 10.0.0.11:5000/putaojiu:v2 pod-template-hash=763273980,run=jiuzhuang
NAME READY STATUS RESTARTS AGE IP NODE
po/jiuzhuang-688366331-v4gqc 1/1 Running 0 6m 172.18.81.4 10.0.0.12
10. 取出访问端口的命令:
[root@k8s-master ~]# kubectl -s 10.0.0.11:8080 get svc -n jiuzhuang |grep jiuzhuang|awk -F "[:/]" '{print $2}'
47364
以上是手动发布与更新、暴露端口使外界可以访问
通过浏览器访问测试即可
9.3.1 jenkins实现代码上线与更新
建议对代码进行一次修改再提交测试
9.3.2 jenkins实现一键回滚
9.3.3 命令行手动执行回滚:
回滚至上一个版本
[root@k8s-master tags]# kubectl rollout undo -n jiuzhuang deployment jiuzhuang
deployment "jiuzhuang" rolled back
[root@k8s-master tags]# kubectl rollout history -n jiuzhuang deployment jiuzhuang
deployments "jiuzhuang"
REVISION CHANGE-CAUSE
4 kubectl -s 10.0.0.11:8080 set image -n jiuzhuang deployment jiuzhuang jiuzhuang=10.0.0.11:5000/putaojiu:v2
5 kubectl -s 10.0.0.11:8080 set image -n jiuzhuang deployment jiuzhuang jiuzhuang=10.0.0.11:5000/putaojiu:v1
[root@k8s-master tags]# kubectl rollout undo -n jiuzhuang deployment jiuzhuang --to-revision=4
deployment "jiuzhuang" rolled back
9.3.4 脚本方式:
if [ -f /tmp/xiaoniao.lock ];then
docker build -t 10.0.0.11:5000/xiaoniao:v$BUILD_ID .
docker push 10.0.0.11:5000/xiaoniao:v$BUILD_ID
kubectl -s 10.0.0.11:8080 set image -n xiaoniao deploy xiaoniao xiaoniao=10.0.0.11:5000/xiaoniao:v$BUILD_ID
port=`kubectl -s 10.0.0.11:8080 get svc -n xiaoniao|grep -oP '(?<=80:)\d+'`
echo "你的项目地址访问是http://10.0.0.13:$port"
echo "更新成功"
else
docker build -t 10.0.0.11:5000/xiaoniao:v$BUILD_ID .
docker push 10.0.0.11:5000/xiaoniao:v$BUILD_ID
kubectl -s 10.0.0.11:8080 create namespace xiaoniao
kubectl -s 10.0.0.11:8080 run xiaoniao -n xiaoniao --image=10.0.0.11:5000/xiaoniao:v$BUILD_ID --replicas=3 --record
kubectl -s 10.0.0.11:8080 expose -n xiaoniao deployment xiaoniao --port=80 --type=NodePort
port=`kubectl -s 10.0.0.11:8080 get svc -n xiaoniao|grep -oP '(?<=80:)\d+'`
echo "你的项目地址访问是http://10.0.0.13:$port"
echo "发布成功"
touch /tmp/xiaoniao.lock
chattr +i /tmp/xiaoniao.lock
fi