| ±à¼ÍƼö: |
| ±¾ÎÄÀ´×ÔÓÚSegmentFaultרÀ¸,±¾ÎÄÖ÷Òª½éÉÜÈçºÎÔÚjenkins
, docker registryÉϴ¹«¹²µÄaliÔÆ·þÎñCodePipeline,ÈÝÆ÷¾µÏñ·þÎñ¡£
Ï£Íû¶ÔÄúµÄѧϰÓÐËù°ïÖú¡£ |
|
֮ǰ×Ô¼ºµÄÏîÄ¿¿ª·¢¾Í´îÁ˸öcicdµÄ»·¾³£¬ÄÇʱºòÊÇÔÚ±¾¾ÍСµÄ¿ÉÁ¯µÄ·þÎñÆ÷ÉÏ´îÁËÒ»Ì×
jenkins + docker registry + docker
¼û֮ǰµÄ±Ê¼Ç dockerѧϰÏÂÃæ
×ܵIJ¶àÕâÑù:
Ö®ºó¶ÔkubernetesµÄ½Ó´¥ºó£¬¾ÍÔÚ֮ǰµÄ»ù´¡ÉϼÓÈëkubernetes,ÆäʵҲ¾ÍÊÇÔÚ·þÎñÆ÷ÀÈ¡¾µÏñdocker
runµÄʱºò¸Ä±äΪ֪ͨkubernetesµÄapiServer¶ÔÌáÇ°ÅäÖúõÄÏîÄ¿ÅäÖÃÎļþxx.yaml½øÐиüÐÂkubectl
appply -f xx.yaml£¬Ëü»á¶ÔÅäÖÃÀïµÄ¾µÏñÀÈ¡ÔÚ¶à¸öpodÀïÔËÐУ¬µ±È»»¹ÐèÒª¶ÔÓ¦µÄservice£¬Èç¹ûÐèÒª±©Â¶¸øÍⲿ»¹¿ÉÒÔÌí¸öingress¡£
Ò»¸öС·þÎñÆ÷¼Ó±¾µØÒ»¸öÏÐÖôӻú³Å½øÈ¥Õâô¶à¶«Î÷ºÜÏÔÈ»±¬ÁË£¬ÓÚÊÇ°Ñjenkins , docker
registry²ð³öÀ´£¬ÓÃÉÏÁ˹«¹²µÄaliÔÆ·þÎñCodePipeline,ÈÝÆ÷¾µÏñ·þÎñ¡£
ÕâÀï¼Ç¼һÏ¡£
docker´î½¨
ubuntu°²×°docker¹Ù·½½Ì³Ì
kubernetes´î½¨
֮ǰдµÄkubernetesѧϰÏÂÃæÓÐ
ʹÓÃaliÔÆCodePipelineÌæ´újenkins´´½¨ÈÎÎñ
ÅäÖÃ->ÏîÄ¿Ãû³Æ£º×îºÃΪgithubÉÏ´úÂëµÄdemoÏîÄ¿Ãû³Æ,ÕâÀïÒÔbootshiroΪÀý
ÅäÖÃ->Ô´Âë¹ÜÀí->Git£ºURLΪgithubÉϵÄÏîÄ¿clone url,ÏÂÃæĬÈÏmaster·ÖÖ§
ÅäÖÃ->¹¹½¨´¥·¢Æ÷->Ìîд´úÂë·ÖÖ§£ºeg:master µã»÷Éú³É´¥·¢Æ÷µØÖ·Áôϱ¸ÓÃ(github
webhookÅäÖûáÓõ½)
ÅäÖÃ->¹¹½¨ÏîÄ¿ÀàÐÍ¿ÉÑ¡mavenÏîÄ¿ node pythonµÈ(°´×Ô¼ºÐèÇó¸Ä±àÒë´ò°ü²á²âÊԽű¾)
eg: mavenÏîÄ¿ ±àÒë´ò°ü: mvn package -B -DskipTests ÓÃÀý²âÊÔ:
mvn test
ÅäÖÃ->¾µÏñ¹¹½¨ºÍ·¢²¼: ÕâÀïʹÓÃaliÔƵÄÃâ·Ñdocker¾µÏñ²Ö¿â
¾µÏñ°æ±¾ºÅ×îºÃÓÃjenkins»·¾³±äÁ¿±ê¼Ç,registryµØÖ·Ö¤ÊéµÈ¾ÍÊÇ×Ô¼º¿ªÍ¨µÄaliÔÆregistryµØÖ·ºÍÕË»§,docker·¾¶ÊÇÏà¶ÔÓÚµ±Ç°´úÂë²Ö¿âµÄDcokerfileÎļþ·¾¶,ÓÃÕâ¸öDockefileÎļþÀ´Éú³É¾µÏñ¡£
eg: bootshiroµÄDockefile
#VERSION 1.1.0
#»ù´¡¾µÏñΪopenjdk:12-alpine
FROM openjdk:12-alpine
#Ç©Ãû
MAINTAINER tomsun28 "tomsun28@outlook.com"
RUN rm -rf /opt/running/bootshiro*
ADD ./target/bootshiro.jar /opt/running/bootshiro.jar
EXPOSE 8080
WORKDIR /opt/running/
CMD ["java", "-jar", "bootshiro.jar","--spring.profiles.active=prod"]
|
ÅäÖÃ->²¿ÊðKubernetes(ÐÂ): ÕâÀïÅäÖöԴºÃµÄk8s»·¾³µÄapiServerÁ¬½Ó,Ö®ºóºÃʹÓÃapiServer¶Ôkubernetes²Ù×÷
ÈÏÖ¤·½Ê½£ºÑ¡ÔñÈÏÖ¤Ö¤Êé
API·þÎñÆ÷µØÖ·£ºÎªapiServerͨѶµØÖ·
