k8s-学习笔记5-jenkins构建java服务

https://blog.stanley.wang/2019/01/18/%E5%AE%9E%E9%AA%8C%E6%96%87%E6%A1%A32%EF%BC%9A%E5%AE%9E%E6%88%98%E4%BA%A4%E4%BB%98%E4%B8%80%E5%A5%97dubbo%E5%BE%AE%E6%9C%8D%E5%8A%A1%E5%88%B0kubernetes%E9%9B%86%E7%BE%A4/

 

准备私有jenkins镜像

拉取公共镜像

docker pull jenkins/jenkins:2.235.1-lts-centos7

 

推到自己的仓库

docker tag 08b8cad08fb6 registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/jenkins:2.235.1
docker push registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/jenkins:2.235.1

 

Dockerfile

id_rsa是用来让jenkins免密登录git的,没有也没关系

config.json是docker login后记录的文件,用于jenkins登录仓库

get-docker.sh是docker客户端

#!/bin/sh
set -e

# This script is meant for quick & easy install via:
#   $ curl -fsSL get.docker.com -o get-docker.sh
#   $ sh get-docker.sh
#
# For test builds (ie. release candidates):
#   $ curl -fsSL test.docker.com -o test-docker.sh
#   $ sh test-docker.sh
#
# NOTE: Make sure to verify the contents of the script
#       you downloaded matches the contents of install.sh
#       located at https://github.com/docker/docker-install
#       before executing.
#
# Git commit from https://github.com/docker/docker-install when
# the script was uploaded (Should only be modified by upload job):
SCRIPT_COMMIT_SHA=36b78b2


# This value will automatically get changed for:
#    edge
#    test
#    experimental
DEFAULT_CHANNEL_VALUE="edge"
if [ -z "$CHANNEL" ]; then
    CHANNEL=$DEFAULT_CHANNEL_VALUE
fi

DEFAULT_DOWNLOAD_URL="https://download.docker.com"
if [ -z "$DOWNLOAD_URL" ]; then
    DOWNLOAD_URL=$DEFAULT_DOWNLOAD_URL
fi

DEFAULT_REPO_FILE="docker-ce.repo"
if [ -z "$REPO_FILE" ]; then
    REPO_FILE="$DEFAULT_REPO_FILE"
fi

SUPPORT_MAP="
x86_64-centos-7
x86_64-fedora-26
x86_64-fedora-27
x86_64-fedora-28
x86_64-debian-wheezy
x86_64-debian-jessie
x86_64-debian-stretch
x86_64-debian-buster
x86_64-ubuntu-trusty
x86_64-ubuntu-xenial
x86_64-ubuntu-bionic
x86_64-ubuntu-artful
s390x-ubuntu-xenial
s390x-ubuntu-bionic
s390x-ubuntu-artful
ppc64le-ubuntu-xenial
ppc64le-ubuntu-bionic
ppc64le-ubuntu-artful
aarch64-ubuntu-xenial
aarch64-ubuntu-bionic
aarch64-debian-jessie
aarch64-debian-stretch
aarch64-debian-buster
aarch64-fedora-26
aarch64-fedora-27
aarch64-fedora-28
aarch64-centos-7
armv6l-raspbian-jessie
armv7l-raspbian-jessie
armv6l-raspbian-stretch
armv7l-raspbian-stretch
armv7l-debian-jessie
armv7l-debian-stretch
armv7l-debian-buster
armv7l-ubuntu-trusty
armv7l-ubuntu-xenial
armv7l-ubuntu-bionic
armv7l-ubuntu-artful
"

mirror=''
DRY_RUN=${DRY_RUN:-}
while [ $# -gt 0 ]; do
    case "$1" in
        –mirror)
            mirror="$2"
            shift
            ;;
        –dry-run)
            DRY_RUN=1
            ;;
        –)
            echo "Illegal option $1"
            ;;
    esac
    shift $(( $# > 0 ? 1 : 0 ))
done

case "$mirror" in
    Aliyun)
        DOWNLOAD_URL="https://mirrors.aliyun.com/docker-ce"
        ;;
    AzureChinaCloud)
        DOWNLOAD_URL="https://mirror.azure.cn/docker-ce"
        ;;
esac

command_exists() {
    command -v "$@" > /dev/null 2>&1
}

is_dry_run() {
    if [ -z "$DRY_RUN" ]; then
        return 1
    else
        return 0
    fi
}

