kubernetes中Gitops实践

涉及到的程序:kubernetes,kubersphere,argocd,gitlab,harbor
kubersphere安装详见官网
https://kubesphere.io/zh/
kubersphere默认没有开启devops,需要修改cluster-configuration.yaml

图片.png

argocd两种安装方式
通过yaml直接执行

wget https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
kubectl create namespace argocd
kuberctl apply -f install.yaml

通过helm

helm repo add argo https://argoproj.github.io/argo-helm
helm install argocd --namespace=argocd --create-namespace  --set server.service.type=NodePort argo/argo-cd

修改argocd-server为nodeport,或者使用ingress

kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}'
图片.png

图片.png

访问地址
http://192.168.4.149:32346
默认用户名admin,默认密码 argocd-server的pod名字。如果提示密码无效,通过以下方法重置密码为password

kubectl -n argocd patch secret argocd-secret -p '{"stringData": {"admin.password": "$2a$10$rRyBsGSHK6.uc8fntPwVIuLVHgsAhAX7TcdrqW/RADU0uh7CaChLa","admin.passwordMtime": "'$(date +%FT%T%Z)'"}}'

准备gitlab仓库,创建两个仓库,一个放代码,一个放yaml


图片.png

配置webhook,进入yaml仓库,安全令牌随意


图片.png

修改argocd-secret
kubectl edit secret argocd-secret -n argocd
图片.png

创建应用


图片.png
project: default
source:
  repoURL: 'http://192.168.4.149:8090/root/argocd-yaml.git'
  path: ./
  targetRevision: HEAD
destination:
  server: 'https://kubernetes.default.svc'
  namespace: apps
syncPolicy:
  automated:
    prune: true
    selfHeal: true
  syncOptions:
    - Validate=false
    - CreateNamespace=true
  retry:
    limit: 3
    backoff:
      duration: 10s
      factor: 2
      maxDuration: 5m
图片.png

在kubersphere中创建devops工程
新建一个devops企业空间,进入企业空间,创建工程


图片.png

然后创建流水线


图片.png

图片.png

添加凭证(一个gitlab,一个harbor)
图片.png

编辑流水线
图片.png

图片.png
pipeline {

    environment {
        GIT_URL='http://192.168.4.149:8090/root/argocd-java.git'
        GIT_CREDENTIAL_ID = 'gitlab'
        GIT_BRANCH = 'master'
        REGISTRY = 'docker.plantdata.cn/app/argocd'
        REGISTRY_CREDENTIAL_ID = 'harbor'
    }

    agent {
        node {
            label 'maven'
        }
    }

    stages {

        stage('SCM Checkout') {
            steps {
                git branch: "${GIT_BRANCH}", credentialsId: "${GIT_CREDENTIAL_ID}", url: "${GIT_URL}"
            }
        }

        stage('source build') {
            steps {
                container('maven') {
                    sh 'mvn clean package'

                }
            }
        }

        stage('docker build & push') {
            steps {
                script {
                    env.COMMIT_ID = sh(returnStdout: true, script: "git log -n 1 --pretty=format:'%h'").trim()
                    env.TIMESTRAP = sh(returnStdout: true, script: 'date +%Y%m%d%H%M%S').trim()
                    env.DOCKER_TAG = "dev_${TIMESTRAP}_${COMMIT_ID}_${BUILD_NUMBER}"
                }
                container('maven') {
                    withCredentials([usernamePassword(passwordVariable : 'DOCKER_PASSWORD' ,usernameVariable : 'DOCKER_USERNAME' ,credentialsId : "$REGISTRY_CREDENTIAL_ID" ,)]) {
                        sh 'ls -l'
                        sh 'docker build -t $REGISTRY:$DOCKER_TAG .'
                        sh 'echo "$DOCKER_PASSWORD" | docker login $REGISTRY -u "$DOCKER_USERNAME" --password-stdin'
                        sh 'docker push $REGISTRY:$DOCKER_TAG'
                    }
                }
            }
        }

        stage('update docker tag') {
            environment {
                BUILD_USER = 'admin'
                BUILD_USER_EMAIL = '[email protected]'
                YAML_REPO_URL='http://${username}:${password}@192.168.4.149:8090/root/argocd-yaml.git'
            }

            steps {
                withCredentials([usernamePassword(passwordVariable : 'password' ,usernameVariable : 'username' ,credentialsId : "$GIT_CREDENTIAL_ID" ,)]) {
                    sh """
                        git config --global user.name "$BUILD_USER"
                        git config --global user.email "$BUILD_USER_EMAIL"
                        git clone ${YAML_REPO_URL} && cd argocd-yaml
                        sed -i "s#$REGISTRY.*#${REGISTRY}:${DOCKER_TAG}#g" ./deployment.yaml
                        git add -A && git commit -m "update tag: ${DOCKER_TAG}" && git push ${YAML_REPO_URL}
                    """
                }
            }
        }
    }
}
图片.png

点击运行


图片.png

图片.png

查看argocd,已经触发同步并部署了


图片.png

图片.png

图片.png

你可能感兴趣的:(kubernetes中Gitops实践)