k8s cicd

环境

  • centos7 + jenkins2.361.3(裸机安装) + gitlab(裸机安装) + harbor(k8s安装)

注意

  • 在裸机安装jenkins高版本的时候需要安装java11
  • 在实现cicd的时候git版本需要高一点的,我的是2.31.1

安装完jenkins,需要的配置

1.需要设置授权策略为允许登录的用户做任何事,否则jenkins会显示权限不足报403

 

 

 2.点掉授权

 

 

 3.jenkins新建一个自由风格的项目,配置镜像版本参数,也可忽略此步骤

 

 

 4.填写gitlab项目地址,这里可以用免秘钥的行驶通过ssh去拉取,或者配置认证,我这里是ssh

 

 

 5.记录这个地址,稍后在配置gitlab webhook的时候需要用到

 

 

 6.通过shell完成cicd

 

 

 7.test.sh内容如下:

[root@minikube-k8s mytest01]# cat test.sh 
#!/bin/bash
echo "========================================="
docker login 192.168.28.151:30002 --username=admin --password=Harbor12345
docker build -t 192.168.28.151:30002/test01/nginx:$tag ./
docker push 192.168.28.151:30002/test01/nginx:$tag
ssh root@192.168.28.151 kubectl apply -f /root/myapp.yaml
echo "========================================="

8.myapp.yaml内容如下:

[root@minikube-k8s mytest01]# cat myapp.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mynginx1
  namespace: default
spec:
  replicas: 2
  selector: 
    matchLabels:
      app: mynginx
  template:
    metadata:
      labels:
        app: mynginx
    spec:
      containers:
      - name: nginx
        image: 192.168.28.151:30002/test01/nginx:v1
        ports:
        - name: http
          containerPort: 80

安装完gitlab需要的配置

1.新建一个gitlab项目

 

 

 2.创建gitlab webhook

 

 

 3.点击test push event测试

 

 

 4.设置ssh免密登录

 

 

 

测试

尝试push到仓库,然后查看jenkins任务执行情况如下:

Started by GitLab push by Administrator
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/mytest01
The recommended git tool is: NONE
No credentials specified
 > git rev-parse --resolve-git-dir /var/lib/jenkins/workspace/mytest01/.git # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url git@192.168.28.151:root/mytest01.git # timeout=10
Fetching upstream changes from git@192.168.28.151:root/mytest01.git
 > git --version # timeout=10
 > git --version # 'git version 2.31.1'
 > git fetch --tags --force --progress -- git@192.168.28.151:root/mytest01.git +refs/heads/*:refs/remotes/origin/* # timeout=10
 > git rev-parse remotes/origin/master^{commit} # timeout=10
 > git branch -a -v --no-abbrev --contains b26f23e4526ea9ca717a5d9df5c6776153460d61 # timeout=10
Checking out Revision b26f23e4526ea9ca717a5d9df5c6776153460d61 (origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f b26f23e4526ea9ca717a5d9df5c6776153460d61 # timeout=10
Commit message: "v6"
 > git rev-list --no-walk b26f23e4526ea9ca717a5d9df5c6776153460d61 # timeout=10
[mytest01] $ /bin/sh -xe /tmp/jenkins2387672580940564012.sh
+ ./test.sh latest
=========================================
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /var/lib/jenkins/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
Sending build context to Docker daemon    127kB

Step 1/3 : FROM nginx:latest
 ---> 605c77e624dd
Step 2/3 : COPY index.html /usr/share/nginx/html
 ---> Using cache
 ---> b65ad20ce6d0
Step 3/3 : CMD ["/usr/sbin/nginx","-g","daemon off;"]
 ---> Using cache
 ---> 3e615f842d5f
Successfully built 3e615f842d5f
Successfully tagged 192.168.28.151:30002/test01/nginx:latest
The push refers to repository [192.168.28.151:30002/test01/nginx]
bc8838e7b453: Preparing
d874fd2bc83b: Preparing
32ce5f6a5106: Preparing
f1db227348d0: Preparing
b8d6e692a25e: Preparing
e379e8aedd4d: Preparing
2edcec3590a4: Preparing
e379e8aedd4d: Waiting
2edcec3590a4: Waiting
bc8838e7b453: Layer already exists
d874fd2bc83b: Layer already exists
b8d6e692a25e: Layer already exists
f1db227348d0: Layer already exists
32ce5f6a5106: Layer already exists
e379e8aedd4d: Layer already exists
2edcec3590a4: Layer already exists
latest: digest: sha256:0ede8cc8c7643a4cd64df93db30f64df5541c6db86869652791e32f23805cf85 size: 1777
deployment.apps/mynginx1 unchanged
=========================================
Finished: SUCCESS
View Code

查看pod是否创建ok

 

查看harbor镜像仓库是否已经有镜像上传

 

posted @ 2022-11-11 10:59  力王7314  阅读(305)  评论(0编辑  收藏  举报