KubeSphere 是在 Kubernetes 之上构建的以应用为中心的企业级分布式容器平台,提供简单易用的操作界面以及向导式操作方式,在降低用户使用容器调度平台学习成本的同时,极大减轻开发、测试、运维的日常工作的复杂度,旨在解决 Kubernetes 本身存在的存储、网络、安全和易用性等痛点。除此之外,平台已经整合并优化了多个适用于容器场景的功能模块,以完整的解决方案帮助企业轻松应对敏捷开发与自动化运维、DevOps、微服务治理、灰度发布、多租户管理、工作负载和集群管理、监控告警、日志查询与收集、服务与网络、应用商店、镜像构建与镜像仓库管理和存储管理等多种业务场景。后续版本还将提供和支持多集群管理、大数据、人工智能等更为复杂的业务场景。
KubeSphere 从项目初始阶段就采用开源的方式来进行项目的良性发展,相关的项目源代码和文档都在 GitHub 可见。KubeSphere 支持部署和运行在包括公有云、私有云、VM、BM 和 Kubernetes 等任何基础设施之上,并且支持在线安装与离线安装,目前已在 阿里云、腾讯云、华为云、青云、AWS、Kubernetes 上进行过部署测试。
应用部署需要关注的信息【应用部署三要素】
1、应用的部署方式
2、应用的数据挂载(数据,配置文件)
3、应用的可访问性
docker run -p 3306:3306 --name mysql-01 \
-v /mydata/mysql/log:/var/log/mysql \
-v /mydata/mysql/data:/var/lib/mysql \
-v /mydata/mysql/conf:/etc/mysql/conf.d \
-e MYSQL_ROOT_PASSWORD=ecJVNdEjcFuZY48E \
--restart=always \
-d mysql:5.7
[client]
default-character-set=utf8
[mysql]
default-character-set=utf8
[mysqld]
init_connect='SET collation_connection = utf8_unicode_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_unicode_ci
skip-character-set-client-handshake
lower_case_table_names=1
skip-name-resolve
1、集群内部,直接通过应用的 【服务名.项目名】 直接访问
mysql -uroot -hhis-mysql-01.his -p
[root@k8s-master01 nfs_dir]# kubectl -n his exec -it his-mysql-01-v1-0 bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
root@his-mysql-v1-0:/# mysql -uroot -hhis-mysql-01.his -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
[root@k8s-master01 ~]# kubectl -n his get po
NAME READY STATUS RESTARTS AGE
his-mysql-01-v1-0 1/1 Running 1 (8m58s ago) 9m29s
[root@k8s-master01 ~]#
#登入pod
[root@k8s-master01 ~]# kubectl -n his exec -it his-mysql-01-v1-0 bash
root@his-mysql-01-v1-0:/# mysql -u root -p
mysql> use mysql;
--修改root秘密
mysql> update user set authentication_string=passworD("ecJVNdEjcFuZY48E") where user='root';
--查看用户登入权限
mysql> SELECT HOST,USER from user;
--修改登入授权
mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'ecJVNdEjcFuZY48E' WITH GRANT OPTION;
mysql> FLUSH PRIVILEGES;
mysql> exit
root@his-mysql-01-v1-0:/# exit
#登入pod
[root@k8s-master01 ~]# kubectl -n his exec -it his-mysql-01-v1-0 bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
root@his-mysql-01-v1-0:/#
#内部pod登入测试
root@his-mysql-01-v1-0:/# mysql -uroot -hhis-mysql-01.his -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 13
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
#创建配置文件
## 1、准备redis配置文件内容
mkdir -p /mydata/redis/conf && vim /mydata/redis/conf/redis.conf
##配置示例
appendonly yes
port 6379
bind 0.0.0.0
#docker启动redis
docker run -d -p 6379:6379 --restart=always \
-v /mydata/redis/conf/redis.conf:/etc/redis/redis.conf \
-v /mydata/redis-01/data:/data \
--name redis-01 redis:6.2.5 \
redis-server /etc/redis/redis.conf
# 创建数据目录
mkdir -p /mydata/es-01 && chmod 777 -R /mydata/es-01
# 容器启动
docker run --restart=always -d -p 9200:9200 -p 9300:9300 \
-e "discovery.type=single-node" \
-e ES_JAVA_OPTS="-Xms512m -Xmx512m" \
-v es-config:/usr/share/elasticsearch/config \
-v /mydata/es-01/data:/usr/share/elasticsearch/data \
--name es-01 \
elasticsearch:7.13.4
注意: 子路径挂载,配置修改后,k8s不会对其Pod内的相关配置文件进行热更新,需要自己重启Pod
[root@075a91de5863 config]# cat elasticsearch.yml
cluster.name: "docker-cluster"
