Kubernetes实战——DevOps集成SpringBoot项目

目录

一、安装Gitlab

1、安装并配置Gitlab

1.1 、下载安装包

1.2、安装

1.3、修改配置文件

1.4、更新配置并重启

 2、配置

2.1、修改密码

2.2、禁用注册功能

2.3、取消头像

2.4、修改中文配置

2.5、配置 webhook

3、卸载 

二、安装镜像私服Harbor

1、下载安装包

 2、安装

三、安装代码质量扫描工具sonarqube

1、pgsql.yaml

2、sonarqube.yaml

 3、安装

四、安装Jenkins

1、构建带有maven和sonarqube的镜像

2、安装jenkins

2.1、创建Harbor secret

2.2、 jenkins-configmap.yaml

2.3、jenkins-pvc.yaml

2.4、jenkins-serviceAccount.yaml

2.5、jenkins-deployment.yaml

2.6、jenkins-service.yaml

2.7、创建资源

 3、配置

3.1 、获取初始密码

 3.2、安装插件

3.2.1、Build Authorization Token Root

3.2.2、Gitlab

3.2.3、SonarQube Scanner

3.2.4、Node and Label parameter

3.2.5、Kubernetes

3.2.6、Config File Provider

3.2.7、Git Parameter

3.3、插件配置

3.3.1、SonarQube Scanner配置

3.3.2、kubernetes配置

3.3.3、创建gitlab凭证

五、构建项目

1、创建gitlab的secret

2、配置jenkins任务

2.1、创建流水线Job

 2.2、配置流水线​编辑

2.3、配置gitlab的Webhooks​编辑

2.4、测试构建

 2.5、测试

3、构建SpringBoot项目 

3.1、配置项目流水线

 3.2、创建镜像私服全局凭证

 3.3、创建kubeconfig文件

 3.4、创建sonarqube的webhook

 3.5、 cicd-demo.yaml配置文件

 3.6、cicd-demo-dev.yaml

 3.7、Dockerfile

 3.8、Jenkinsfile

 3.9、完整代码见附录 

 3.10、部署成功效果

六、附录

1、Gitlab安装包

2、Harbor安装包

3、带有Maven的Jenkins镜像

4、源码地址


一、安装Gitlab

1、安装并配置Gitlab

这里使用安装包的方式安装,如果需要Docker方式安装请点击这里

1.1 、下载安装包

wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-15.9.1-ce.0.el7.x86_64.rpm

1.2、安装

rpm -i gitlab-ce-15.9.1-ce.0.el7.x86_64.rpm

1.3、修改配置文件

vim /etc/gitlab/gitlab.rb 
#修改 external_url 访问路径
http://<ip>:<port>
例如我这里改为 
external_url 'http://192.168.139.184:9000'# 修改时区
gitlab_rails['time_zone'] = 'Asia/Shanghai'

1.4、更新配置并重启

gitlab-ctl reconfigure
gitlab-ctl restart

 2、配置

2.1、修改密码

访问上面配置的external_url  http://192.168.139.184:9000/

查看默认密码

cat /etc/gitlab/initial_root_password

 默认账号是root 密码为查看到密码

右上角头像 > Perferences > Password

2.2、禁用注册功能

点击左上角三横 > Admin>Settings > General > Sign-up restrictions > 取消 Sign-up enabled > Save changes

2.3、取消头像

Settings > General > Account and limit > 取消 Gravatar enabled > Save changes

2.4、修改中文配置

Settings > Preferences > Localization > Default language > 选择简体中文 > Save changes

为当前用户设置中文,保存后刷新页面即可

 右上角用户头像 > Preferences > Localization > Language > 选择简体中文 > Save changes

2.5、配置 webhook

设置>网络>出站请求>勾选>保存

3、卸载 

# 停止服务
gitlab-ctl stop# 卸载 rpm 软件(注意安装的软件版本是 ce 还是 ee)
rpm -e gitlab-ce# 查看进程
ps -ef|grep gitlab 
# 干掉第一个 runsvdir -P /opt/gitlab/service log 进程# 删除 gitlab 残余文件
find / -name *gitlab* | xargs rm -rf
find / -name gitlab | xargs rm -rf

二、安装镜像私服Harbor

1、下载安装包

#下载安装包
wget https://github.com/goharbor/harbor/releases/download/v1.10.19/harbor-offline-installer-v1.10.19.tgz#解压
tar -zxf harbor-offline-installer-v1.10.19.tgz 

