一、系统环境
|
IP |
角色 |
主机名 |
Pod |
| 192.168.2.198 |
Master |
k8s-master1 |
无 |
| 192.168.2.199 |
Master |
k8s-master2 |
无 |
| 192.168.2.200 |
Master |
k8s-master3 |
无 |
| 192.168.2.195 |
Node |
k8s-node1 |
Jenkins |
| 192.168.2.196 |
Node |
k8s-node2 |
Jenkins |
| 192.168.2.197 |
Node |
k8s-node3 |
Jenkins |
| 192.168.2.201 |
NFS |
k8s-nfs |
无 |
注:本教程使用kubernetes v1.27.6版本,其他版本请自行测试。
二、部署NFS
1、安装NFS
[root@k8s-nfs ~]# yum -y install rpcbind nfs-utils
2、创建共享目录
[root@k8s-nfs ~]# mkdir -p /data/jenkins
3、配置exports
[root@k8s-nfs ~]# cat >>/etc/exports <<EOF
/data/jenkins 192.168.2.0/24(rw,no_root_squash,no_all_squash,sync)
EOF
4、启动rpcbind、nfs服务
[root@k8s-nfs ~]# systemctl start rpcbind
[root@k8s-nfs ~]# systemctl start nfs
[root@k8s-nfs ~]# systemctl enable rpcbind
[root@k8s-nfs ~]# systemctl enable nfs
5、查看共享目录
[root@k8s-nfs ~]# showmount -e 192.168.2.201
Export list for 192.168.2.201:
/data/jenkins 192.168.2.0/24
三、创建StorageClass、Namespace
1、创建StorageClass
[root@k8s-master1 ~]# mkdir kube-devops && cd kube-devops
[root@k8s-master1 kube-devops]# vim kube-devops-storageclass.yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: devops-storage
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer
[root@k8s-master1 kube-devops]# kubectl apply -f kube-devops-storageclass.yaml
storageclass.storage.k8s.io/devops-storage created
2、创建Namespace
[root@k8s-master1 kube-devops]# vim kube-devops-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: kube-devops
labels:
app: devops
[root@k8s-master1 kube-devops]# kubectl apply -f kube-devops-namespace.yaml
namespace/kube-devops created
3、Node节点安装nfs-utils
[root@k8s-node1 ~]# yum -y install nfs-utils
[root@k8s-node2 ~]# yum -y install nfs-utils
[root@k8s-node3 ~]# yum -y install nfs-utils
四、部署Jenkins
1、创建PV、PVC
[root@k8s-master1 kube-devops]# vim kube-devops-nfs.yaml
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-pv
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Delete
nfs:
server: 192.168.2.201
path: /data/jenkins
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-pvc
namespace: kube-devops
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
[root@k8s-master1 kube-devops]# kubectl apply -f kube-devops-nfs.yaml
persistentvolume/jenkins-pv unchanged
persistentvolumeclaim/jenkins-pvc created
2、创建角色授权
[root@k8s-master1 kube-devops]# vim kube-devops-rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins-admin
namespace: kube-devops
labels:
name: jenkins
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jenkins-admin
labels:
name: jenkins
subjects:
- kind: ServiceAccount
name: jenkins-admin
namespace: kube-devops
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
[root@k8s-master1 kube-devops]# kubectl apply -f kube-devops-rbac.yaml
serviceaccount/jenkins-admin created
clusterrolebinding.rbac.authorization.k8s.io/jenkins-admin created
3、创建Deployment
[root@k8s-master1 kube-devops]# vim kube-devops-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