network.host: 0.0.0.0
[root@075a91de5863 config]# cat jvm.options
################################################################
##
## JVM configuration
##
################################################################
##
## WARNING: DO NOT EDIT THIS FILE. If you want to override the
## JVM options in this file, or set any additional options, you
## should create one or more files in the jvm.options.d
## directory containing your adjustments.
##
## See https://www.elastic.co/guide/en/elasticsearch/reference/current/jvm-options.html
## for more information.
##
################################################################
################################################################
## IMPORTANT: JVM heap size
################################################################
##
## The heap size is automatically configured by Elasticsearch
## based on the available memory in your system and the roles
## each node is configured to fulfill. If specifying heap is
## required, it should be done through a file in jvm.options.d,
## and the min and max should be set to the same value. For
## example, to set the heap to 4 GB, create a new file in the
## jvm.options.d directory containing these lines:
##
## -Xms4g
## -Xmx4g
##
## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html
## for more information
##
################################################################
################################################################
## Expert settings
################################################################
##
## All settings below here are considered expert settings. Do
## not adjust them unless you understand what you are doing. Do
## not edit them in this file; instead, create a new file in the
## jvm.options.d directory containing your adjustments.
##
################################################################
## GC configuration
8-13:-XX:+UseConcMarkSweepGC
8-13:-XX:CMSInitiatingOccupancyFraction=75
8-13:-XX:+UseCMSInitiatingOccupancyOnly
## G1GC Configuration
# NOTE: G1 GC is only supported on JDK version 10 or later
# to use G1GC, uncomment the next two lines and update the version on the
# following three lines to your version of the JDK
# 10-13:-XX:-UseConcMarkSweepGC
# 10-13:-XX:-UseCMSInitiatingOccupancyOnly
14-:-XX:+UseG1GC
## JVM temporary directory
-Djava.io.tmpdir=${ES_TMPDIR}
## heap dumps
# generate a heap dump when an allocation from the Java heap fails; heap dumps
# are created in the working directory of the JVM unless an alternative path is
# specified
-XX:+HeapDumpOnOutOfMemoryError
# specify an alternative path for heap dumps; ensure the directory exists and
# has sufficient space
-XX:HeapDumpPath=data
# specify an alternative path for JVM fatal error logs
-XX:ErrorFile=logs/hs_err_pid%p.log
## JDK 8 GC logging
8:-XX:+PrintGCDetails
8:-XX:+PrintGCDateStamps
8:-XX:+PrintTenuringDistribution
8:-XX:+PrintGCApplicationStoppedTime
8:-Xloggc:logs/gc.log
8:-XX:+UseGCLogFileRotation
8:-XX:NumberOfGCLogFiles=32
8:-XX:GCLogFileSize=64m
# JDK 9+ GC logging
9-:-Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m
/usr/share/elasticsearch/config/elasticsearch.yml
/usr/share/elasticsearch/config/jvm.options
可以使用 dev-zhao 登录,从应用商店部署
使用企业空间管理员(wuhan-boss)登录,设置应用仓库
学习Helm即可,去helm的应用市场添加一个仓库地址,比如:bitnami
charts.bitnami.com/bitnami
配置字典-ks-devops-agent-编辑配置- MavenSetting( 下面新增)
nexus-aliyun
central
Nexus aliyun
http://maven.aliyun.com/nexus/content/groups/public
使用图形编辑面板创建流水线
KubeSphere 内置了 4 种类型的 podTemplate:base、nodejs、maven 和 go,并且在 Pod 中提供隔离的 Docker 环境。
base
名称 | 类型 / 版本 |
---|---|
Jenkins Agent 标签 | base |
容器名称 | base |
操作系统 | centos-7 |
Docker | 18.06.0 |
Helm | 2.11.0 |
Kubectl | 稳定版 |
内置工具 | unzip、which、make、wget、zip、bzip2、git |