 2、安装

修改配置文件

vim harbor.yml

安装

 ./install.sh

   访问http://192.168.139.184:8899/ 默认账号为admin 密码为Harbor12345

 配置docker文件,并重启docker服务 。

{"exec-opts": ["native.cgroupdriver=systemd"],"registry-mirrors": ["https://do.nark.eu.org","https://dc.j8.work","https://docker.m.daocloud.io","https://dockerproxy.com","https://docker.mirrors.ustc.edu.cn","https://docker.nju.edu.cn"],
"insecure-registries": ["http://192.168.139.184:8899"]  #新增的配置
}

三、安装代码质量扫描工具sonarqube

1、pgsql.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:name: postgres-datanamespace: kube-devops
spec:accessModes:- ReadWriteManystorageClassName: "manager-nfs-storage"  #前面安装的storageclassresources:requests:storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:name: postgres-sonarnamespace: kube-devops
spec:replicas: 1selector:matchLabels:app: postgres-sonartemplate:metadata:labels:app: postgres-sonarspec:containers:- name: postgres-sonarimage: postgres:14.2ports:- containerPort: 5432env:- name: POSTGRES_DBvalue: "sonarDB"- name: POSTGRES_USERvalue: "sonarUser"- name: POSTGRES_PASSWORD value: "123456"volumeMounts:- name: datamountPath: /var/lib/postgresql/datavolumes:- name: datapersistentVolumeClaim:claimName: postgres-data
---
apiVersion: v1
kind: Service
metadata:name: postgres-sonarnamespace: kube-devopslabels:app: postgres-sonar
spec:type: NodePortports:- name: postgres-sonarport: 5432targetPort: 5432protocol: TCPselector:app: postgres-sonar

2、sonarqube.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:name: sonarqube-datanamespace: kube-devops
spec:accessModes:- ReadWriteManystorageClassName: "manager-nfs-storage"resources:requests:storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:name: sonarqubenamespace: kube-devopslabels:app: sonarqube
spec:replicas: 1selector:matchLabels:app: sonarqubetemplate:metadata:labels:app: sonarqubespec:initContainers:- name: init-sysctlimage: busybox:1.28.4command: ["sysctl", "-w", "vm.max_map_count=262144"]securityContext:privileged: truecontainers:- name: sonarqubeimage: sonarqube:9.9-communityports:- containerPort: 9000env:- name: SONARQUBE_JDBC_USERNAMEvalue: "sonarUser"- name: SONARQUBE_JDBC_PASSWORDvalue: "123456"- name: SONARQUBE_JDBC_URLvalue: "jdbc:postgresql://postgres-sonar:5432/sonarDB"livenessProbe:httpGet:path: /sessions/newport: 9000initialDelaySeconds: 60periodSeconds: 30readinessProbe:httpGet:path: /sessions/newport: 9000initialDelaySeconds: 60periodSeconds: 30failureThreshold: 6volumeMounts:- mountPath: /opt/sonarqube/confname: data- mountPath: /opt/sonarqube/dataname: data- mountPath: /opt/sonarqube/extensionsname: datavolumes:- name: datapersistentVolumeClaim:claimName: sonarqube-data 
---
apiVersion: v1
kind: Service
metadata:name: sonarqubenamespace: kube-devopslabels:app: sonarqube
spec:type: NodePortports:- name: sonarqubeport: 9000targetPort: 9000protocol: TCPselector:app: sonarqube

 3、安装

#创建资源
kubectl create -f pgsql.yaml -f sonarqube.yaml#查看资源
kubectl get po,svc -n kube-devops -o wide

 

 访问该端口下的服务,默认账号密码admin/admin

 

四、安装Jenkins

1、构建带有maven和sonarqube的镜像

Dockerfile

FROM jenkins/jenkins:jdk17
ADD ./apache-maven-3.9.9-bin.tar.gz /usr/local/
ADD ./sonar-scanner-cli-4.8.0.2856-linux.zip /usr/local/USER rootWORKDIR /usr/local/
RUN unzip sonar-scanner-cli-4.8.0.2856-linux.zip
RUN mv sonar-scanner-4.8.0.2856-linux sonar-scanner-cli
RUN ln -s /usr/local/sonar-scanner-cli/bin/sonar-scanner /usr/bin/sonar-scannerENV MAVEN_HOME=/usr/local/apache-maven-3.9.9
ENV PATH=$JAVA_HOME/bin:$MAVEN_HOME/bin:$PATHRUN echo "jenkins ALL=NOPASSWD: ALL" >> /etc/sudoers
USER jenkins
#构建镜像
docker build -t 192.168.139.184:8899/wsnail-harbor/jenkins-maven:jdk-17 .#登录docker私服
docker login -uadmin 192.168.139.184:8899#推送到仓库
docker push 192.168.139.184:8899/wsnail-harbor/jenkins-maven:jdk-17

