计算机系统应用教程网站

网站首页 > 技术文章 正文

Devops实践-JenkinsPipeline(MavenSonarqubeHarbor) k8s整合CICD

btikc 2024-09-03 11:40:52 技术文章 13 ℃ 0 评论

代码发布流程



1.git 提交代码

2.gitlab 存储代码

3.Jenkins pipeline 整合(maven编译代码->Sonarqube代码质量检测->经过代码质量检测后代码构建的容器镜像存到harbor镜像仓库),将写好的yaml文件传送到K8s master中执行

4.k8s apply -f yaml文件部署deployment

安装工具流程

1.准备服务器,使用虚拟机创建,一台Gitlab,一台Jenkins,一台k8s master,一台k8s worker

2.所有服务器IP设置,防火墙关闭,安装docker,docker-compose服务

3.在Gitlab服务器安装配置Gitlab

4.本地电脑使用IntelliJ IDEA Community Edition 2022.2.1进行代码开发,里面默认有git功能,准备好样例代码。

5.在Jenkins服务器安装配置JDK,Jenkins, Maven, Sonarqube,harbor

6.在二台k8s服务器部署k8s集群,图形化管理工具kuboard

7.测试验证

安装工具详细流程

1.准备服务器

所有服务器最小化安装centos7.9系统,打开 阿里云centos系统仓库

下载CentOS-7-x86_64-Minimal-2009.torrent,使用迅雷下载提高速度

#改主机名命令

hostnamectl set-hostname gitlab-126

hostnamectl set-hostname jenkins-127

hostnamectl set-hostname k8s-master-105

hostnamectl set-hostname k8s-node-106

2.服务器IP设置,4台服务器都设置对应的IP

[root@gitlab-126 ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens33

IPADDR="192.168.1.126"

PREFIX="24"

GATEWAY="192.168.1.1"

DNS1="180.76.76.76"

DNS2="114.114.114.114"

IPV6_PRIVACY="no"

#wq保存退出

[root@gitlab-126 ~]# systemctl restart network

服务器防火墙关闭,安装docker,docker-compose服务

#【关闭防火墙】

systemctl stop firewalld

systemctl disable firewalld

sed -i 's/enforcing/disabled/' /etc/selinux/config

setenforce 0

swapoff -a

#【安装docker服务】

sudo yum install -y yum-utils device-mapper-persistent-data lvm2

sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

sudo yum install docker-ce docker-ce-cli containerd.io

sudo systemctl start docker

sudo systemctl enable docker

#【安装docker-compose】

访问https://github.com/docker/compose/releases/tag/v2.10.1,选择docker-compose-linux-x86_64下载

访问github网速不稳定,可修改本地hosts文件

C:\Windows\System32\drivers\etc\hosts

20.205.243.166 github.com

185.199.111.153 assets-cdn.github.com

103.252.114.61 github.global.ssl.fastly.net

【将docker-compose安装包传送到gitlab-126,jenkins-127服务器,都执行如下命令】

[root@jenkins-127 ~]# mv docker-compose-linux-x86_64 docker-compose

[root@jenkins-127 ~]# echo $PATH

/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin

[root@jenkins-127 ~]# mv docker-compose /usr/bin/

[root@jenkins-127 ~]# docker-compose version

-bash: /usr/bin/docker-compose: Permission denied

[root@jenkins-127 ~]# chmod +x /usr/bin/docker-compose

[root@jenkins-127 ~]# ll /usr/bin/docker-compose

-rwxr-xr-x. 1 root root 25722880 Sep 10 01:14 /usr/bin/docker-compose

[root@jenkins-127 ~]# docker-compose version

Docker Compose version v2.10.1

3.在Gitlab-126服务器使用docker-compose安装配置Gitlab并启动

[root@gitlab-126 gitlab]# docker pull gitlab/gitlab-ce

[root@gitlab-126 CICD]# cd gitlab

[root@ gitlab-126 gitlab]# ls

docker-compose.yml

[root gitlab-126 gitlab]# vi docker-compose.yml

[root@gitlab-126 gitlab]# more docker-compose.yml

version: '3.1'

services:

gitlab:

image: 'gitlab/gitlab-ce:latest'

container_name: gitlab

restart: always

environment:

GITLAB_OMNIBUS_CONFIG: |

external_url 'http://192.168.1.127:8929'

gitlab_rails['gitlab_shell_ssh_port'] = 2224

ports:

- '8929:8929'

