jenkins+pipeline持续集成发布jar项⽬到k8s集
1.在k8s集中部署jenkins
1.1 Deployment.yaml
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: jenkins
namespace: infra
labels:
name: jenkins
spec:
replicas: 1
selector:
matchLabels:
name: jenkins
template:
metadata:
labels:
app: jenkins
name: jenkins
spec:
volumes:
-
name: data
nfs:
server: hdss7-200
path: /data/nfs-volume/jenkins_home
- name: data2
nfs:
server: hdss7-200
path: /data/nfs-volume/cache
- name: docker
hostPath:
path: /run/docker.sock
type: ''
containers:
- name: jenkins
image: harbor.od/infra/jenkins:v2.190.3
ports:
- containerPort: 8080
protocol: TCP
env:
- name: JAVA_OPTS
value: -Xmx512m -Xms512m
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 500m
memory: 1Gi
volumeMounts:
- name: data
mountPath: /var/jenkins_home
- name: data2
mountPath: /root/.m2
-
name: docker
mountPath: /run/docker.sock
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600
1.l
kind: Service
apiVersion: v1
metadata:
name: jenkins
namespace: infra
spec:
ports:
- protocol: TCP
port: 80
targetPort: 8080
selector:
app: jenkins
type: ClusterIP
sessionAffinity: None
1.l
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: jenkins
namespace: infra
spec:
rules:
- host: jenkins.od
http:
paths:
- path: /
backend:
serviceName: jenkins
servicePort: 80
1.3发布jenkins到k8s集
kubectl apply -f k8s-yaml.od/jenkins/Ingress.yaml
kubectl apply -f k8s-yaml.od/jenkins/service.yaml
k8s-yaml.od/jenkins/Deployment.yaml
2.
2.1jenkins安全管理
2.2允许匿名访问
2.3允许跨域
2.4修改jeknis插件源
mirrors.tuna.tsinghua.edu/jenkins/updates/update-center.json
有时候下载插件失败可以重新check now⼀下就好了jenkins流⽔线发布需要安装两个组件
Blue Ocean和SSH Pipeline Steps
3.
3.1新建流⽔线项⽬
3.2
保留三天的构建
3.3添加参数话构建
两个可选参数其他的为⾃定义参数
app_name
image_name
git_repo gitee/ycxc/learnjenkins #我测试的代码仓库
git_ver
add_tag
nodeselectormvn_dir
target_dir
mvn_cmd
base_image(可选参数)
maven(可选版本)
pipeline script
pipeline {
agent any
stages {
stage('pull') { //get project code from repo
steps {
sh "git clone ${params.git_repo} ${params.app_name}/${env.BUILD_NUMBER} && cd ${params.app_name}/${env.BUILD_NUMBER} && git checkout ${params.git_ver}" }
}
stage('build') { //exec mvn cmd
steps {
sh "cd ${params.app_name}/${env.BUILD_NUMBER} && /var/jenkins_home/maven-${params.maven}/bin/${params.mvn_cmd}"
}
}
stage('package') { //move jar file into project_dir
steps {
sh "cd ${params.app_name}/${env.BUILD_NUMBER} && cd ${params.target_dir} && mkdir project_dir && mv *.jar ./project_dir"
}
}
stage('image') { //build image and push to registry
steps {
writeFile file: "${params.app_name}/${env.BUILD_NUMBER}/Dockerfile", text: """FROM harbor.od/${params.base_image}
ADD ${params.target_dir}/project_dir /opt/project_dir"""
sh "cd ${params.app_name}/${env.BUILD_NUMBER} && docker build -t harbor.od/${params.image_name}:${params.git_ver}_${params.add_tag} . && docker push harbor.od/${params.image_name}:${params.git_ver}_${params.a }
}
stage('dp') { //发布
steps {
script {
def remote = [:]
remote.name = 'test'
remote.host ='10.5.7.21'
remote.user = 'root'
remote.password ='123456'
remote.allowAnyHosts= true
writeFile file: "dp.sh", text: """/usr/bin/kubectl apply -f k8s-yaml.od/hello/dp.yaml"""
sshScript remote: remote,script: "dp.sh"
}
}
}
}
}
参数话构建如图
构建完成
SSH Pipeline Steps⽤法请参考
github/jenkinsci/ssh-steps-plugin#sshput
传输⽂件到远程主机
node {
def remote = [:]
remote.name = 'test'
remote.host = 'test.domain'
remote.user = 'root'
remote.password = 'password'
remote.allowAnyHosts = true
stage('Remote SSH') {
writeFile file: 'abc.sh', text: 'ls -lrt'
sshPut remote: remote, from: 'abc.sh', into: '.'
}
}
远程执⾏本地脚本
node {
def remote = [:]
remote.name = 'test'
remote.host = 'test.domain'
remote.user = 'root'
remote.password = 'password'
remote.allowAnyHosts = true
stage('Remote SSH') {
writeFile file: 'abc.sh', text: 'ls -lrt'
sshScript remote: remote, script: "abc.sh"
}
}
远程执⾏命令
node {
def remote = [:]
remote.name = 'test'
remote.host = 'test.domain'
remote.user = 'root'
remote.password = 'password'
remote.allowAnyHosts = true
stage('Remote SSH') {
sshCommand remote: remote, command: "ls -lrt"
sshCommand remote: remote, command: "for i in {1..5}; do echo -n \"Loop \$i \"; date ; sleep 1; done"
}
}
拷贝远程主机⽂件到本地
node {
def remote = [:]
remote.name = 'test'
remote.host = 'test.domain'
remote.user = 'root'
remote.password = 'password'
remote.allowAnyHosts = true
stage('Remote SSH') {
sshGet remote: remote, from: 'abc.sh', into: 'abc_get.sh', override: true
}
}
删除远程主机上的⽂件
node {
def remote = [:]
remote.name = 'test'
remote.host = 'test.domain'
remote.user = 'root'
remote.password = 'password'
remote.allowAnyHosts = true
stage('Remote SSH') {
sshRemove remote: remote, path: "abc.sh"
}
}
秘钥的形式执⾏命令
def remote = [:]
remote.name = "node-1"
remote.host = "10.000.000.153"
remote.allowAnyHosts = true
node {
withCredentials([sshUserPrivateKey(credentialsId: 'sshUser', keyFileVariable: 'identity', passphraseVariable: '', usernameVariable: 'userName')]) { remote.user = userName
remote.identityFile = identity
stage("SSH Steps Rocks!") {
writeFile file: 'abc.sh', text: 'ls'
sshCommand remote: remote, command: 'for i in {1..5}; do echo -n \"Loop \$i \"; date ; sleep 1; done'
sshPut remote: remote, from: 'abc.sh', into: '.'
sshGet remote: remote, from: 'abc.sh', into: 'bac.sh', override: true
sshScript remote: remote, script: 'abc.sh'
sshRemove remote: remote, path: 'abc.sh'
}
}
}
码云访问私钥管理
推送账号是⼿机号密码是⾃⼰设置的密码
参考链接:wwwblogs/slim-liu/p/11953327.html
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论