 注意:1、该操作和docker私服在同一台服务器上

            2、请确认、etc/docker/damon.json文件配置了"insecure-registries": ["http://192.168.139.184:8899"] 

 

2、安装jenkins

2.1、创建Harbor secret


kubectl create secret docker-registry harbor-secret --docker-server=192.168.139.184:8899 --docker-username=admin --docker-password=Xiaojie12345 -n kube-devops

2.2、 jenkins-configmap.yaml

apiVersion: v1 
kind: ConfigMap 
metadata: name: mvn-settingsnamespace: kube-devopslabels: app: jenkins-server
data: settings.xml: |- <?xml version="1.0" encoding="UTF-8"?><settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"><localRepository>/var/jenkins_home/repository</localRepository><servers><server><!--此处id需要对应项目中pom.xml文件中的<distributionManagement> 标签下的id--><id>release</id><username>admin</username><password>123456</password></server><server><id>snapshots</id><username>admin</username><password>123456</password></server></servers><mirrors><mirror><id>releases</id><name>nexus maven</name><mirrorOf>*</mirrorOf><url>http://192.168.139.184:8081/repository/maven-public/</url></mirror><mirror><id>aliMaven</id><name>aliyun maven</name>	  	  <url>	https://maven.aliyun.com/repository/public</url><mirrorOf>central</mirrorOf></mirror></mirrors><pluginGroups><pluginGroup>org.sonarsource.scanner.maven</pluginGroup></pluginGroups><profiles><profile><id>releases</id><activation><activeByDefault>true</activeByDefault><jdk>1.8</jdk></activation><properties><sonar.host.url>http://sonarqube:9000</sonar.host.url></properties><repositories><repository><id>repository</id><name>Nexus Repository</name><url>http://192.168.139.184:8081/repository/snail-group/</url>   <releases><enable>true</enable></releases><snapshots><enable>true</enable></snapshots></repository></repositories></profile></profiles></settings>

2.3、jenkins-pvc.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:name: jenkins-pvcnamespace: kube-devops
spec:storageClassName: manager-nfs-storageaccessModes:- ReadWriteManyresources:requests:storage: 1Gi

2.4、jenkins-serviceAccount.yaml

apiVersion: v1
kind: ServiceAccount
metadata:name: jenkins-adminnamespace: kube-devops
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: jenkins-admin
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-admin
subjects:
- kind: ServiceAccountname: jenkins-adminnamespace: kube-devops

2.5、jenkins-deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:name: jenkinsnamespace: kube-devops
spec:replicas: 1selector:matchLabels:app: jenkins-servertemplate:metadata:labels:app: jenkins-serverspec:serviceAccountName: jenkins-admin#Default: 继承节点的DNS配置;ClusterFirst: 使用coredns作为DNS配置;#ClusterFirstWithHostNet:当Pod.spec.hostNetwork=true时,Pod的DNS策略被强制转换为Default,即继承节点的DNS配置;#  若Pod要使用coredns作为DNS配置,则需配置pod.spec.dnsPolicy=ClusterFirstWithHostNet;#   None: 没有DNS配置;dnsPolicy: Default  #解决pod内没有DNS解析不到插件地址imagePullSecrets:- name: harbor-secret # harbor 访问 secretcontainers:- name: jenkinsimage: 192.168.139.184:8899/wsnail-harbor/jenkins-maven:jdk-17   #这里是自己镜像的地址imagePullPolicy: IfNotPresentsecurityContext:privileged: truerunAsUser: 0 # 使用 root 用户运行容器resources:limits:memory: "2Gi"cpu: "1000m"requests:memory: "500Mi"cpu: "500m"ports:- name: httpportcontainerPort: 8080- name: jnlpportcontainerPort: 50000livenessProbe:httpGet:path: "/login"port: 8080initialDelaySeconds: 90periodSeconds: 10timeoutSeconds: 5failureThreshold: 5readinessProbe:httpGet:path: "/login"port: 8080initialDelaySeconds: 60periodSeconds: 10timeoutSeconds: 5failureThreshold: 3volumeMounts:- name: jenkins-datamountPath: /var/jenkins_home- name: dockermountPath: /run/docker.sock- name: docker-homemountPath: /usr/bin/docker- name: mvn-settingmountPath: /usr/local/apache-maven-3.9.9/conf/settings.xmlsubPath: settings.xml- name: daemonmountPath: /etc/docker/daemon.jsonsubPath: daemon.json- name: kubectlmountPath: /usr/bin/kubectlvolumes:- name: kubectlhostPath:path: /usr/bin/kubectl- name: jenkins-datapersistentVolumeClaim:claimName: jenkins-pvc- name: dockerhostPath:path: /run/docker.sock # 将主机的 docker 映射到容器中- name: docker-homehostPath:path: /usr/bin/docker- name: mvn-settingconfigMap:name: mvn-settingsitems:- key: settings.xmlpath: settings.xml- name: daemonhostPath: path: /etc/docker/