namespace: kube-devops
labels:
app: jenkins
spec:
selector:
matchLabels:
app: jenkins
replicas: 1
template:
metadata:
labels:
app: jenkins
spec:
serviceAccountName: jenkins-admin
containers:
- name: jenkins
image: jenkins/jenkins:lts
securityContext:
runAsUser: 0
privileged: true
ports:
- name: http
containerPort: 8080
- name: jnlp
containerPort: 50000
resources:
limits:
memory: 2Gi
cpu: "1000m"
requests:
memory: 1Gi
cpu: "500m"
env:
- name: LIMITS_MEMORY
valueFrom:
resourceFieldRef:
resource: limits.memory
divisor: 1Mi
- name: "JAVA_OPTS"
value: "
-Xmx$(LIMITS_MEMORY)m
-XshowSettings:vm
-Dhudson.slaves.NodeProvisioner.initialDelay=0
-Dhudson.slaves.NodeProvisioner.MARGIN=50
-Dhudson.slaves.NodeProvisioner.MARGIN0=0.85
-Duser.timezone=Asia/Shanghai
"
volumeMounts:
- name: data
mountPath: /var/jenkins_home
volumes:
- name: data
persistentVolumeClaim:
claimName: jenkins-pvc
[root@k8s-master1 kube-devops]# kubectl apply -f kube-devops-deployment.yaml
deployment.apps/jenkins created
4、创建Service
[root@k8s-master1 kube-devops]# vim kube-devops-service.yaml
apiVersion: v1
kind: Service
metadata:
name: jenkins
namespace: kube-devops
labels:
app: jenkins
spec:
type: NodePort
ports:
- name: http
port: 8080
targetPort: 8080
nodePort: 32001
- name: jnlp
port: 50000
targetPort: 50000
nodePort: 32002
selector:
app: jenkins
[root@k8s-master1 kube-devops]# kubectl apply -f kube-devops-service.yaml
service/jenkins created
5、查看Pod和Service
[root@k8s-master1 kube-devops]# kubectl get pod,svc -n kube-devops
6、访问Jenkins
1)浏览器输入http://192.168.2.198:32001,如下图所示
2)获取Jenkins初始化生成密码
[root@k8s-master1 kube-devops]# kubectl logs -n kube-devops jenkins-6dd7dddb8-kkgr9
3)登录Jenkins
4)安装推荐插件
5)使用admin登录
6)实例配置
7)进入Jenkins界面
8)修改密码
9)重启Jenkins加载中文插件
# 浏览器输入http://192.168.2.198:32001,如下图所示
10)使用新密码重新登录Jenkins
五、部署CI/CD
# 这里采用脚本部署,也可以在Jenkins上安装Kubernetes插件
1、Pipeline简介
Pipeline,简单来说,就是一套运行在Jenkins上的工作流框架,将原来独立运行于单个或者多个节点的任务连接起来,实现单个任务难以完成的复杂流程编排和可视化的工作。
Jenkins Pipeline有几个核心概念:
- Node:节点,一个Node就是一个Jenkins节点,Master或者Agent,是执行Step的具体运行环境,比如我们之前动态运行的Jenkins Slave就是一个Node节点
- Stage:阶段,一个Pipeline可以划分为若干个Stage,每个Stage代表一组操作,比如:Build、Test、Deploy,Stage 是一个逻辑分组的概念,可以跨多个Node
- Step:步骤,Step是最基本的操作单元,可以是打印一句话,也可以是构建一个Docker镜像,由各类Jenkins插件提供,比如命令:sh 'make',就相当于我们平时shell终端中执行make命令一样。
Pipeline的使用:
- Pipeline脚本是由Groovy语言实现的
- Pipeline支持两种语法:Declarative(声明式)和Scripted Pipeline(脚本式)语法
- Pipeline也有两种创建方法:可以直接在Jenkins的Web UI界面中输入脚本;也可以通过创建一个Jenkinsfile脚本文件放入项目源码库中
- 一般我们都推荐在Jenkins中直接从源代码控制(SCMD)中直接载入 Jenkinsfile Pipeline这种方法
2、创建Pipeline任务
脚本内容:
node {
stage('Clone') {
echo "1.Clone Stage"
}
stage('Test') {
echo "2.Test Stage"
}
stage('Build') {
echo "3.Build Stage"
}
stage('Deploy') {
echo "4. Deploy Stage"
}
}
3、执行Pipeline任务
# 构建结果,如下图
4、部署完整应用
部署应用的流程如下:
1)拉取代码
2)编译打包
3)编写Dockerfile
4)构建Docker镜像
5)推送Docker镜像到镜像仓库
6)编写Kubernetes YAML文件
7)更改yaml文件中Docker镜像tag号
8)执行kubectl工具部署应用
9)测试人员验证
10)完整应用部署流程,如下图所示
- 微信号
- 微信扫一扫加我!
-
- 微信公众号
- 微信扫一扫关注我!
-
评论