通过jenkins交付微服务到kubernetes(12)

这个jenkins-slave是一个脚本主要来启动这个slave.jar,那么这个还需
要一个docker环境,本身这个pod就是以docker container启动的,那么这个pod也就可以做数据卷挂载了,因为这个pod是在每个node上去启动的,每个node上都有docker,那么直接就可以把每个node上的docker挂载到容器中就可以了,所以这就用到了一个docker in docker,这个容器里面又有了一个docker的环境,所以我们需要写数据卷将它挂载进来,还有kubectl这个命名,一般主要来查看pod的一些状态,而且使用这个命令来完成k8s的各种各样的操作,但是需要它这个命令,只需要它连接k8s的认证信息,因为k8s有它的鉴权
现在将这个镜像打包成镜像推送到镜像仓库中

[root@k8s-master1 jenkins-slave]# cat Dockerfile FROM centos:7 RUN yum install -y java-1.8.0-openjdk maven curl git libtool-ltdl-devel && \ yum clean all && \ rm -rf /var/cache/yum/* && \ mkdir -p /usr/share/jenkins COPY slave.jar /usr/share/jenkins/slave.jar COPY jenkins-slave /usr/bin/jenkins-slave COPY settings.xml /etc/maven/settings.xml RUN chmod +x /usr/bin/jenkins-slave COPY helm kubectl /usr/bin/ ENTRYPOINT ["jenkins-slave"]

构建镜像的时候可以直接写harbor的地址加镜像的名称,这样直接可以push,不然构建完还得打个tag

[root@k8s-master jenkins-slave]# docker build . -t 192.168.30.27/library/jenkins-slave:jdk-1.8 [root@k8s-master jenkins-slave]# docker push 192.168.30.27/library/jenkins-slave

查看仓库已经将镜像推送成功

通过jenkins交付微服务到kubernetes

现在就可以去测试能不能动态的去创建jenkins-slave,需要将pipeline这个脚本能去调用刚才我们配置的k8s的插件
jenkins官方地址给出了相关的pipeline调用k8s的插件的用法
github地址:https://plugins.jenkins.io/kubernetes

七、基于kubernetes构建jenkins ci系统
现在去动态的在pipeline去引用并创建一个slave的镜像,使用pipeline在k8s去运行这个pod,然后将这个pod发布我们的任务,刚才我们是先安装的插件,以对jenkins可以实现slave的代理,可以正常去交互,又制作了我们的slave的镜像,将java所需的配置也都封装在这个slave里面这样的话,我们就可以采用这个slave来完成下发的任务了,而master只作为一个管理节点给他们下发任务到slave上
这就是我们的pipeline,现在目前是可以使用我们这个slave这个镜像来发布任务

安装pipeline插件

pipeline { agent { kubernetes { label 'jenkins-slave' yaml """ apiVersion: v1 kind: Pod metadata: name: jenkins-slave spec: containers: - name: jnlp image: "192.168.30.27/library/jenkins-slave:jdk-1.8" """ } } stages { stage('Build') { steps { echo "hello" } } stage('test') { steps { echo "hello" } } stage('deploy') { steps { echo "hello" } } } }

通过jenkins交付微服务到kubernetes


现在可以在jenkins中动态的去创建pod,只有有下发任务的时候才去创建pod,而jenkins-master只负责任务调度,slave来做任务处理来节省资源,当任务完成之后,这个slave-pod也会自动的销毁
[root@k8s-master1 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
jenkins-7d5fbd857d-6tgdj 1/1 Running 0 23m
jenkins-slave-gdtqz-p17b1 1/1 Running 0 40s