2.6、jenkins-service.yaml

apiVersion: v1
kind: Service
metadata:name: jenkins-servicenamespace: kube-devopsannotations:prometheus.io/scrape: 'true'prometheus.io/path:   /prometheus.io/port:   '8080'
spec:selector:app: jenkins-servertype: NodePortports:- port: 8080targetPort: 8080

2.7、创建资源

#上面的配置文件均在manifests文件下
kubectl apply -f manifests/#查看资源
kubectl get po,svc -n kube-devops

 3、配置

3.1 、获取初始密码

 kubectl logs jenkins-598b49d974-glv5x -n kube-devops

 3.2、安装插件

3.2.1、Build Authorization Token Root
3.2.2、Gitlab
3.2.3、SonarQube Scanner
3.2.4、Node and Label parameter
3.2.5、Kubernetes
3.2.6、Config File Provider
3.2.7、Git Parameter

3.3、插件配置

3.3.1、SonarQube Scanner配置

 注意:如果不是k8s部署可以使用外网访问,ip:port

在SonarQube创建token

在jenkins中添加sonarqube的token

3.3.2、kubernetes配置

 

 

3.3.3、创建gitlab凭证

五、构建项目

1、创建gitlab的secret

后面构建项目时候需要用到

#用户名
echo root > ./username#密码
echo xiaojie123456 > password#创建secret
kubectl create secret generic git-user-pwd --from-file=./username --from-file=./password -n kube-devops#查看
kubectl get  secret -n kube-devops

2、配置jenkins任务

2.1、创建流水线Job

 2.2、配置流水线

2.3、配置gitlab的Webhooks

2.4、测试构建

 2.5、测试

3、构建SpringBoot项目 

3.1、配置项目流水线

 3.2、创建镜像私服全局凭证

 3.3、创建kubeconfig文件

cat ~/.kube/config

将文件内容复制

 3.4、创建sonarqube的webhook

3.5、 cicd-demo.yaml配置文件

---
#开发环境的deploy
apiVersion: apps/v1
kind: Deployment
metadata:labels:app: k8s-democomponent: wssnail-devopstier: backendname: k8s-demonamespace: ks-k8s-demo
spec:progressDeadlineSeconds: 600replicas: 1selector:matchLabels:app: k8s-democomponent: wssnail-devopstier: backendstrategy:rollingUpdate:maxSurge: 100%maxUnavailable: 100%type: RollingUpdatetemplate:metadata:labels:app: k8s-democomponent: wssnail-devopstier: backendspec:imagePullSecrets:- name: harbor-secret #该secret必须和该项目在同一个namespace下containers:- name: k8s-demoimage: REGISTRY/DOCKERHUB_NAMESPACE/APP_NAME:SNAPSHOT-BUILD_NUMBER   #该内容会在构建镜像时自动替换为实际内容readinessProbe:httpGet:path: /indexport: 8080timeoutSeconds: 10failureThreshold: 30periodSeconds: 5imagePullPolicy: Alwaysports:- containerPort: 8080protocol: TCPresources:limits:cpu: 300mmemory: 600Mirequests:cpu: 100mmemory: 100MiterminationMessagePath: /dev/termination-logterminationMessagePolicy: FilednsPolicy: ClusterFirstrestartPolicy: AlwaysterminationGracePeriodSeconds: 30
---
apiVersion: v1
kind: Service
metadata:labels:app: k8s-democomponent: wssnail-devopsname: k8s-demonamespace: ks-k8s-demo
spec:ports:- name: httpport: 8080protocol: TCPtargetPort: 8080selector:app: k8s-democomponent: wssnail-devopstier: backendsessionAffinity: Nonetype: NodePort

