關於如何使用Jenkins+Gitlab實現可CI/CD,在此就不多做介紹了,本篇博文主要介紹Jenkins+Gitlab針對kubernetes集羣實現CI/CD。由於Kubernetes近年來的火爆程度,掌握這項技能已經變得尤爲重要!
一、環境準備
系統 | 主機名 | IP地址 | 所運行的服務 |
---|---|---|---|
Centos 7 | master | 192.168.1.1 | K8s集羣的master節點 |
Centos 7 | node01 | 192.168.1.2 | K8s集羣的node節點 |
Centos 7 | docker | 192.168.1.4 | Docker |
- K8s集羣主要用於運行一個Nginx運行容器,模擬線上環境;
- master節點主要用於運行registry私有倉庫;
- docker服務器運行Jenkins與Gitlab服務;
- 上述三臺服務器全部加入registry私有倉庫;
部署環境所需任何軟件包,都可從以下鏈接中獲取!
鏈接:https://pan.baidu.com/s/1pb4ZShK5MBxIj6xN-hMmoA
提取碼:k66s
二、部署registry私有倉庫
其實registry私有倉庫在任何一臺機器上部署都可以,這裏就直接在master節點上部署了!
[root@master ~]# docker run -d --restart=always -p 5000:5000 registry:2
[root@master ~]# vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.1:5000
[root@master ~]# scp /usr/lib/systemd/system/docker.service 192.168.1.2:/usr/lib/systemd/system/docker.service
[root@master ~]# scp /usr/lib/systemd/system/docker.service 192.168.1.4:/usr/lib/systemd/system/docker.service
[root@master ~]# systemctl daemon-reload && systemctl restart docker
[root@node01 ~]# systemctl daemon-reload && systemctl restart docker
[root@docker ~]# systemctl daemon-reload && systemctl restart docker
三、master節點運行nginx容器
[root@master ~]# docker tag nginx:latest 192.168.1.1:5000/nginx:v1
[root@master ~]# docker push 192.168.1.1:5000/nginx:v1
[root@master ~]# vim nginx.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx
spec:
replicas: 2
template:
metadata:
labels:
name: nginx
spec:
containers:
- name: nginx
image: 192.168.1.1:5000/nginx:v1
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
labels:
name: nginx
name: nginx
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
nodePort: 31234
selector:
name: nginx
[root@master ~]# kubectl apply -f nginx.yaml
[root@master ~]# kubectl get pod,svc | grep nginx
pod/nginx-64dfdff6cd-q24qn 1/1 Running 0 105s
pod/nginx-64dfdff6cd-vj9hm 1/1 Running 0 105s
service/nginx NodePort 10.97.11.24 <none> 80:31234/TCP 105s
客戶端訪問測試:
四、部署Jenkins服務
在部署Jenkins服務之前需部署Tomcat服務,本次部署Jenkins採用war包的形式進行部署!
[root@docker ~]# tar zxf jdk-8u231-linux-x64.tar.gz
[root@docker ~]# mv jdk1.8.0_231/ /usr/java
[root@docker ~]# vim /etc/profile #末尾寫入
export JAVA_HOME=/usr/java
export JRE_HOME=/usr/java/jre
export PATH=$JAVA_HOME/bin:$JRE_HOME/bin:$PATH
export CLASSPATH=$JAVA_HOME/lib/tools.jar:$JAVA_HOME/lib/dt.jar
[root@docker ~]# source /etc/profile
[root@docker ~]# java -version
java version "1.8.0_231"
Java(TM) SE Runtime Environment (build 1.8.0_231-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.231-b11, mixed mode)
[root@docker ~]# wget http://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-9/v9.0.31/bin/apache-tomcat-9.0.31.tar.gz
[root@docker ~]# tar zxf apache-tomcat-9.0.31.tar.gz
[root@docker ~]# mv apache-tomcat-9.0.31 /usr/tomcat9
[root@docker ~]# cd /usr/tomcat9/webapps/
[root@docker webapps]# mv * /tmp
[root@docker webapps]# wget http://mirrors.jenkins.io/war-stable/latest/jenkins.war
[root@docker webapps]# vim /usr/tomcat9/conf/server.xml
69 <Connector port="8080" protocol="HTTP/1.1"
70 connectionTimeout="20000"
71 redirectPort="8443" URIEncoding="UTF-8" />
#在8443後添加URIEncoding="UTF-8",使tomcat支持utf-8字符集
[root@docker webapps]# cd /usr/tomcat9/bin/
[root@docker bin]# vim catalina.sh
1 #!/bin/sh
2 export CATALINA_OPTS="-DJENKINS_HOME=/data/jenkins"
3 export JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Dhudson.ClassicPluginStrategy.noBytecodeTransformer=true"
#這兩行特別重要,注意不要填寫錯誤!