deprecation_notice() {
    distro=$1
    date=$2
    echo
    echo "DEPRECATION WARNING:"
    echo "    The distribution, $distro, will no longer be supported in this script as of $date."
    echo "    If you feel this is a mistake please submit an issue at https://github.com/docker/docker-install/issues/new"
    echo
    sleep 10
}

get_distribution() {
    lsb_dist=""
    # Every system that we officially support has /etc/os-release
    if [ -r /etc/os-release ]; then
        lsb_dist="$(. /etc/os-release && echo "$ID")"
    fi
    # Returning an empty string here should be alright since the
    # case statements don't act unless you provide an actual value
    echo "$lsb_dist"
}

add_debian_backport_repo() {
    debian_version="$1"
    backports="deb http://ftp.debian.org/debian $debian_version-backports main"
    if ! grep -Fxq "$backports" /etc/apt/sources.list; then
        (set -x; $sh_c "echo \"$backports\" >> /etc/apt/sources.list")
    fi
}

echo_docker_as_nonroot() {
    if is_dry_run; then
        return
    fi
    if command_exists docker && [ -e /var/run/docker.sock ]; then
        (
            set -x
            $sh_c 'docker version'
        ) || true
    fi
    your_user=your-user
    [ "$user" != 'root' ] && your_user="$user"
    # intentionally mixed spaces and tabs here – tabs are stripped by "<<-EOF", spaces are kept in the output
    echo "If you would like to use Docker as a non-root user, you should now consider"
    echo "adding your user to the \"docker\" group with something like:"
    echo
    echo "  sudo usermod -aG docker $your_user"
    echo
    echo "Remember that you will have to log out and back in for this to take effect!"
    echo
    echo "WARNING: Adding a user to the \"docker\" group will grant the ability to run"
    echo "         containers which can be used to obtain root privileges on the"
    echo "         docker host."
    echo "         Refer to https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface"
    echo "         for more information."

}

# Check if this is a forked Linux distro
check_forked() {

    # Check for lsb_release command existence, it usually exists in forked distros
    if command_exists lsb_release; then
        # Check if the -u option is supported
        set +e
        lsb_release -a -u > /dev/null 2>&1
        lsb_release_exit_code=$?
        set -e

        # Check if the command has exited successfully, it means we're in a forked distro
        if [ "$lsb_release_exit_code" = "0" ]; then
            # Print info about current distro
            cat <<-EOF
            You're using '$lsb_dist' version '$dist_version'.
            EOF

            # Get the upstream release info
            lsb_dist=$(lsb_release -a -u 2>&1 | tr '[:upper:]' '[:lower:]' | grep -E 'id' | cut -d ':' -f 2 | tr -d '[:space:]')
            dist_version=$(lsb_release -a -u 2>&1 | tr '[:upper:]' '[:lower:]' | grep -E 'codename' | cut -d ':' -f 2 | tr -d '[:space:]')

            # Print info about upstream distro
            cat <<-EOF
            Upstream release is '$lsb_dist' version '$dist_version'.
            EOF
        else
            if [ -r /etc/debian_version ] && [ "$lsb_dist" != "ubuntu" ] && [ "$lsb_dist" != "raspbian" ]; then
                if [ "$lsb_dist" = "osmc" ]; then
                    # OSMC runs Raspbian
                    lsb_dist=raspbian
                else
                    # We're Debian and don't even know it!
                    lsb_dist=debian
                fi
                dist_version="$(sed 's/\/.//' /etc/debian_version | sed 's/..//')"
                case "$dist_version" in
                    9)
                        dist_version="stretch"
                    ;;
                    8|'Kali Linux 2')
                        dist_version="jessie"
                    ;;
                    7)
                        dist_version="wheezy"
                    ;;
                esac
            fi
        fi
    fi
}

semverParse() {
    major="${1%%.}"
    minor="${1#$major.}"
    minor="${minor%%.}"
    patch="${1#$major.$minor.}"
    patch="${patch%%[-.]}"
}

ee_notice() {
    echo
    echo
    echo "  WARNING: $1 is now only supported by Docker EE"
    echo "           Check https://store.docker.com for information on Docker EE"
    echo
    echo
}

do_install() {
    echo "# Executing docker install script, commit: $SCRIPT_COMMIT_SHA"

    if command_exists docker; then
        docker_version="$(docker -v | cut -d ' ' -f3 | cut -d ',' -f1)"
        MAJOR_W=1
        MINOR_W=10

        semverParse "$docker_version"

        shouldWarn=0
        if [ "$major" -lt "$MAJOR_W" ]; then
            shouldWarn=1
        fi

        if [ "$major" -le "$MAJOR_W" ] && [ "$minor" -lt "$MINOR_W" ]; then
            shouldWarn=1
        fi

        cat >&2 <<-'EOF'
            Warning: the "docker" command appears to already exist on this system.