3.6、cicd-demo-dev.yaml

---
#开发环境的deploy
apiVersion: apps/v1
kind: Deployment
metadata:labels:app: k8s-democomponent: wssnail-devopstier: backendname: k8s-demonamespace: ks-k8s-demo
spec:progressDeadlineSeconds: 600replicas: 1selector:matchLabels:app: k8s-democomponent: wssnail-devopstier: backendstrategy:rollingUpdate:maxSurge: 100%maxUnavailable: 100%type: RollingUpdatetemplate:metadata:labels:app: k8s-democomponent: wssnail-devopstier: backendspec:imagePullSecrets:- name: harbor-secret #该secret必须和该项目在同一个namespace下containers:- name: k8s-demoimage: REGISTRY/DOCKERHUB_NAMESPACE/APP_NAME:SNAPSHOT-BUILD_NUMBER   #该内容会在构建镜像时自动替换为实际内容readinessProbe:httpGet:path: /indexport: 8080timeoutSeconds: 10failureThreshold: 30periodSeconds: 5imagePullPolicy: Alwaysports:- containerPort: 8080protocol: TCPresources:limits:cpu: 300mmemory: 600Mirequests:cpu: 100mmemory: 100MiterminationMessagePath: /dev/termination-logterminationMessagePolicy: FilednsPolicy: ClusterFirstrestartPolicy: AlwaysterminationGracePeriodSeconds: 30
---
apiVersion: v1
kind: Service
metadata:labels:app: k8s-democomponent: wssnail-devopsname: k8s-demonamespace: ks-k8s-demo
spec:ports:- name: httpport: 8080protocol: TCPtargetPort: 8080selector:app: k8s-democomponent: wssnail-devopstier: backendsessionAffinity: Nonetype: NodePort

 3.7、Dockerfile

## 基础镜像
FROM openjdk:17-slim## 作者
LABEL org.opencontainers.image.authors="wssnail"## 定义参数## 创建并进入工作目录
RUN mkdir -p /wssnail
WORKDIR /wssnail## maven 插件构建时得到 buildArgs 种的值
COPY target/*.jar app.jar## 设置 TZ 时区
## 设置 JAVA_OPTS 环境变量,可通过 docker run -e "JAVA_OPTS=" 进行覆盖
ENV TZ=Asia/Shanghai JAVA_OPTS="-Xms256m -Xmx256m"## 暴露端口
EXPOSE 8080## 容器启动命令
## CMD 第一个参数之后的命令可以在运行时被替换
CMD java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar app.jar

