Gitlab+Jenkins+Docker+K8S实现CI/CD
Gitlab+Jenkins+Docker+K8S实现CI/CD
使用Docker安装GitLab及Jenkins
下载安装gitlab镜像
# 下载gitlab镜像文件 $ docker pull gitlab/gitlab-ce:latest # 启动gitlab $ docker run -d \ --hostname HOST_NAME \ -p 9443:443 -p 9080:80 -p 2222:22 \ --name gitlab \ -v PATH/config:/etc/gitlab \ -v PATH/logs:/var/log/gitlab \ -v PATH/data:/var/opt/gitlab \ gitlab/gitlab-ce:latest # 修改PATH/config/gitlab.rb $ cat PATH/config/gitlab.rb gitlab_rails['gitlab_shell_ssh_port'] = 2222 # 重启gitlab容器 $ docker stop gitlab $ docker rm gitlab $ docker run -d \ --hostname HOST_NAME \ -p 9443:443 -p 9080:80 -p 2222:22 \ --name gitlab \ -v PATH/config:/etc/gitlab \ -v PATH/logs:/var/log/gitlab \ -v PATH/data:/var/opt/gitlab \ gitlab/gitlab-ce:latest
下载安装Jenkins
# 下载jenkins镜像 $ docker pull jenkins # 启动jenkins $ docker run -d \ -p 8080:8080 \ -p 50000:50000 \ -v PATH/jenkins-data:/var/jenkins_home \ -v /var/run/docker.sock:/var/run/docker.sock \ --name jenkins \ jenkins:latest
Jenkins安全设置
1. 点击“系统管理” - 进入“全局安全配置” 2. 在“访问控制”-“授权策略”-“登录用户可以做任何事”中勾选上“匿名用户具有可读权限” 3. 去掉"CSRF Protection"中的"防止跨站点请求伪造"
gitlab添加jenkins服务器及git服务器SSH KEYS
jenkins编写流水线脚本
# 构建流水线脚本 #!groovy pipeline { agent any environment { REPOSITORY="ssh://git@gitlab.hadeian.com:2222/hadeian/microservice.git" MODULE="user-edge-service" SCRIPT_PATH="~/scripts" } stages { stage('获取代码') { steps { echo "start fetch from git:${REPOSITORY}" deleteDir() git "${REPOSITORY}" } } stage('编译+单元测试') { steps { echo "start compile" sh "mvn -U -pl ${MODULE} -am clean package" } } stage('构建镜像') { steps { echo "start build image" sh "${SCRIPT_PATH}/build-image.sh ${MODULE}" } } stage('发布服务') { steps { echo "start deploy" sh "${SCRIPT_PATH}/deploy.sh user-edge-service ${MODULE}" } } } }
远程执行编译脚本 $ cat build-image.sh #!/bin/bash MODULE=$1 TIME=`date "+%Y%m%d%H%M"` GIT_VERSION=`git log -1 --pretty=format:"%h"` IMAGE_NAME=DOCKER_REGISTRY/PRODUCT_NAME/${MODULE}:${TIME}_${GIT_VERSION} cd ${MODULE} docker build -t ${IMAGE_NAME} . cd - docker push ${IMAGE_NAME} echo "${IMAGE_NAME}" > IMAGE_NAME # 编写K8S更新服务脚本 $ cat deploy.sh #!/bin/bash IMAGE=`cat IMAGE_NAME` DEPLOYMENT=$1 MODULE=$2 kubectl set image deployment/${DEPLOYMENT} ${MODULE}=${IMAGE}