            If you already have Docker installed, this script can cause trouble, which is
            why we're displaying this warning and provide the opportunity to cancel the
            installation.

            If you installed the current Docker package using this script and are using it
        EOF

        if [ $shouldWarn -eq 1 ]; then
            cat >&2 <<-'EOF'
            again to update Docker, we urge you to migrate your image store before upgrading
            to v1.10+.

            You can find instructions for this here:
            https://github.com/docker/docker/wiki/Engine-v1.10.0-content-addressability-migration
            EOF
        else
            cat >&2 <<-'EOF'
            again to update Docker, you can safely ignore this message.
            EOF
        fi

        cat >&2 <<-'EOF'

            You may press Ctrl+C now to abort this script.
        EOF
        ( set -x; sleep 20 )
    fi

    user="$(id -un 2>/dev/null || true)"

    sh_c='sh -c'
    if [ "$user" != 'root' ]; then
        if command_exists sudo; then
            sh_c='sudo -E sh -c'
        elif command_exists su; then
            sh_c='su -c'
        else
            cat >&2 <<-'EOF'
            Error: this installer needs the ability to run commands as root.
            We are unable to find either "sudo" or "su" available to make this happen.
            EOF
            exit 1
        fi
    fi

    if is_dry_run; then
        sh_c="echo"
    fi

    # perform some very rudimentary platform detection
    lsb_dist=$( get_distribution )
    lsb_dist="$(echo "$lsb_dist" | tr '[:upper:]' '[:lower:]')"

    case "$lsb_dist" in

        ubuntu)
            if command_exists lsb_release; then
                dist_version="$(lsb_release –codename | cut -f2)"
            fi
            if [ -z "$dist_version" ] && [ -r /etc/lsb-release ]; then
                dist_version="$(. /etc/lsb-release && echo "$DISTRIB_CODENAME")"
            fi
        ;;

        debian|raspbian)
            dist_version="$(sed 's/\/.//' /etc/debian_version | sed 's/..//')"
            case "$dist_version" in
                9)
                    dist_version="stretch"
                ;;
                8)
                    dist_version="jessie"
                ;;
                7)
                    dist_version="wheezy"
                ;;
            esac
        ;;

        centos)
            if [ -z "$dist_version" ] && [ -r /etc/os-release ]; then
                dist_version="$(. /etc/os-release && echo "$VERSION_ID")"
            fi
        ;;

        rhel|ol|sles)
            ee_notice "$lsb_dist"
            exit 1
            ;;

        )
            if command_exists lsb_release; then
                dist_version="$(lsb_release –release | cut -f2)"
            fi
            if [ -z "$dist_version" ] && [ -r /etc/os-release ]; then
                dist_version="$(. /etc/os-release && echo "$VERSION_ID")"
            fi
        ;;

    esac

    # Check if this is a forked Linux distro
    check_forked

    # Check if we actually support this configuration
    if ! echo "$SUPPORT_MAP" | grep "$(uname -m)-$lsb_dist-$dist_version" >/dev/null; then
        cat >&2 <<-'EOF'

        Either your platform is not easily detectable or is not supported by this
        installer script.
        Please visit the following URL for more detailed installation instructions:

        https://docs.docker.com/engine/installation/

        EOF
        exit 1
    fi

    # Run setup for each distro accordingly
    case "$lsb_dist" in
        ubuntu|debian|raspbian)
            pre_reqs="apt-transport-https ca-certificates curl"
            if [ "$lsb_dist" = "debian" ]; then
                if [ "$dist_version" = "wheezy" ]; then
                    add_debian_backport_repo "$dist_version"
                fi
                # libseccomp2 does not exist for debian jessie main repos for aarch64
                if [ "$(uname -m)" = "aarch64" ] && [ "$dist_version" = "jessie" ]; then
                    add_debian_backport_repo "$dist_version"
                fi
            fi