3.8、Jenkinsfile

pipeline {agent {node {label 'maven'  // 这里配置的标签和jenkins中配置节点添加的标签一致}}environment {REGISTRY = '192.168.139.184:8899'   //harbor地址DOCKER_CREDENTIAL_ID = 'harbor-user-pwd' //harbor凭证,对应jenkins创建凭证的idGIT_REPO_URL = '192.168.139.184:9000'    //gitlab地址GIT_CREDENTIAL_ID = 'git-user-pwd'   //gitlab凭证,对应jenkins创建凭证的idKUBECONFIG_CREDENTIAL_ID = '30629742-ddae-4c80-a3ad-5807ffc6ff5a'  //对应jenkins创建kubeconfig文件时的idDOCKERHUB_NAMESPACE = 'wsnail-harbor' //镜像私服的命名空间GITHUB_ACCOUNT = 'root'  //git账号APP_NAME = 'demo-k8s'  //应用名称SONAR_SERVER_URL='http://192.168.139.208:32061'  //sonarqube地址SONAR_CREDENTIAL_ID='sonarqube-token'  //jenkins创建的凭证}//拉取代码stages {stage('clone code') {steps {//配置代码仓库地址 ,credentialsId和jenkins创建的凭证的id保持一致sh 'echo  start pull code  start'git(url: 'http://192.168.139.184:9000/gitlab-instance-e9e80190/demo-k8s.git', credentialsId: 'git-user-pwd', branch: 'master', changelog: true, poll: false)sh 'echo  start pull code end'}}//单元测试stage('unit test') {steps {sh 'mvn clean test'}}//代码质量分析,如果jenkins配置的service连接不上,使用外网地址访问stage('sonarqube analysis') {agent none//withSonarQubeEnv()的值和jenkins中配置的sonarqube的名字保持一致steps {withCredentials([string(credentialsId : 'sonarqube-token' ,variable : 'SONAR_TOKEN' ,)]) {withSonarQubeEnv('sonarqube') {sh '''mvn sonar:sonar -Dsonar.projectKey=$APP_NAMEecho "mvn sonar:sonar -Dsonar.projectKey=$APP_NAME"'''}//代码质量扫描等待时间timeout(unit: 'MINUTES', activity: true, time: 10) {waitForQualityGate 'true'}}}}//打包构建镜像stage('build & push') {steps {sh 'mvn clean package -DskipTests'sh 'docker build -f Dockerfile -t $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:SNAPSHOT-$BUILD_NUMBER .'withCredentials([usernamePassword(credentialsId : 'harbor-user-pwd' ,passwordVariable : 'DOCKER_PASSWORD' ,usernameVariable : 'DOCKER_USERNAME' ,)]) {sh '''echo "$DOCKER_PASSWORD" | docker login $REGISTRY -u "$DOCKER_USERNAME" --password-stdindocker push $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:SNAPSHOT-$BUILD_NUMBER'''}}}stage('push latest') {//是master 分支时,构建镜像的tag为latest保证上线的代码是最新的when {branch 'master'}steps {sh 'docker tag $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:SNAPSHOT-$BUILD_NUMBER $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:latest'sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:latest'}}stage('deploy to dev') {//开发分支时部署到开发分支,这里分支灵活配置,注意镜像地址要与主分支分开steps {input(id: 'deploy-to-dev', message: 'deploy to dev?')sh '''sed -i\'\' "s#REGISTRY#$REGISTRY#" deploy/cicd-demo-dev.yamlsed -i\'\' "s#DOCKERHUB_NAMESPACE#$DOCKERHUB_NAMESPACE#" deploy/cicd-demo-dev.yamlsed -i\'\' "s#APP_NAME#$APP_NAME#" deploy/cicd-demo-dev.yamlsed -i\'\' "s#BUILD_NUMBER#$BUILD_NUMBER#" deploy/cicd-demo-dev.yamlkubectl apply -f deploy/cicd-demo-dev.yaml'''}}stage('push with tag') {//为gitlab打tagagent nonewhen {expression {//当匹配tag 为v开头的分支时params.TAG_NAME =~ /v.*/}}steps {input(message: 'release image with tag?', submitter: '')withCredentials([usernamePassword(credentialsId : 'git-user-pwd' ,passwordVariable : 'GIT_PASSWORD' ,usernameVariable : 'GIT_USERNAME' ,)]) {sh 'git config --global user.email "whisper_snail@163.com" 'sh 'git config --global user.name "wssnail" 'sh 'git tag -a $TAG_NAME -m "$TAG_NAME" 'sh 'git push http://$GIT_USERNAME:$GIT_PASSWORD@$GIT_REPO_URL/gitlab-instance-e9e80190/demo-k8s.git --tags --ipv4'}sh 'docker tag $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:SNAPSHOT-$BUILD_NUMBER $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:$TAG_NAME'sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:$TAG_NAME'}}//是否部署到生产环境stage('deploy to production') {agent nonewhen {expression {params.TAG_NAME =~ /v.*/}}steps {input(message: 'deploy to production?', submitter: '')sh '''sed -i\'\' "s#REGISTRY#$REGISTRY#" deploy/cicd-demo.yamlsed -i\'\' "s#DOCKERHUB_NAMESPACE#$DOCKERHUB_NAMESPACE#" deploy/cicd-demo.yamlsed -i\'\' "s#APP_NAME#$APP_NAME#" deploy/cicd-demo.yamlsed -i\'\' "s#TAG_NAME#$TAG_NAME#" deploy/cicd-demo.yamlkubectl apply -f deploy/cicd-demo.yaml'''}}}//参数选择parameters {string(name: 'BRANCH_NAME', defaultValue: 'master', description: '请选择要发布的分支')choice(name: 'NAMESPACE',choices:['dev','test','master'],description: '命名空间')string(name: 'TAG_NAME', defaultValue: 'snapshot', description: '标签名称,必须以 v 开头,例如:v1、v1.0.0')}}

3.9、完整代码见附录 

3.10、部署成功效果

 

 

 