- '2224:2224'

volumes:

- './config:/etc/gitlab'

- './data:/var/opt/gitlab'


[root@gitlab-126 gitlab]# docker-compose up -d

[+] Running 2/2

? Network gitlab_default Created 0.2s

? Container gitlab Started

[root@gitlab-126 gitlab]# cd config/

[root@gitlab-126 config]# ls

gitlab.rb gitlab-secrets.json initial_root_password ssh_host_ecdsa_key ssh_host_ecdsa_key.pub ssh_host_ed25519_key ssh_host_ed25519_key.pub ssh_host_rsa_key ssh_host_rsa_key.pub trusted-certs

#查看登陆gitlab的默认密码,账号为root,访问http://192.168.1.127:8929,可以在perferences->password修改密码

[root@gitlab-126 config]# more initial_root_password

4.本地准备demo 代码

  • 访问https://start.spring.io/ ,生成一个demo jar.配置demo Metadata如下图,Dependencies选择Spriing Web
  • 解压,idea打开,添加ExampleController类,启动项目,127.0.0.1:8080/example
  • 本地电脑安装git

https://git-scm.com/download/win 下载安装

  • gitlab创建project用于存放code


本地idea打开Terminal,使用Clone with HTTP,查看Git clone命令

  • 输入Git命令

git init --initial-branch=main

git remote add origin http://192.168.1.126:8929/root/mydemo.git

git add .

git commit -m “Initial commit”

git push -u origin main

  • 上传代码

5.在Jenkins-127服务器安装配置JDK,Jenkins, Maven, Sonarqube,harbor

安装JDK8,安装包到oracle官网下载,需要注册一个oracle账号

[root@jenkins-127 ~]# tar -xzvf jdk-8u172-linux-x64.tar.gz -C /usr/local

1

#使用docker-compose安装Jenkins

#安装Jenkins2.361.1版本,访问https://hub.docker.com/r/jenkins/jenkins查找docker pull 命令

[root@jenkins-127 jenkins]# docker pull jenkins/jenkins:2.361.1-lts

[root@jenkins-127 jenkins]# chmod -R 777 data/

[root@jenkins-127 jenkins]# more docker-compose.yml

version: "3.1"

services:

jenkins:

image: jenkins/jenkins:2.361.1-lts

container_name: jenkins

ports:

- 8080:8080

- 50000:50000

volumes:

- ./data/:/var/jenkins_home/

[root@jenkins-127 jenkins]# docker-compose up -d

[root@jenkins-127 jenkins]# docker-compose restart

0cbbf91277df447da2ae2d3885875823

This may also be found at: /var/jenkins_home/secrets/initialAdminPassword

#Jenkins 更换国内源 安装插件飞快

修改/var/lib/jenkins/updates/default.json

google改为www.baidu.com即可

[root@jenkins-127 data]# more hudson.model.UpdateCenter.xml

<?xml version='1.1' encoding='UTF-8'?>

<sites>

<site>

<id>default</id>

<url>http://mirror.esuni.jp/jenkins/updates/update-center.json</url>

</site>

</sites>

#访问http://192.168.1.127:8080/pluginManager/advanced -->升级站点-》http://mirror.esuni.jp/jenkins/updates/update-center.json

[root@jenkins-127 data]# docker-compose up -d

  • 访问http://192.168.1.127:8080/manage/pluginManager/available 安装jenkins插件

git parameter

publish over ssh

  • 安装maven

访问https://maven.apache.org/download.cgi,下载apache-maven-3.8.6-bin.tar.gz

设置阿里云镜像库加快下载

设置JDK开启

[root@jenkins-127 ~]# tar -xzvf apache-maven-3.8.6-bin.tar.gz -C /usr/local

[root@jenkins-127 ~]# cd /usr/local

[root@jenkins-127 local]# ls

apache-maven-3.8.6 bin etc games include jdk1.8.0_172 lib lib64 libexec sbin share src