[root@docker bin]# ./catalina.sh start
#啓動tomcat,tomcat自動解壓war包,也就是說jenkins也就啓動了
[root@docker bin]# netstat -antp | grep 8080
tcp6 0 0 :::8080 :::* LISTEN 3303/java
五、配置Jenkins
1)配置Jenkins web界面
注意訪問的是Jenkins服務器的IP地址+8080端口+jenkins目錄!
自行根據提示查看密碼並粘貼到相應位置,如下,查看密碼:
[root@docker bin]# cat /data/jenkins/secrets/initialAdminPassword
d2bc124dfcb44fc4bac0df7427f7b8c9
由於跳過了插件安裝,所以需要使用網盤中提供的插件目錄——plugins.tar.gz!
2)配置所需插件
[root@docker ~]# mv /data/jenkins/plugins/ /tmp/
[root@docker ~]# tar zxf plugins.tar.gz -C /data/jenkins/
[root@docker ~]# /usr/tomcat9/bin/catalina.sh stop
[root@docker ~]# /usr/tomcat9/bin/catalina.sh start
六、部署Gitlab服務
[root@docker ~]# yum -y install epel-release curl openssh-server openssh-clients postfix cronie policycoreutils-python patch
[root@docker ~]# wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-12.3.5-ce.0.el7.x86_64.rpm
[root@docker ~]# yum -y localinstall gitlab-ce-12.3.5-ce.0.el7.x86_64.rpm
[root@docker ~]# vim /etc/gitlab/gitlab.rb
external_url 'http://192.168.1.4:90'
unicorn['listen'] = '192.168.1.4' #本機IP
unicorn['port'] = 3000
[root@docker ~]# gitlab-ctl reconfigure
[root@docker ~]# gitlab-ctl start
由於gitlab的操作過於簡單,這裏就不截圖說明了,訪問gitlab服務器的IP地址+90端口,配置gitlab服務器可以免密登錄gitlab,創建一個倉庫,保證可以克隆到本地即可!
[root@docker ~]# git clone [email protected]:root/test.git
[root@docker ~]# ls -d test
test
七、配置Jenkins創建一個任務
#!/bin/bash
backupcode="/data/backcode/$JOB_NAME/$BUILD_NUMBER" #這裏引用了Jenkins的默認變量
mkdir -p $backupcode
chmod 644 "$JENKINS_HOME"/workspace/"$JOB_NAME"/*
rsync -acP "$JENKINS_HOME"/workspace/"$JOB_NAME"/* $backupcode
echo From 192.168.1.1:5000/nginx:v1 > "$JENKINS_HOME"/workspace/Dockerfile
echo COPY ./"$JOB_NAME"/* /usr/share/nginx/html/ >> "$JENKINS_HOME"/workspace/Dockerfile
docker rmi 192.168.1.1:5000/nginx:v1
docker build -t 192.168.1.1:5000/nginx:v2 /"$JENKINS_HOME"/workspace/.
docker push 192.168.1.1:5000/nginx:v2
ssh [email protected] sed -i 's/nginx:v1/nginx:v2/g' /root/nginx.yaml
ssh [email protected] kubectl delete deployment nginx
ssh [email protected] kubectl apply -f /root/nginx.yaml
#腳本中最後三行的IP地址是K8s集羣的master節點
#除此之外的IP地址則是registry私有倉庫的IP地址
腳本內容編寫完成之後,先不要着急保存!還需進行以下配置:
腳本中涉及登錄到K8s的master節點,所以要配置免密登錄!
[root@docker ~]# ssh-copy-id [email protected]
八、開啓Jenkins的匿名訪問權限
九、Gitlab開啓允許向自己發送web hook
十、測試持續CI/CD效果
1)在gitlab服務器上進行版本更新迭代測試
[root@docker ~]# cd test/
[root@docker test]# git config --global user.name "test"
[root@docker test]# git config --global user.email "[email protected]"
[root@docker test]# echo "hello world" > index.html
[root@docker test]# git add .
[root@docker test]# git commit -m "test CI/CD"
[root@docker test]# git push origin master
上述操作完成之後,需在Jenkins頁面進行構建操作:
構建完成後,訪問nginx便是我們提交到gitlab的代碼信息!