            # TODO: August 31, 2018 delete from here,
            if [ "$lsb_dist" =  "ubuntu" ] && [ "$dist_version" = "artful" ]; then
                deprecation_notice "$lsb_dist $dist_version" "August 31, 2018"
            fi
            # TODO: August 31, 2018 delete to here,

            if ! command -v gpg > /dev/null; then
                pre_reqs="$pre_reqs gnupg"
            fi
            apt_repo="deb [arch=$(dpkg –print-architecture)] $DOWNLOAD_URL/linux/$lsb_dist $dist_version $CHANNEL"
            (
                if ! is_dry_run; then
                    set -x
                fi
                $sh_c 'apt-get update -qq >/dev/null'
                $sh_c "apt-get install -y -qq $pre_reqs >/dev/null"
                $sh_c "curl -fsSL \"$DOWNLOAD_URL/linux/$lsb_dist/gpg\" | apt-key add -qq - >/dev/null"
                $sh_c "echo \"$apt_repo\" > /etc/apt/sources.list.d/docker.list"
                if [ "$lsb_dist" = "debian" ] && [ "$dist_version" = "wheezy" ]; then
                    $sh_c 'sed -i "/deb-src.download.docker/d" /etc/apt/sources.list.d/docker.list'
                fi
                $sh_c 'apt-get update -qq >/dev/null'
            )
            pkg_version=""
            if [ ! -z "$VERSION" ]; then
                if is_dry_run; then
                    echo "# WARNING: VERSION pinning is not supported in DRY_RUN"
                else
                    # Will work for incomplete versions IE (17.12), but may not actually grab the "latest" if in the test channel
                    pkg_pattern="$(echo "$VERSION" | sed "s/-ce-/~ce~./g" | sed "s/-/./g").-0~$lsb_dist"
                    search_command="apt-cache madison 'docker-ce' | grep '$pkg_pattern' | head -1 | cut -d' ' -f 4"
                    pkg_version="$($sh_c "$search_command")"
                    echo "INFO: Searching repository for VERSION '$VERSION'"
                    echo "INFO: $search_command"
                    if [ -z "$pkg_version" ]; then
                        echo
                        echo "ERROR: '$VERSION' not found amongst apt-cache madison results"
                        echo
                        exit 1
                    fi
                    pkg_version="=$pkg_version"
                fi
            fi
            (
                if ! is_dry_run; then
                    set -x
                fi
                $sh_c "apt-get install -y -qq –no-install-recommends docker-ce$pkg_version >/dev/null"
            )
            echo_docker_as_nonroot
            exit 0
            ;;
        centos|fedora)
            yum_repo="$DOWNLOAD_URL/linux/$lsb_dist/$REPO_FILE"
            if ! curl -Ifs "$yum_repo" > /dev/null; then
                echo "Error: Unable to curl repository file $yum_repo, is it valid?"
                exit 1
            fi
            if [ "$lsb_dist" = "fedora" ]; then
                if [ "$dist_version" -lt "26" ]; then
                    echo "Error: Only Fedora >=26 are supported"
                    exit 1
                fi

                pkg_manager="dnf"
                config_manager="dnf config-manager"
                enable_channel_flag="–set-enabled"
                pre_reqs="dnf-plugins-core"
                pkg_suffix="fc$dist_version"
            else
                pkg_manager="yum"
                config_manager="yum-config-manager"
                enable_channel_flag="–enable"
                pre_reqs="yum-utils"
                pkg_suffix="el"
            fi
            (
                if ! is_dry_run; then
                    set -x
                fi
                $sh_c "$pkg_manager install -y -q $pre_reqs"
                $sh_c "$config_manager –add-repo $yum_repo"