[root@jenkins-127 local]# mv jdk1.8.0_172/ jdk/

[root@jenkins-127 local]# mv apache-maven-3.8.6/ maven/

[root@jenkins-127 conf]# pwd

/usr/local/maven/conf

[root@jenkins-127 conf]# more settings.xml

<!-- 设置阿里云镜像库 -->

<mirror>

<id>nexus-aliyun</id>

<mirrorOf>*</mirrorOf>

<name>Nexus aliyun</name>

<url>http://maven.aliyun.com/nexus/content/groups/public</url>

</mirror>

<!-- maven配置settings.xml指定默认java8版本 -->

<profile>

<id>jdk18</id>

<activation>

<activeByDefault>true</activeByDefault>

<jdk>1.8</jdk>

</activation>

<properties>

<maven.compiler.source>1.8</maven.compiler.source>

<maven.compiler.target>1.8</maven.compiler.target>

<maven.compiler.compilerVersion>1.8</maven.compiler.compilerVersion>

</properties>

</profile>

<!-- 设置JDK开启 -->

<activeProfiles>

<activeProfile>jdk8</activeProfile>

</activeProfiles>

[root@jenkins-127 jenkins]# mv /usr/local/maven/ data/

[root@jenkins-127 jenkins]# mv /usr/local/jdk/ data/

使用docker-compose安装SonarQube

版本:SonarQube 8.9.9 LTS

[root@jenkins-127 sonarqube]# pwd

/CICD/sonarqube

[root@jenkins-127 ~]# docker pull sonarqube:8.9.9-community

[root@jenkins-127 sonarqube]# more docker-compose.yml

version: '3.1'

services:

db:

image: postgres

container_name: db

ports:

- 5432:5432

networks:

- sonarnet

environment:

POSTGRES_USER: sonar

POSTGRES_PASSWORD: sonar

sonarqube:

image: sonarqube:8.9.9-community

container_name: sonarqube

depends_on:

- db

ports:

- 9000:9000

networks:

- sonarnet

environment:

SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar

SONAR_JDBC_USERNAME: sonar

SONAR_JDBC_PASSWORD: sonar

networks:

sonarnet:

driver: bridge

[root@jenkins-127 sonarqube]# docker-compose up –d

#报错,修改参数再sysctl -p使其生效

bootstrap check failure [1] of [1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

[root@jenkins-127 sonarqube]# more /etc/sysctl.conf

# sysctl settings are defined through files in

# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.

#

# Vendors settings live in /usr/lib/sysctl.d/.

# To override a whole file, create a new file with the same in

# /etc/sysctl.d/ and put new settings there. To override

# only specific settings, add a file with a lexically later

# name in /etc/sysctl.d/ and put new settings there.

#

# For more information, see sysctl.conf(5) and sysctl.d(5).

vm.max_map_count=262144

[root@jenkins-127 sonarqube]# sysctl -p

访问SonarQube http://192.168.1.127:9000/

默认用户密码 admin:admin

改密码为password

到Plugins下载中文语言插件

Maven配置访问SonarQuebe

[root@jenkins-127 conf]# pwd

/CICD/jenkins/data/maven/conf

[root@jenkins-127 conf]# more settings.xml |grep sonar -A10

<id>sonar</id>

<activation>

<activeByDefault>true</activeByDefault>

</activation>

<properties>

<sonar.login>admin</sonar.login>

<sonar.password>password</sonar.password>

<sonar.host.url>http://192.168.1.127:9000</sonar.host.url>

</properties>

</profile>

</profiles>

<!-- activeProfiles

| List of profiles that are active for all builds.

|

<activeProfiles>

<activeProfile>alwaysActiveProfile</activeProfile>

--

<activeProfile>sonar</activeProfile>

</activeProfiles>

</settings>

  • 安装sonar-scanner

下载 https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/

找历史版本sonar-scanner-cli-4.6.0.2311-linux.zip解压安装,用于有效检查代码质量,上面安装的SonarQuebe主要用于扫描数据汇总,实际扫描器是sonar-scanner

[root@jenkins-127 conf]# yum -y install unzip

[root@jenkins-127 ~]# unzip sonar-scanner-cli-4.6.0.2311-linux.zip

[root@jenkins-127 ~]# mv sonar-scanner /CICD/jenkins/data/

[root@jenkins-127 data]# cd sonar-scanner/conf/

[root@jenkins-127 conf]# vi sonar-scanner.properties

[root@jenkins-127 conf]# more sonar-scanner.properties

#Configure here general information about the environment, such as SonarQube ser

ver connection details for example

#No information about specific project should appear here

#----- Default SonarQube server

sonar.host.url=http://192.168.1.127:9000

#----- Default source code encoding

sonar.sourceEncoding=UTF-8

生成令牌以便后面调用

  • SonarQube与jenkins集成

在jenkins安装sonarqube scanner插件

加配置

Maven,JDK与jenkins集成

  • harbor安装

[root@jenkins-127 ~]#wget https://ghproxy.com/https://github.com/goharbor/harbor/releases/download/v2.5.3/harbor-offline-installer-v2.5.3.tgz