六、附录

1、Gitlab安装包


链接: https://pan.baidu.com/s/1vUCRmxNzW0jO9mdZ79uYUQ?pwd=37s3 提取码: 37s3 

2、Harbor安装包


链接: https://pan.baidu.com/s/12bZcCA4C3RM89wf5K9_AqQ?pwd=4t49 提取码: 4t49 

3、带有Maven的Jenkins镜像


链接: https://pan.baidu.com/s/19luWsomE7Mktzp9UyAQ5VA?pwd=n7hp 提取码: n7hp 

4、源码地址

熟透的蜗牛/demo-k8s

5、参考

http://www.bilibili.com/video/BV1MT411x7GH/


 

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/news/883972.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

从0学习React(7)

在上篇文章中&#xff0c;我们重点讲了关于函数组件的状态管理。这篇文章&#xff0c;我用一种新的方式来讲一讲React&#xff0c;我会通过一个函数来去讲React。当然&#xff0c;这肯定不能一个函数讲完&#xff0c;但是我可以讲很多个函数&#xff0c;一篇文章讲一个&#xf…

安卓屏幕息屏唤醒

背景&#xff0c;今天遇项目需要&#xff0c;需要在下载在后台任务运行时&#xff08;如下载、上传或进行长时间计算&#xff09;&#xff0c;保持 CPU 活动&#xff0c;然后就写了这个实现方法&#xff0c;废话不多说上代码 第一步&#xff0c;再清单AndroidManifest文件声明权…

多项目管理复杂性对企业的影响

在现代企业中&#xff0c;多项目管理已成为提升竞争力的关键策略。然而&#xff0c;资源分配冲突、沟通协调难题、优先级排序复杂等因素使得多项目管理充满挑战。资源分配冲突尤其突出&#xff0c;因为在多个项目同时进行时&#xff0c;有限的资源需要在不同项目间进行合理分配…

利用EasyExcel实现简易Excel导出

目标 通过注解形式完成对一个方法返回值的通用导出功能 工程搭建 pom <?xml version"1.0" encoding"UTF-8"?> <project xmlns"http://maven.apache.org/POM/4.0.0" xmlns:xsi"http://www.w3.org/2001/XMLSchema-instance&qu…

Mac OS 搭建MySQL开发环境

Mac OS 搭建MySQL开发环境 文章目录 Mac OS 搭建MySQL开发环境一、安装Mysql&#xff1a;二、配置环境变量三、安装Navicat 本地环境&#xff1a; Mac OS Sequoia15.0.1&#xff08;M3 Max) 目标状态&#xff1a; 下载安装Mysql&#xff0c;配置相关环境。 一、安装Mysql&…

关于springboot跨域与拦截器的问题

今天写代码的时候遇到的一个问题&#xff0c;在添加自己设置的token拦截器之后&#xff0c;报错&#xff1a; “ERROR Network Error AxiosError: Network Error at XMLHttpRequest.handleError (webpack-internal:///./node_modules/axios/lib/adapters/xhr.js:112:14) at Axi…

Java 面向对象编程(OOP)(4/30)

目录 Java 面向对象编程&#xff08;OOP&#xff09; 1. 类与对象 1.1 类的定义 1.2 对象的创建与使用 2. 封装 2.1 访问修饰符 2.2 使用 Getter 和 Setter 方法 3. 继承 3.1 继承的基本用法 3.2 方法重写 4. 多态 4.1 编译时多态&#xff08;方法重载&#xff09;…

NVR设备ONVIF接入平台EasyCVR视频分析设备平台视频质量诊断技术与能力

视频诊断技术是一种智能化的视频故障分析与预警系统&#xff0c;NVR设备ONVIF接入平台EasyCVR通过对前端设备传回的码流进行解码以及图像质量评估&#xff0c;对视频图像中存在的质量问题进行智能分析、判断和预警。这项技术在安防监控领域尤为重要&#xff0c;因为它能够确保监…

记录一个跳跃的小游戏

记录一个跳跃的小游戏 <!DOCTYPE html> <html lang"en"><head><meta charset"UTF-8"><meta http-equiv"X-UA-Compatible" content"IEedge"><meta name"viewport" content"widthdevi…

ansible详细介绍和具体步骤

Ansible简介 1.1 Ansible的基本概念 Ansible是一款开源的自动化工具&#xff0c;旨在简化IT操作的复杂性。它由Michael DeHaan创建&#xff0c;并于2012年发布&#xff0c;随后在2015年被Red Hat收购。Ansible的核心理念是“简单即美”&#xff0c;它通过使用YAML&#xff08…

Python Pycharm下载

pycharm-professional-2023.3.3 python-3.9.0-amd64.exe 链接&#xff1a;https://pan.baidu.com/s/1YYf835hlleeDksPMmX9y2g?pwd9x16 提取码&#xff1a;9x16 更多资料获取学习书籍下面搜一搜这里不迷路&#xff0c;回复关键字获取&#xff1a;python

探秘 Feign 核心注解:@FeignClient 和 @EnableFeignClients 是如何打通微服务通信的 “任督二脉” 的?

