jenkins pipeline
从零开始到实现一个利用Jenkins流水线的自动发布.
大概过程为使用基于Kubernetes安装的Jenkins,同时利用Kubernetes集群作为工作节点动态创建pod,pod执行任务: 从gitlab拉取代码 编译 制作一个docker镜像 根据分支发布到不同的Kubernetes集群 的大概过程.
gitlab安装
mkdir -p /data/gitlab
GITLAB_HOME=/data/gitlab
sudo docker run --detach \
--hostname 20.88.9.34 \
--publish 443:443 --publish 80:80 --publish 222:22 \
--name gitlab \
--restart always \
--volume /etc/gitlab/gitlab.rb:/etc/gitlab/gitlab.rb \
--volume $GITLAB_HOME/config:/etc/gitlab \
--volume $GITLAB_HOME/logs:/var/log/gitlab \
--volume $GITLAB_HOME/data:/var/opt/gitlab \
--shm-size 256m \
registry.gitlab.cn/omnibus/gitlab-jh:latest
登陆获取密码:
sudo docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password
修改为中文
改为中文.保存刷新.
主机节点创建秘钥
ssh-keygen
# 然后一直按回车即可
查看内容
cat ~/.ssh/id_rsa.pub
复制,然后打开gitlab.
粘贴密钥内容,标题自动生成,然后点击添加密钥即可.
安装Jenkins
创建授权文件
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins
namespace: jenkins
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: jenkins
rules:
- apiGroups:
- '*'
resources:
- statefulsets
- services
- replicationcontrollers
- replicasets
- podtemplates
- podsecuritypolicies
- pods
- pods/log
- pods/exec
- podpreset
- poddisruptionbudget
- persistentvolumes
- persistentvolumeclaims
- jobs
- endpoints
- deployments
- deployments/scale
- daemonsets
- cronjobs
- configmaps
- namespaces
- events
- secrets
verbs:
- create
- get
- watch
- delete
- list
- patch
- update
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: jenkins
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: jenkins
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: Group
name: system:serviceaccounts:jenkins
创建Jenkins
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins
namespace: jenkins
labels:
app: jenkins
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 8Gi
storageClassName: nfs-provisioner
volumeMode: Filesystem
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
labels:
app: jenkins
namespace: jenkins
spec:
replicas: 1
selector:
matchLabels:
app: jenkins
template:
metadata:
labels:
app: jenkins
spec:
containers:
- name: jenkins
env:
- name: TZ
value: Asia/Shanghai
image: jenkins/jenkins:2.332-jdk11
imagePullPolicy: Always
ports:
- containerPort: 50000
- containerPort: 8080
volumeMounts:
- name: jenkins
mountPath: /var/jenkins_home
volumes:
- name: jenkins
persistentVolumeClaim:
claimName: jenkins
---
apiVersion: v1
kind: Service
metadata:
name: jenkins
namespace: jenkins
spec:
type: LoadBalancer
ports:
- name: web
port: 8080
protocol: TCP
targetPort: 8080
- name: container
port: 50000
protocol: TCP
targetPort: 50000
selector:
app: jenkins
新建一个流水线
填写名称,类型选择为流水线,点击确定,然后直接保存.
