9.实战交付一套dubbo微服务到k8s集群(2)之Jenkins部署
2024-10-09 06:53:58
1.下载Jenkins镜像打包上传harbor上
[root@hdss7- ~]# docker pull jenkins/jenkins:2.190.
[root@hdss7- ~]# docker images |grep jenkins
[root@hdss7- ~]# docker tag 22b8b9a84dbe harbor.fx.com/public/jenkins:v2.190.3
[root@hdss7- ~]# docker push harbor.fx.com/public/jenkins:v2.190.3
2.自定义Dockerfile文件
[root@hdss7- ~]# mkdir -p /data/dockerfile/jenkins && cd /data/dockerfile/jenkins/
[root@hdss7- ~]# vim /data/dockerfile/jenkins/Dockerfile
FROM harbor.fx.com/public/jenkins:v2.190.3
USER root
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
echo 'Asia/Shanghai' > /etc/timezone
ADD id_rsa /root/.ssh/id_rsa
ADD config.json /root/.docker/config.json
ADD get-docker.sh /get-docker.sh
RUN echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config &&\
/get-docker.sh
这个Dockerfile里我们主要做了以下几件事
- 设置容器用户为root
- 设置容器内的时区
- 将ssh私钥加入(使用git拉代码时要用到,配对的公钥应配置在gitlab中)
- 加入了登录自建harbor仓库的config文件
- 修改了ssh客户端的
- 安装一个docker的客户端
3.生成ssh密钥对
[root@hdss7- ~]# ssh-keygen -t rsa -b -C "fangxing1001@163.com" -N "" -f /root/.ssh/id_rsa
4.将dockerfile文件需要的文件复制到jenkins目录
[root@hdss7- ~]# cd /data/dockerfile/jenkins/
[root@hdss7- jenkins]# cp /root/.ssh/id_rsa .
[root@hdss7- jenkins]# cp /root/.docker/config.json .
[root@hdss7- jenkins]# curl -fsSL get.docker.com -o get-docker.sh
[root@hdss7- jenkins]# chmod +x get-docker.sh
5.在harbor私有仓库中创建存放jenkin的私有镜像
6.制作自定义镜像并推送到harbor仓库
[root@hdss7- ~]# cd /data/dockerfile/jenkins/
[root@hdss7- ~]# docker build . -t harbor.fx.com/infra/jenkins:v2.190.3
[root@hdss7- ~]# docker push harbor.od.com/infra/jenkins:v2.190.3
7.创建保存jenkins目录
[root@hdss7- ~]# mkdir -p /data/k8s-yaml/jenkins
[root@hdss7- ~]# mkdir -p /data/nfs-volume/jenkins_home
[root@hdss7- ~]# cd /data/k8s-yaml/jenkins/
8.创建资源配置清单
Deployment.yaml
[root@hdss7- jenkins]# vim Deployment.yaml
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: jenkins
namespace: infra
labels:
name: jenkins
spec:
replicas:
selector:
matchLabels:
name: jenkins
template:
metadata:
labels:
app: jenkins
name: jenkins
spec:
volumes:
- name: data
nfs:
server: hdss7-.host.com
path: /data/nfs-volume/jenkins_home
- name: docker
hostPath:
path: /run/docker.sock
type: ''
containers:
- name: jenkins
image: harbor.fx.com/infra/jenkins:v2.190.3
ports:
- containerPort:
protocol: TCP
env:
- name: JAVA_OPTS
value: -Xmx512m -Xms512m
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 500m
memory: 1Gi
volumeMounts:
- name: data
mountPath: /var/jenkins_home
- name: docker
mountPath: /run/docker.sock
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds:
securityContext:
runAsUser:
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable:
maxSurge:
revisionHistoryLimit:
progressDeadlineSeconds:
Service.yaml
[root@hdss7- jenkins]# vim Service.yaml
kind: Service
apiVersion: v1
metadata:
name: jenkins
namespace: infra
spec:
ports:
- protocol: TCP
port:
targetPort:
selector:
app: jenkins
type: ClusterIP
sessionAffinity: None
Ingress.yaml
[root@hdss7- jenkins]# vim Ingress.yaml
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: jenkins
namespace: infra
spec:
rules:
- host: jenkins.fx.com
http:
paths:
- path: /
backend:
serviceName: jenkins
servicePort:
9.部署ntf服务
[root@hdss7- ~]# yum -y install nfs-utils
[root@hdss7- ~]# vim /etc/exports
/data/nfs-volume 10.4.7.0/(rw,no_root_squash)
[root@hdss7- ~]# mkdir -p /data/nfs-volume
[root@hdss7- ~]# systemctl start nfs && systemctl enable nfs
10.为拉私有仓库私有镜像创建一个secret
[root@hdss7-21 ~]# kubectl create ns infra
[root@hdss7- ~]# kubectl create secret docker-registry harbor --docker-server=harbor.fx.com --docker-username=admin --docker-password=Harbor12345 -n infra
[root@hdss7- ~]# kubectl get secret -n infra
11.应用Jenkins资源配置清单
[root@hdss7- ~]# kubectl apply -f http://k8s-yaml.fx.com/jenkins/Deployment.yaml
[root@hdss7- ~]# kubectl apply -f http://k8s-yaml.fx.com/jenkins/Service.yaml
[root@hdss7- ~]# kubectl apply -f http://k8s-yaml.fx.com/jenkins/Ingress..yaml
12.添加解析域名jenkins.fx.com
[root@hdss7-11 ~]# vim /var/named/fx.com.zone
$ORIGIN fx.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.fx.com. dnsadmin.fx.com. (
2020061011 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.fx.com.
$TTL 60 ; 1 minute
dns A 10.4.7.11
harbor A 10.4.7.200
k8s-yaml A 10.4.7.200
traefik A 10.4.7.10
dashboard A 10.4.7.10
zk1 A 10.4.7.11
zk2 A 10.4.7.12
zk3 A 10.4.7.21
jenkins A 10.4.7.10
[root@hdss7-11 ~]# systemctl restart named
[root@hdss7-11 ~]# dig -t A jenkins.fx.com @10.4.7.11 +short
13.在浏览器中访问jenkins
14.查看jenkins的登录密码
[root@hdss7- ~]# kubectl logs jenkins-7c5fcfbfd5-kz8hp -n infra
Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation: 04e1fec0d9db4283b6076532f857f137 This may also be found at: /var/jenkins_home/secrets/initialAdminPassword
15.登录jenkins后操作及设置
16.配置插件加速地址
地址:https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json
最新文章
- javase-常用三种遍历方法
- IP协议
- CSS选择器实现搜索功能 驱动过滤搜索技术
- 下面将详细说明useradd与usermod 的参数及用法!
- badge ionic tab
- NLog使用总结
- Dynamic - ExpandoObject学习心得
- centOS 下解压 rar zip 文件
- NIO组件Selector工作机制详解(下)
- Kafka笔记--指定消息的partition规则
- mvc自带的异步表单提交
- 各浏览器对 window.open() 的窗口特征 sFeatures 参数支持程度存在差异
- thinkphp中select()和find()的区别
- 用 node.js 创建第一个Hello World
- [js高手之路] es6系列教程 - 迭代器与生成器详解
- linux下iptables配置模板
- Java经典编程题50道之二十三
- Java地位被撼动?Java与JavaScript的趣事连载
- 【Teradata SQL】FALLBACK表改为NO FALLBACK表
- python数据类型一:字符串