nodejs
名称 | 类型 / 版本 |
---|---|
Jenkins Agent 标签 | nodejs |
容器名称 | nodejs |
操作系统 | centos-7 |
Node | 9.11.2 |
Yarn | 1.3.2 |
Docker | 18.06.0 |
Helm | 2.11.0 |
Kubectl | 稳定版 |
内置工具 | unzip、which、make、wget、zip、bzip2、git |
maven
名称 | 类型 / 版本 |
---|---|
Jenkins Agent 标签 | maven |
容器名称 | maven |
操作系统 | centos-7 |
Jdk | openjdk-1.8.0 |
Maven | 3.5.3 |
Docker | 18.06.0 |
Helm | 2.11.0 |
Kubectl | 稳定版 |
内置工具 | unzip、which、make、wget、zip、bzip2、git |
go
名称 | 类型 / 版本 |
---|---|
Jenkins Agent 标签 | go |
容器名称 | go |
操作系统 | centos-7 |
Go | 1.11 |
GOPATH | /home/jenkins/go |
GOROOT | /usr/local/go |
Docker | 18.06.0 |
Helm | 2.11.0 |
Kubectl | 稳定版 |
内置工具 | unzip、which、make、wget、zip、bzip2、git |
编辑流水线-添加步骤-指定容器-maven
添加嵌套步骤-git-创建凭证
添加嵌套步骤-shell-ls-确定后-运行测试
添加步骤-指定容器-maven
添加嵌套步骤-shell
mvn clean package -Dmaven.test.skip=true
#docker build -t 镜像名称 -f 指定的Dockerfile文件 工作目录
docker build -t hospital-manage:latest -f hospital-manage/Dockerfile ./hospital-manage
Jenkinsfile
pipeline {
agent {
node {
label 'maven'
}
}
stages {
stage('拉取镜像') {
agent none
steps {
container('maven') {
git(credentialsId: 'gitee-id', url: 'https://gitee.com/rw001/yygh-parent.git', branch: 'master', changelog: true, poll: false)
}
}
}
stage('项目编译') {
agent none
steps {
container('maven') {
sh 'mvn clean package -Dmaven.test.skip=true'
sh 'ls'
}
}
}
stage('default-2') {
parallel {
stage('构建hospital-manage镜像,构建server-gateway镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t hospital-manage:latest -f hospital-manage/Dockerfile ./hospital-manage'
sh 'docker build -t server-gateway:latest -f server-gateway/Dockerfile ./server-gateway'
}
}
}
stage('构建service-cmn镜像,构建service-hosp镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-cmn:latest -f service/service-cmn/Dockerfile ./service/service-cmn'
sh 'docker build -t service-hosp:latest -f service/service-hosp/Dockerfile ./service/service-hosp'
}
}
}
stage('构建service-order镜像和构建service-oss镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-order:latest -f service/service-order/Dockerfile ./service/service-order'
sh 'docker build -t service-oss:latest -f service/service-oss/Dockerfile ./service/service-oss'
}
}
}
stage('构建service-sms镜像和构建service-task镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-sms:latest -f service/service-sms/Dockerfile ./service/service-sms'
sh 'docker build -t service-task:latest -f service/service-task/Dockerfile ./service/service-task'
}
}
}
stage('构建service-statistics和构建service-user镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-statistics:latest -f service/service-statistics/Dockerfile ./service/service-statistics'
sh 'docker build -t service-user:latest -f service/service-user/Dockerfile ./service/service-user'
}
}
}
}
}
stage('default-3') {
parallel {
stage('推送镜像01') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'harbor-id' ,passwordVariable : 'HARBOR_PASSWD_VAR' ,usernameVariable : 'HARBOR_NAME_VAR' ,)]) {
sh 'docker tag hospital-manage:latest $REGISTRY/$DOCKERHUB_NAMESPACE/hospital-manage:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag server-gateway:latest $REGISTRY/$DOCKERHUB_NAMESPACE/server-gateway:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-cmn:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-cmn:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-hosp:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-hosp:SNAPSHOT-$BUILD_NUMBER '
sh 'echo "$HARBOR_PASSWD_VAR" | docker login $REGISTRY -u "$HARBOR_NAME_VAR" --password-stdin'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/hospital-manage:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/server-gateway:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-cmn:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-hosp:SNAPSHOT-$BUILD_NUMBER '