                if [ "$CHANNEL" != "stable" ]; then
                    $sh_c "$config_manager $enable_channel_flag docker-ce-$CHANNEL"
                fi
                $sh_c "$pkg_manager makecache"
            )
            pkg_version=""
            if [ ! -z "$VERSION" ]; then
                if is_dry_run; then
                    echo "# WARNING: VERSION pinning is not supported in DRY_RUN"
                else
                    pkg_pattern="$(echo "$VERSION" | sed "s/-ce-/\\.ce./g" | sed "s/-/./g").*$pkg_suffix"
                    search_command="$pkg_manager list –showduplicates 'docker-ce' | grep '$pkg_pattern' | tail -1 | awk '{print \$2}'"
                    pkg_version="$($sh_c "$search_command")"
                    echo "INFO: Searching repository for VERSION '$VERSION'"
                    echo "INFO: $search_command"
                    if [ -z "$pkg_version" ]; then
                        echo
                        echo "ERROR: '$VERSION' not found amongst $pkg_manager list results"
                        echo
                        exit 1
                    fi
                    # Cut out the epoch and prefix with a '-'
                    pkg_version="-$(echo "$pkg_version" | cut -d':' -f 2)"
                fi
            fi
            (
                if ! is_dry_run; then
                    set -x
                fi
                $sh_c "$pkg_manager install -y -q docker-ce$pkg_version"
            )
            echo_docker_as_nonroot
            exit 0
            ;;
    esac
    exit 1
}

# wrapped up in a function so that we have some protection against only getting
# half the file during "curl | sh"
do_install

去掉密码指纹确认

 

FROM registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/jenkins:2.235.1
USER root
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\ 
    echo 'Asia/Shanghai' >/etc/timezone
ADD id_rsa /root/.ssh/id_rsa
ADD config.json /root/.docker/config.json
ADD get-docker.sh /get-docker.sh
RUN echo "    StrictHostKeyChecking no" >> /etc/ssh/sshd_config &&\
    /get-docker.sh --mirror Aliyun

  

构建私有镜像并推送到仓库

docker build . -t registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/jenkins:my_v1
docker push registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/jenkins:my_v1

  

 部署服务

持久化存储使用阿里NFS,创建NFS后,在k8s所有节点上挂载 /mnt

创建运维专用的ns:devops

创建登录仓库的secret

root@k8s-master:~# kubectl create secret docker-registry regcred \
>         --docker-server=repo.mrvolleyball.com/library \
>         --docker-username=admin \
>         --docker-password='Harbor12345' \
>         --docker-email=chaisd63@163.com
secret "regcred" created

  

deployment

挂载docker.sock,为了jenkins里的docker客户端和宿主机的服务端通信

创建完后验证/mnt目录,已经有相关文件

kind: Deployment
apiVersion: apps/v1
metadata:
  name: jenkins
  namespace: devops
spec:
  replicas: 1
  selector:
    matchLabels: 
      app: jenkins
  strategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: jenkins
    spec:
      volumes:
      - name: data
        hostPath: 
          path: /mnt/jenkins_home
          type: ''
      - name: docker
        hostPath: 
          path: /run/docker.sock
          type: ''
      containers:
      - name: jenkins
        image: registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/jenkins:my_v1
        ports:
        - containerPort: 8080
          protocol: TCP
        volumeMounts:
        - name: data
          mountPath: /var/jenkins_home
        - name: docker
          mountPath: /run/docker.sock
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        imagePullPolicy: IfNotPresent
      imagePullSecrets:
      - name: dewin-ali
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      securityContext: 
        runAsUser: 0
      schedulerName: default-scheduler

  revisionHistoryLimit: 7
  progressDeadlineSeconds: 600

  

service

kind: Service
apiVersion: v1
metadata: 
  name: jenkins
  namespace: devops
spec:
  ports:
  - protocol: TCP
    port: 80
    targetPort: 8080
  selector:
    app: jenkins
  type: ClusterIP
  sessionAffinity: None

  

ingress

kind: Ingress
apiVersion: extensions/v1beta1
metadata: 
  name: jenkins
  namespace: devops
spec:
  rules:
  - host: jenkins.e-dewin.com
    http:
      paths:
      - path: /
        backend: 
          serviceName: jenkins
          servicePort: 80

  

 验证

进入jenkins容器

1 用户是root

2 时区正常

3 docker ps命令能连接宿主机

4 验证docker login registry-vpc.cn-hangzhou.aliyuncs.com正常

5 id_rsa测试连接git clone代码 (由于自己这里是http的gogs,所以git地址使用ssh)

 

jenkins配置

安装mvn工具,修改settings

把jenkins的插件打包放到plugins目录(包含blue ocean)

 

dubbo微服务部署

制作dubbo底包镜像

Dockerfile

FROM registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/jre:8u112
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\
    echo 'Asia/Shanghai' >/etc/timezone
ADD config.yml /opt/prom/config.yml
ADD jmx_javaagent-0.3.1.jar /opt/prom/
WORKDIR /opt/project_dir
ADD entrypoint.sh /entrypoint.sh
CMD ["/entrypoint.sh"]