[root@jenkins-127 ~]# tar -xzvf harbor-offline-installer-v2.5.3.tgz -C /usr/local

[root@jenkins-127 ~]# cd /usr/local/harbor

[root@jenkins-127 ~]# cp harbor.yml.tmpl harbor.yml

[root@jenkins-127 ~]# vi harbor.yml

hostname: 192.168.1.127

# http related config

http:

# port for http, default is 80. If https enabled, this port will redirect to https port

port: 80

# https related config

#https:

# https port for harbor, default is 443

# port: 443

# The path of cert and key files for nginx

# certificate: /your/certificate/path

# private_key: /your/private/key/path

由于没有配https,docker需要配置下,才能正常访问私有镜像库Harbor

[root@jenkins-127 harbor]# ./install.sh

Vi /etc/docker/daemon.json

{

"insecure-registries": ["192.168.1.127:80"]

}

[root@jenkins-127 harbor]# Systemctl restart docker

[root@jenkins-127 sonarqube]# docker login -u admin -p Harbor12345 192.168.1.127:80

WARNING! Using --password via the CLI is insecure. Use --password-stdin.

WARNING! Your password will be stored unencrypted in /root/.docker/config.json.

Configure a credential helper to remove this warning. See

https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

在Harbor里创建项目

jenkins使用宿主机的docker服务

[root@jenkins-127 run]# pwd

/var/run

[root@jenkins-127 run]# chown root:root docker.sock

[root@jenkins-127 run]# chmod o+rw docker.sock

#docker-compose.yml后面追加下面3个映射

[root@jenkins-127 jenkins]# vi docker-compose.yml


- /var/run/docker.sock:/var/run/docker.sock

- /usr/bin/docker:/usr/bin/docker

- /etc/docker/daemon.json:/etc/docker/daemon.json

#重启jenkins

[root@jenkins-127 jenkins]# docker-compose up -d

#测试

[root@jenkins-127 jenkins]# docker exec -it jenkins bash

jenkins@43bf782393ea:/$ docker version

6.在二台k8s服务器部署k8s集群

二台k8s服务器都执行下列命令设置host,添加主机名与IP对应关系

cat >> /etc/hosts << EOF

192.168.1.105 k8s-master-105

192.168.1.106 k8s-node-106

EOF

hostnamectl set-hostname k8s-master-105

hostnamectl set-hostname k8s-node-106

二台k8s服务器都执行下列命令,将IPv4流量转发到iptables

cat > /etc/sysctl.d/k8s.conf << EOF

net.ipv4.ip_forward = 1

net.ipv4.tcp_tw_recycle = 0

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

EOF

sysctl --system

最开始已经安装过docker服务了,这里Docker配置修改,设置cgroup驱动,这里用systemd

配置修改为如下

vim /etc/docker/daemon.json

{

"graph": "/data/docker",

"registry-mirrors": ["https://01xxgaft.mirror.aliyuncs.com"],

"exec-opts": ["native.cgroupdriver=systemd"],

"log-driver": "json-file",

"log-opts": {

"max-size": "100m"

},

"storage-driver": "overlay2"

}

重启docker服务

systemctl restart docker

2台机器都执行下列命令,添加k8s阿里云YUM软件源

[root@k8s-master-105 ~]# more /etc/yum.repos.d/kubernetes.repo

[Kubernetes]

name=Kubernetes

baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64

enabled=1

gpgcheck=0

repo_gpgcheck=0

gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

2台机器都执行下列命令,安装kubeadm,kubelet和kubectl

yum install -y kubelet-1.16.2 kubeadm-1.16.2 kubectl-1.16.2

systemctl start kubelet

systemctl enable kubelet

部署master节点,只在192.168.1.105上执行

[root@k8s-master-105 ~]# kubeadm init --apiserver-advertise-address=192.168.1.105 \

[root@k8s-master-105 ~]# --image-repository registry.aliyuncs.com/google_containers \

[root@k8s-master-105 ~]# --kubernetes-version v1.18.0 \

[root@k8s-master-105 ~]# --service-cidr=10.96.0.0/12 \

[root@k8s-master-105 ~]# --pod-network-cidr=10.244.0.0/16

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube

sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.

Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:

https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.1.105:6443 --token fuh4c7.f8fkqxuczd267z2s \

--discovery-token-ca-cert-hash sha256:1a9da40553cb981af969dbb28099f3e4767da9ebcb86d931318ba5c32be6c2d6

执行生成的命令

[root@k8s-master-105 ~]# mkdir -p $HOME/.kube

[root@k8s-master-105 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

[root@k8s-master-105 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config

再用生成的命令部署node节点,在192.168.1.106执行

kubeadm join 192.168.1.105:6443 --token fuh4c7.f8fkqxuczd267z2s \

--discovery-token-ca-cert-hash sha256:1a9da40553cb981af969dbb28099f3e4767da9ebcb86d931318ba5c32be6c2d6

在master节点安装网络插件flannel

[root@k8s-master-105 ~]#wget https://github.com/xuwei777/xw_yaml/blob/main/kube-flannel.yml

[root@k8s-master-105 ~]#kubectl apply -f kube-flannel.yml

[root@k8s-master-105 ~]# kubectl get pods -n kube-system

在master节点安装网络插件calico

[root@k8s-master-105 ~]# wget https://github.com/xuwei777/xw_yaml/blob/main/calico-3.9.2.yaml

[root@k8s-master-105 ~]# sed -i 's/192.168.0.0/10.244.0.0/g' calico-3.9.2.yaml

[root@k8s-master-105 ~]# kubectl apply -f calico.yaml

[root@k8s-master-105 ~]# kubectl get pod --all-namespaces -o wide

安装图形化K8S管理工具kuboard

安装指导:安装 Kuboard v3 - kubernetes | Kuboard 地址:https://kuboard.cn/install/v3/install-in-k8s.html#%E8%AE%BF%E9%97%AE-kuboard

[root@k8s-master-105 ~]# kubectl apply -f https://addons.kuboard.cn/kuboard/kuboard-v3-swr.yaml

namespace/kuboard created

configmap/kuboard-v3-config created

serviceaccount/kuboard-boostrap created

clusterrolebinding.rbac.authorization.k8s.io/kuboard-boostrap-crb created

daemonset.apps/kuboard-etcd created

deployment.apps/kuboard-v3 created

service/kuboard-v3 created

[root@k8s-master-105 ~]# watch kubectl get pods -n kuboard

访问kuboard:http://192.168.1.105:30080/

用户名: admin

密码: Kuboard123

Master 和 node节点都执行下列命令,添加"insecure-registries": [“192.168.1.127:80”],以便访问私有镜像库Harbor

[root@k8s-node-106 ~]# vi /etc/docker/daemon.json

"insecure-registries": ["192.168.1.127:80"],

[root@k8s-node-106 ~]# systemctl restart docker

K8s添加docker仓库账号密码,访问kuboard,在界面添加即可

  • 设置jenkins能连接k8s-master

#在master-105节点创建k8s目录

[root@k8s-master-105 ~]# mkdir -p /usr/local/k8s

再在jenkins配置连接master-105的k8s目录,jenkins后面生成的文件传到这个目录下

  • 设置Jenkin docker能免密ssh到master-105上调用kubectl apply –f 命令

Jenkins服务器上执行

[root@jenkins-127 data]# docker exec -it jenkins bash

jenkins@43bf782393ea:/$ cd ~

ls –a

没有.ssh 目录

jenkins@43bf782393ea:~$ ssh-keygen -t rsa

回车

输入密码这一环节直接回车

再次输入密码这一环节直接回车

jenkins@43bf782393ea:~$ more /var/jenkins_home/.ssh/id_rsa.pub

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC51bfacO+KJPsklcSReX3LFwEbG6R9YYCoC/A7bWLNm0BMxzmnMz3Hi9E4TmCpjgUxWG32lqkxDbIIbse91oFKD9dJ3IdizsYrQRgJsBZOIxDwqJwwoYQYA9VB3HaWpxKZFLT8uszIiIerk47DJiOAPaxA56uMOQCyvh4OMP

YGus7cbprAx/zLMzDvs7E3jJn3xud9DnwONi2DRBqHt2IACzLg+u1dtKwLBaokDjQniBC1DWdS5Dh+vy0zFcv0r10bWEZhFsJmdgmWl7YGLCARucB4qCn0yMA4VDywC+hxQLH9C3nOfXjAvLcZfCxeoleR3yGtTMSKoyWWznS7GGfWRe+wO6Qe7HQ0AT1VM6g9WXddUPcRGIBn

Dw/UwVxlgGftzFoJ5rTx4AAbG1GfkUOrnLNdJoI5Oa/bW4jU+ihYInU5DRsPnX8vcH7MeGXhetYxPYNHBji4Lfe6PL+UXCx7aqmLXf1s1+748vAnVxeQcaamwkcg6/eHUQ4wQ0/H/nk= jenkins@43bf782393ea

#将公钥传送给k8s-master-105服务

jenkins@43bf782393ea:~$ ssh-copy-id root@192.168.1.105

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/var/jenkins_home/.ssh/id_rsa.pub"

The authenticity of host '192.168.1.105 (192.168.1.105)' can't be established.