八、pipeline集成helm发布spring cloud微服务

通过jenkins交付微服务到kubernetes


现在编写这个pipeline脚本来实现自动化发布微服务

#!/usr/bin/env groovy // 所需插件: Git Parameter/Git/Pipeline/Config File Provider/kubernetes/Extended Choice Parameter // 公共 def registry = "192.168.30.27" // 项目 def project = "microservice" def git_url = "http://192.168.30.28/root/ms.git" def gateway_domain_name = "gateway.zhaocheng.com" def portal_domain_name = "portal.zhaochengr.com" // 认证 def image_pull_secret = "registry-pull-secret" def harbor_registry_auth = "e5402e52-7dd0-4daf-8d21-c4aa6e47736b" def git_auth = "a65680b4-0bf7-418f-a77e-f20778f9e737" // ConfigFileProvider ID def k8s_auth = "7ee65e53-a559-4c52-8b88-c968a637051e" pipeline { agent { kubernetes { label "jenkins-slave" yaml """ kind: Pod metadata: name: jenkins-slave spec: containers: - name: jnlp image: "${registry}/library/jenkins-slave-jdk:1.8" imagePullPolicy: Always volumeMounts: - name: docker-cmd mountPath: /usr/bin/docker - name: docker-sock mountPath: /var/run/docker.sock - name: maven-cache mountPath: /root/.m2 volumes: - name: docker-cmd hostPath: path: /usr/bin/docker - name: docker-sock hostPath: path: /var/run/docker.sock - name: maven-cache hostPath: path: /tmp/m2 """ } } parameters { gitParameter branch: '', branchFilter: '.*', defaultValue: '', description: '选择发布的分支', name: 'Branch', quickFilterEnabled: false, selectedValue: 'NONE', sortMode: 'NONE', tagFilter: '*', type: 'PT_BRANCH' extendedChoice defaultValue: 'none', description: '选择发布的微服务', \ multiSelectDelimiter: ',', name: 'Service', type: 'PT_CHECKBOX', \ value: 'gateway-service:9999,portal-service:8080,product-service:8010,order-service:8020,stock-service:8030' choice (choices: ['ms', 'demo'], description: '部署模板', name: 'Template') choice (choices: ['1', '3', '5', '7'], description: '副本数', name: 'ReplicaCount') choice (choices: ['ms'], description: '命名空间', name: 'Namespace') } stages { stage('拉取代码'){ steps { checkout([$class: 'GitSCM', branches: [[name: "${params.Branch}"]], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_url}"]] ]) } } stage('代码编译') { // 编译指定服务 steps { sh """ mvn clean package -Dmaven.test.skip=true """ } } stage('构建镜像') { steps { withCredentials([usernamePassword(credentialsId: "${harbor_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) { sh """ docker login -u ${username} -p '${password}' ${registry} for service in \$(echo ${Service} |sed 's/,/ /g'); do service_name=\${service%:*} image_name=${registry}/${project}/\${service_name}:${BUILD_NUMBER} cd \${service_name} if ls |grep biz &>/dev/null; then cd \${service_name}-biz fi docker build -t \${image_name} . docker push \${image_name} cd ${WORKSPACE} done """ configFileProvider([configFile(fileId: "${k8s_auth}", targetLocation: "admin.kubeconfig")]){ sh """ # 添加镜像拉取认证 kubectl create secret docker-registry ${image_pull_secret} --docker-username=${username} --docker-password=${password} --docker-server=${registry} -n ${Namespace} --kubeconfig admin.kubeconfig |true # 添加私有chart仓库 helm repo add --username ${username} --password ${password} myrepo ${registry}/chartrepo/${project} """ } } } } stage('Helm部署到K8S') { steps { sh """ common_args="-n ${Namespace} --kubeconfig admin.kubeconfig" for service in \$(echo ${Service} |sed 's/,/ /g'); do service_name=\${service%:*} service_port=\${service#*:} image=${registry}/${project}/\${service_name} tag=${BUILD_NUMBER} helm_args="\${service_name} --set image.repository=\${image} --set image.tag=\${tag} --set replicaCount=${replicaCount} --set imagePullSecrets[0].name=${image_pull_secret} --set service.targetPort=\${service_port} myrepo/${Template}" # 判断是否为新部署 if helm history \${service_name} \${common_args} &>/dev/null;then action=upgrade else action=install fi # 针对服务启用ingress if [ \${service_name} == "gateway-service" ]; then helm \${action} \${helm_args} \ --set ingress.enabled=true \ --set ingress.host=${gateway_domain_name} \ \${common_args} elif [ \${service_name} == "portal-service" ]; then helm \${action} \${helm_args} \ --set ingress.enabled=true \ --set ingress.host=${portal_domain_name} \ \${common_args} else helm \${action} \${helm_args} \${common_args} fi done # 查看Pod状态 sleep 10 kubectl get pods \${common_args} """ } } } }

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/205c9d93803e5eb47c9e3dd7d0adc197.html