  

prom监控

config.yml

---
rules:
  - pattern: '.*'
wget https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.3.1/jmx_prometheus_javaagent-0.3.1.jar -O jmx_javaagent-0.3.1.jar

  

entrypoint.sh

docker里面维持一个pid=1的进程在前台运行,来保持容器的生命周期。exec 命令用于此目的,使这个shell脚本把pid=1交给java -jar

nohup不行,会变成后台,然后ent.sh退出后,容器也就变成exited

JAR_BALL是jar包文件名,通过在yml文件里env传递进来

#!/bin/sh
M_OPTS="-Duser.timezone=Asia/Shanghai -javaagent:/opt/prom/jmx_javaagent-0.3.1.jar=$(hostname -i):${M_PORT:-"12346"}:/opt/prom/config.yml"
C_OPTS=${C_OPTS}
JAR_BALL=${JAR_BALL}
exec java -jar ${M_OPTS} ${C_OPTS} ${JAR_BALL}
chmod +x  entrypoint.sh

  

推送到仓库

docker build . -t registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/jre:my_8u112
docker push registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/jre:my_8u112

  

jenkins流水线

新建一个流水线,写好10个参数化构建,写好pipeline

pipeline {
  agent any 
    stages {
      stage('pull') { //get project code from repo 
        steps {
          sh "git clone ${params.git_repo} ${params.app_name}/${env.BUILD_NUMBER} && cd ${params.app_name}/${env.BUILD_NUMBER} && git checkout ${params.git_ver}"
        }
      }
      stage('build') { //exec mvn cmd
        steps {
          sh "cd ${params.app_name}/${env.BUILD_NUMBER}  && /var/jenkins_home/maven-${params.maven}/bin/${params.mvn_cmd}"
        }
      }
      stage('package') { //move jar file into project_dir
        steps {
          sh "cd ${params.app_name}/${env.BUILD_NUMBER} && cd ${params.target_dir} && mkdir project_dir && mv *.jar ./project_dir"
        }
      }
      stage('image') { //build image and push to registry
        steps {
          writeFile file: "${params.app_name}/${env.BUILD_NUMBER}/Dockerfile", text: """FROM registry-vpc.cn-hangzhou.aliyuncs.com/e-dewin/${params.base_image}
ADD ${params.target_dir}/project_dir /opt/project_dir"""
          sh "cd  ${params.app_name}/${env.BUILD_NUMBER} && docker build -t registry-vpc.cn-hangzhou.aliyuncs.com/dw-java/${params.image_name}:${params.git_ver}_${params.add_tag} . && docker push registry-vpc.cn-hangzhou.aliyuncs.com/dw-java/${params.image_name}:${params.git_ver}_${params.add_tag}"
        }
      }
    }
}

  

 然后手动填参数,构建,构建完后仓库里就有这个镜像了。

 

交付到k8s

创建一个新的ns,并在这个ns里创建一个secret,用于仓库验证

部署deployment,部署成功后,在xxljobadmin执行器管理里看到对应的服务,则成功(zk已经部署在k8s外面的服务器上,java服务里也已经指定)

kind: Deployment
apiVersion: apps/v1
metadata:
  name: xxl-job-peccancy
  namespace: dw-java
  labels: 
    app: xxl-job-peccancy
spec:
  replicas: 1
  selector:
    matchLabels: 
      app: xxl-job-peccancy
  template:
    metadata:
      labels: 
        app: xxl-job-peccancy
    spec:
      containers:
      - name: xxl-job-peccancy
        image: registry-vpc.cn-hangzhou.aliyuncs.com/dw-java/xxl-job-peccancy:master_20200718_1038
        ports:
        - containerPort: 20880
          protocol: TCP
        env:
        - name: JAR_BALL
          value: xxl-job-vehicle-peccancy-client-2.0.2-SNAPSHOT.jar
        imagePullPolicy: IfNotPresent
      imagePullSecrets:
      - name: dw-java
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      securityContext: 
        runAsUser: 0
      schedulerName: default-scheduler
  strategy:
    type: RollingUpdate
    rollingUpdate: 
      maxUnavailable: 1
      maxSurge: 1
  revisionHistoryLimit: 7
  progressDeadlineSeconds: 600

  

 

posted @ 2020-07-17 11:43  jabbok  阅读(406)  评论(0编辑  收藏  举报