前两篇文章揭秘 Feign 调用机制&#xff1a;微服务通信的无缝集成和微服务通信背后的秘密&#xff1a;Ribbon 如何选择最佳服务实例&#xff1f;&#xff0c;我们已经了解到 Feign 调用机制的一大优势 —— 在不需要指定域名的情况下&#xff0c;能够借助 Ribbon 精准地找到并调…

比较24个结构的迭代次数

(A,B)---6*30*2---(0,1)(1,0) 让A是结构1&#xff0c;让B全是0。收敛误差为7e-4&#xff0c;收敛199次取迭代次数平均值&#xff0c;得到28080.98 做一个同样的网络(A,B)---6*30*2---(0,1)(1,0)&#xff0c;让A是结构1-24&#xff0c;B全是0&#xff0c;用结构1的收敛权重做初…

Python unstructured库详解:partition_pdf函数完整参数深度解析

Python unstructured库详解&#xff1a;partition_pdf函数完整参数深度解析 1. 简介2. 基础文件处理参数2.1 文件输入参数2.2 页面处理参数 3. 文档解析策略3.1 strategy参数详解3.2 策略选择建议 4. 表格处理参数4.1 表格结构推断 5. 语言处理参数5.1 语言设置 6. 图像处理参数…

CentOS9 Stream上安装Edge浏览器

CentOS9 Stream上安装Edge浏览器 1. 下载 Microsoft Edge RPM 包2. 安装 Edge 浏览器3. 启动 Microsoft Edge4. 更新 Microsoft Edge&#xff08;可选&#xff09; 如果运行的时候出现错误&#xff1a;[5809:5809:1030/234136.530802:ERROR:zygote_host_impl_linux.cc(101)] Ru…

深度了解flink(七) JobManager(1) 组件启动流程分析

前言 JobManager是Flink的核心进程&#xff0c;主要负责Flink集群的启动和初始化&#xff0c;包含多个重要的组件(JboMaster&#xff0c;Dispatcher&#xff0c;WebEndpoint等)&#xff0c;本篇文章会基于源码分析JobManagr的启动流程&#xff0c;对其各个组件进行介绍&#x…

.NET内网实战:通过白名单文件反序列化漏洞绕过UAC

01阅读须知 此文所节选自小报童《.NET 内网实战攻防》专栏&#xff0c;主要内容有.NET在各个内网渗透阶段与Windows系统交互的方式和技巧&#xff0c;对内网和后渗透感兴趣的朋友们可以订阅该电子报刊&#xff0c;解锁更多的报刊内容。 02基本介绍 03原理分析 在渗透测试和红…

ELK之路第三步——日志收集筛选logstash和filebeat

logstash和filebeat&#xff08;偷懒版&#xff09; 前言logstash1.下载2.修改配置文件3.测试启动4.文件启动 filebeat1.下载2.配置3.启动 前言 上一篇&#xff0c;我们说到了可视化界面Kibana的安装&#xff0c;这一篇&#xff0c;会简单介绍logstash和filebeat的安装和配置。…

20 Docker容器集群网络架构:三、Docker集群部署

文章目录 Docker容器集群网络架构:三、Docker集群离线部署3.1 环境准备3.1.1 配置主机名3.1.2 关闭firewall防火墙3.1.3 关闭iptables防火墙3.1.3.1 安装iptables3.1.3.2 禁用iptables3.1.3.3 清空防火墙规则3.1.4 关闭selinux3.1.4.1 临时关闭3.1.4.2 永久关闭3.1.4.3 查询关…

分别用webpack和vite注册全局组件

基础组件的自动化全局注册 1. 组件全部导入后&#xff0c;批量注册 import dgDialog from "/components/dgDialog/index.vue"; import svgIcon from "/components/svgIcon/index.vue"; const allComponent { dgDialog, svgIcon }; export default {inst…