ECDSA key fingerprint is SHA256:Ou3p/4WYTpa1vsJG4+qIrUmJ4P/DMup0xMAHZgDTTI8.

Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

root@192.168.1.105's password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh 'root@192.168.1.105'"

and check to make sure that only the key(s) you wanted were added.

在本地代码准备好的Jenkinsfile文件和DOCKEFILE,pipeline.yml文件,上传到gitlab

pipeline{

agent any

environment {

harborUser = 'admin'

harborPasswd = 'Harbor12345'

harborAddress = '192.168.1.127:80'

harborRepo = 'repo'

}

stages {

stage('拉取git仓库代码') {

steps {

checkout([$class: 'GitSCM', branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[url: 'http://192.168.1.126:8929/root/mydemo.git']]])

}

}

stage('通过maven构建项目') {

steps {

sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'

}

}

stage('sonarqube代码质量检测') {

steps {

sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.source=./ -Dsonar.projectname=${JOB_NAME} -Dsonar.projectKey=${JOB_NAME} -Dsonar.java.binaries=./target/ -Dsonar.login=dffbbab02dec3466b52c18f728cfc338ce31da80'

}

}

stage('通过Docker制作自定义镜像') {

steps {

sh '''mv ./target/*.jar ./docker/

docker build -t ${JOB_NAME}:${tag} ./docker/'''

}

}

stage('push到harbor镜像仓库') {

steps {

sh '''docker login -u ${harborUser} -p ${harborPasswd} ${harborAddress}

docker tag ${JOB_NAME}:${tag} ${harborAddress}/${harborRepo}/${JOB_NAME}:${tag}

docker push ${harborAddress}/${harborRepo}/${JOB_NAME}:${tag}'''

}

}

stage('将pipeline.yml传输到k8s-master') {

steps {

sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s-master', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline.yml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])

}

}

stage('远程执行k8s-master的pipeline.yml') {

steps {

sh 'ssh root@192.168.1.105 kubectl apply -f /usr/local/k8s/pipeline.yml'

}

}

}

}

Dockerfile

FROM daocloud.io/library/java:8u40-jdk

COPY demo-0.0.1-SNAPSHOT.jar /usr/local/demo.jar

WORKDIR /usr/local

CMD java -jar demo.jar

pipeline.yml文件

pipeline.yml文件

apiVersion: apps/v1

kind: Deployment

metadata:

namespace: test

name: pipeline

labels:

app: pipeline

spec:

replicas: 2

selector:

matchLabels:

app: pipeline

template:

metadata:

labels:

app: pipeline

spec:

containers:

- name: pipeline

image: 192.168.1.127:80/repo/pipeline:v4.0.0

imagePullPolicy: Always

ports:

- containerPort: 8080

---

apiVersion: v1

kind: Service

metadata:

namespace: test

labels:

app: pipeline

name: pipeline

spec:

selector:

app: pipeline

ports:

- port: 8081

targetPort: 8080

type: NodePort

---

apiVersion: networking.k8s.io/v1beta1

kind: Ingress

metadata:

namespace: test

name: pipeline

spec:

ingressClassName: ingress

rules:

- host: dragon.pipeline.com

http:

paths:

- path: /

pathType: Prefix

backend:

serviceName: pipeline

servicePort: 8081

  • 在Jenkins上创建流水线类型的任务

设置Pipeline script from SCM,这样jenkins就可以拿到上面写好的Jenkins文件去执行每个Stage

添加git参数,接收传入的代码版本号,容器端口,宿主机端口

7.测试验证

代码提交,添加版本号

原来为访问服务显示v.4.0.0,经过jenkins CICD后,显示v5.0.0成功

Tags:

猜你喜欢

本文暂时没有评论,来添加一个吧(●'◡'●)

欢迎 发表评论:

最近发表
标签列表