}
}
}
}
stage('推送镜像02') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'harbor-id' ,passwordVariable : 'HARBOR_PASSWD_VAR' ,usernameVariable : 'HARBOR_NAME_VAR' ,)]) {
sh 'docker tag service-order:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-order:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-oss:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-oss:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-sms:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-sms:SNAPSHOT-$BUILD_NUMBER '
sh 'echo "$HARBOR_PASSWD_VAR" | docker login $REGISTRY -u "$HARBOR_NAME_VAR" --password-stdin'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-order:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-oss:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-sms:SNAPSHOT-$BUILD_NUMBER '
}
}
}
}
stage('推送镜像03') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'harbor-id' ,passwordVariable : 'HARBOR_PASSWD_VAR' ,usernameVariable : 'HARBOR_NAME_VAR' ,)]) {
sh 'docker tag service-statistics:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-statistics:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-task:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-task:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-user:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-user:SNAPSHOT-$BUILD_NUMBER '
sh 'echo "$HARBOR_PASSWD_VAR" | docker login $REGISTRY -u "$HARBOR_NAME_VAR" --password-stdin'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-statistics:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-task:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-user:SNAPSHOT-$BUILD_NUMBER '
}
}
}
}
}
}
stage('测试安装k8s') {
agent none
steps {
container('maven') {
withCredentials([
kubeconfigFile(
credentialsId: env.KUBECONFIG_CREDENTIAL_ID,
variable: 'KUBECONFIG')
]) {
sh 'envsubst < rw.yaml | kubectl apply -f -'
}
}
}
}
}
environment {
DOCKER_CREDENTIAL_ID = 'dockerhub-id'
GITHUB_CREDENTIAL_ID = 'github-id'
KUBECONFIG_CREDENTIAL_ID = 'demo-kubeconfig'
REGISTRY = '192.168.1.220:30012'
DOCKERHUB_NAMESPACE = 'yygh-parent'
ALIYUNHUB_NAMESPACE = 'yygh-parent'
GITHUB_ACCOUNT = 'kubesphere'
APP_NAME = 'devops-java-sample'
}
parameters {
string(name: 'TAG_NAME', defaultValue: '', description: '')
}
}
#helm upgrade --install sonarqube sonarqube --repo https://charts.kubesphere.io/main -n kubesphere-devops-system --create-namespace --set service.type=NodePort
helm upgrade --install sonarqube sonarqube --repo https://charts.kubesphere.io/main -n kubesphere-devops-system --create-namespace --set image.tag=7.9.2-community --set service.type=NodePort
#卸载
helm uninstall sonarqube sonarqube -n kubesphere-devops-system
kubectl -n kubesphere-devops-system get po |grep sonarqube
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services sonarqube-sonarqube)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
2.您可以获得如下输出(本示例中端口号为 31859,可能与您的端口号不同):
http://192.168.1.220:31741
备注
取决于您的实例的部署位置,您可能需要设置必要的端口转发规则,并在您的安全组中放行该端口,以便访问 SonarQube
3.点击 Generate 并复制此令牌
5fafd3af59a2092e1b8ae780e0ee4b4c95206ab4
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services devops-jenkins)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT/sonarqube-webhook/
http://192.168.1.220:30180/sonarqube-webhook/
kubectl edit cc -n kubesphere-system ks-installer
devops:
enabled: true
jenkinsJavaOpts_MaxRAM: 2g
jenkinsJavaOpts_Xms: 512m
jenkinsJavaOpts_Xmx: 512m
jenkinsMemoryLim: 2Gi
jenkinsMemoryReq: 1500Mi
jenkinsVolumeSize: 8Gi
sonarqube: # Add this field manually.
externalSonarUrl: http://192.168.1.220:31880 # The SonarQube IP address.
externalSonarToken: c08f7235dc1413fc2e3d7922ce5031750843a403 # The SonarQube admin token created above.
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services devops-jenkins)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
http://192.168.1.220:30180
您需要指定 sonarqubeURL,以便可以直接从 KubeSphere 控制台访问 SonarQube。
kubectl edit cm -n kubesphere-system ks-console-config
client:
enableKubeConfig: true
devops: # 手动添加该字段。
sonarqubeURL: http://192.168.1.220:31880 # SonarQube IP 地址。
执行以下命令。
kubectl -n kubesphere-devops-system rollout restart deploy devops-apiserver
kubectl -n kubesphere-system rollout restart deploy ks-console
您需要一个 SonarQube 令牌,以便您的流水线可以在运行时与 SonarQube 通信。
2.输入项目密钥,例如 java-demo,然后点击 Set Up。
3.输入项目名称,例如 java-sample,然后点击 Generate。
5.分别选择 Java 和 Maven。复制下图所示绿色框中的序列号,如果要在流水线中使用,则需要在凭证中添加此序列号。
mvn sonar:sonar \
-Dsonar.projectKey=java-demo \
-Dsonar.host.url=http://192.168.1.220:31741 \
-Dsonar.login=72c013fa48a3c6237a5af67cedc5f7aa73a8f462
https://www.kubesphere.io/zh/docs/v3.3/devops-user-guide/how-to-use/pipelines/create-a-pipeline-using-graphical-editing-panel/
- name: kubernetes.request.timeout
value: '60000'
- name: EMAIL_SMTP_HOST
value: smtp.qq.com
- name: EMAIL_SMTP_PORT
value: '465'
- name: EMAIL_USE_SSL
value: 'true'
- name: EMAIL_FROM_NAME
value: KubeSphere
- name: EMAIL_FROM_ADDR
value: [email protected]
- name: EMAIL_FROM_PASS
value: xxxhvbtqgnhjbdfh
环境变量名称 | 描述信息 |
---|---|
EMAIL_SMTP_HOST | SMTP 服务器地址 |
EMAIL_SMTP_PORT | SMTP 服务器端口(如:25) |
EMAIL_FROM_ADDR | 电子邮件发件人地址 |
EMAIL_FROM_NAME | 电子邮件发件人姓名 |
EMAIL_FROM_PASS | 电子邮件发件人密码 |
EMAIL_USE_SSL | 是否启用 SSL 配置 |
pipeline {
agent {
node {
label 'maven'
}
}
stages {
stage('拉取镜像') {
agent none
steps {
container('maven') {
git(credentialsId: 'gitee-id', url: 'https://gitee.com/rw001/yygh-parent.git', branch: 'master', changelog: true, poll: false)
}
}
}
stage('项目编译') {
agent none
steps {
container('maven') {
sh 'mvn clean package -Dmaven.test.skip=true'
sh 'ls'
}
}
}
stage('代码质量检测') {
agent none
steps {
container('maven') {
withCredentials([string(credentialsId : 'sonar-token' ,variable : 'SONAR_TOKEN' ,)]) {
withSonarQubeEnv('sonar') {
sh '''mvn sonar:sonar -Dsonar.login=$SONAR_TOKEN
'''
}
}
}
}
}
stage('default-2') {
parallel {
stage('构建hospital-manage镜像,构建server-gateway镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t hospital-manage:latest -f hospital-manage/Dockerfile ./hospital-manage'
sh 'docker build -t server-gateway:latest -f server-gateway/Dockerfile ./server-gateway'
}
}
}
stage('构建service-cmn镜像,构建service-hosp镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-cmn:latest -f service/service-cmn/Dockerfile ./service/service-cmn'
sh 'docker build -t service-hosp:latest -f service/service-hosp/Dockerfile ./service/service-hosp'
}
}
}
stage('构建service-order镜像和构建service-oss镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-order:latest -f service/service-order/Dockerfile ./service/service-order'
sh 'docker build -t service-oss:latest -f service/service-oss/Dockerfile ./service/service-oss'
}
}
}
stage('构建service-sms镜像和构建service-task镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-sms:latest -f service/service-sms/Dockerfile ./service/service-sms'
sh 'docker build -t service-task:latest -f service/service-task/Dockerfile ./service/service-task'
}
}
}
stage('构建service-statistics和构建service-user镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-statistics:latest -f service/service-statistics/Dockerfile ./service/service-statistics'
sh 'docker build -t service-user:latest -f service/service-user/Dockerfile ./service/service-user'
}
}
}
}
}
stage('default-3') {
parallel {
stage('推送镜像01') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'harbor-id' ,passwordVariable : 'HARBOR_PASSWD_VAR' ,usernameVariable : 'HARBOR_NAME_VAR' ,)]) {
sh 'docker tag hospital-manage:latest $REGISTRY/$DOCKERHUB_NAMESPACE/hospital-manage:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag server-gateway:latest $REGISTRY/$DOCKERHUB_NAMESPACE/server-gateway:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-cmn:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-cmn:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-hosp:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-hosp:SNAPSHOT-$BUILD_NUMBER '
sh 'echo "$HARBOR_PASSWD_VAR" | docker login $REGISTRY -u "$HARBOR_NAME_VAR" --password-stdin'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/hospital-manage:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/server-gateway:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-cmn:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-hosp:SNAPSHOT-$BUILD_NUMBER '
}
}
}
}
stage('推送镜像02') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'harbor-id' ,passwordVariable : 'HARBOR_PASSWD_VAR' ,usernameVariable : 'HARBOR_NAME_VAR' ,)]) {
sh 'docker tag service-order:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-order:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-oss:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-oss:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-sms:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-sms:SNAPSHOT-$BUILD_NUMBER '
sh 'echo "$HARBOR_PASSWD_VAR" | docker login $REGISTRY -u "$HARBOR_NAME_VAR" --password-stdin'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-order:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-oss:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-sms:SNAPSHOT-$BUILD_NUMBER '
}
}
}
}
stage('推送镜像03') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'harbor-id' ,passwordVariable : 'HARBOR_PASSWD_VAR' ,usernameVariable : 'HARBOR_NAME_VAR' ,)]) {
sh 'docker tag service-statistics:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-statistics:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-task:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-task:SNAPSHOT-$BUILD_NUMBER '
sh 'docker tag service-user:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-user:SNAPSHOT-$BUILD_NUMBER '
sh 'echo "$HARBOR_PASSWD_VAR" | docker login $REGISTRY -u "$HARBOR_NAME_VAR" --password-stdin'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-statistics:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-task:SNAPSHOT-$BUILD_NUMBER '
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-user:SNAPSHOT-$BUILD_NUMBER '
}
}
}
}
}
}
stage('k8s部署') {
agent none
steps {
container('maven') {
withCredentials([
kubeconfigFile(
credentialsId: env.KUBECONFIG_CREDENTIAL_ID,
variable: 'KUBECONFIG')
]) {
sh 'envsubst < rw.yaml | kubectl apply -f -'
sh 'kubectl -n his rollout restart deployment nginx-deployment1'
mail(to: '[email protected]', subject: '部署成功', body: '部署成功')
}
}
}
}
}
environment {
DOCKER_CREDENTIAL_ID = 'dockerhub-id'
GITHUB_CREDENTIAL_ID = 'github-id'
KUBECONFIG_CREDENTIAL_ID = 'demo-kubeconfig'
REGISTRY = '192.168.1.220:30012'
DOCKERHUB_NAMESPACE = 'yygh-parent'
ALIYUNHUB_NAMESPACE = 'yygh-parent'
GITHUB_ACCOUNT = 'kubesphere'
APP_NAME = 'devops-java-sample'
}
parameters {
string(name: 'TAG_NAME', defaultValue: '', description: '')
}
}
名称- his-nginx-下一步
NGINX镜像–使用默认端口-同步主机时区-(对钩)-下一步-下一步
镜像推荐自己制作,方便测试
192.168.1.220:30012/k8s/my_nginx:v1
镜像参考
#1、编写DockerFile
mkdir /opt/my_nginx_dockerfile
cd /opt/my_nginx_dockerfile
cat >/opt/my_nginx_dockerfile/Dockerfile << 'EOF'
FROM nginx
RUN echo "nginx v2 version" >/usr/share/nginx/html/index.html
EOF
#2、编译镜像
docker build -t 192.168.1.220:30012/k8s/my_nginx:v2 .
#3、登陆镜像
docker login -u admin -p Harbor12345 192.168.1.220:30012
#4、推送至仓库
docker push 192.168.1.220:30012/k8s/my_nginx:v2
[root@k8s-master01 ~]# for i in `seq 10`;do curl -s 192.168.1.220:31882;done
nginx v1 version
nginx v2 version
nginx v1 version
nginx v2 version
nginx v1 version
nginx v2 version
nginx v1 version
nginx v2 version
nginx v1 version
nginx v2 version
参考网站:
【云原生Java架构师的第一课K8s+Docker+KubeSphere+DevOps】https://www.bilibili.com/video/BV13Q4y1C7hS?p=85&vd_source=2d34fd2352ae451c4f6d4cb20707e169