Ö¤Ê飺ʹÓÃdockerÊÚȨģʽ,¿Í»§¶ËKey(key.pem)ºÍ¿Í»§¶ËÖ¤Êé(cert.pem)ÔÚ/etc/kubernetes/admin.conf,·þÎñ¶ËCAÖ¤Êé(ca.pem)ÔÚ/etc/kubernetes/pki/ca.crt
²¿ÊðÅäÖÃÎļþ£ºÎªk8s²¿ÊðÕâ¸öÏîÄ¿µÄÅäÖÃÎļþλÖã¬Ò²ÊÇÒÔµ±Ç°ÏîÄ¿´úÂë²Ö¿âΪÏà¶Ô·¾¶,eg
:bootshiro.yaml
kind: Deployment
apiVersion: apps/v1beta2
metadata:
name: bootshiro-deployment
labels:
app: bootshiro
spec:
replicas: 1
selector:
matchLabels:
app: bootshiro
template:
metadata:
labels:
app: bootshiro
spec:
containers:
- name: nginx
image: registry.cn-hangzhou.aliyuncs.com/tomsun28/bootshiro:${BUILD_NUMBER}
ports:
- containerPort: 8080
---
# -------nginx-service--------- #
apiVersion: v1
kind: Service
metadata:
name: bootshiro-service
spec:
# type: NodePort
ports:
- name: server
port: 8080
targetPort: 8080
selector:
app: bootshiro
# !----------------------bootshiro---------------------
#
ÕâÀïÅäÖò¿ÊðÎļþ´´½¨ÁËÒ»¸öpodʵÀý£¬´´½¨ÁËÓëÆäÏë¶ÔÓ¦µÄserviceÔÚ¼¯ÈºÄÚ²¿±©Â¶·þÎñ¡£
Èç¹û²¿ÊðµÄÓ¦ÓÃÐèÒª¶Ô¼¯ÈºÍâÌṩ·þÎñ£¬ÕâÀﻹҪ´´½¨¶ÔÓ¦µÄ±©Â¶·þÎñµÄ·½Ê½£¬Èçingress,
nodeportµÈ |
ÕâÀïÅäÖò¿ÊðÎļþ´´½¨ÁËÒ»¸öpodʵÀý£¬´´½¨ÁËÓëÆäÏë¶ÔÓ¦µÄserviceÔÚ¼¯ÈºÄÚ²¿±©Â¶·þÎñ¡£
Èç¹û²¿ÊðµÄÓ¦ÓÃÐèÒª¶Ô¼¯ÈºÍâÌṩ·þÎñ£¬ÕâÀﻹҪ´´½¨¶ÔÓ¦µÄ±©Â¶·þÎñµÄ·½Ê½£¬Èçingress, nodeportµÈ
µ½´Ëcicd¾Í²î²»¶àÁË£¬ÎÒÃÇ¿ª·¢´úÂëpushµ½github²Ö¿âÉÏ£¬¸ú×ÅDevOpsÁ÷³Ì×ߣ¬×îºóÏîÄ¿¾Í»á×Ô¼ºÔËÐе½kubernetes¼¯ÈºÀïÃæÁË£¬pod¹ÒÁË»òÕß´Ó»ú¹ÒÁË£¬k8s»áÖØÐÂÆô±£Ö¤É趨ÊýÁ¿µÄpod¡£
ʹÓÃingress¶Ô¼¯ÈºÍⱩ¶·þÎñ
ÕâÀïʹÓõÄÊÇtraefik-ingress,ÔÚkubernetesÖв¿ÊðtraefikÓйٷ½²¿ÊðÊֲᣬ»ù±¾°´×Å×ßÒ»±é¾ÍÄܲ¿ÊðÉÏÈ¥ÁË¡£
ÕûºÏ²¿ÊðµÄtraefik.yaml:
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik-ingress-controller
subjects:
- kind: ServiceAccount
name: traefik-ingress-controller
namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik-ingress-controller
namespace: kube-system
---
kind: DaemonSet
apiVersion: extensions/v1beta1
metadata:
name: traefik-ingress-controller
namespace: kube-system
labels:
k8s-app: traefik-ingress-lb
spec:
template:
metadata:
labels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-lb
spec:
serviceAccountName: traefik-ingress-controller
terminationGracePeriodSeconds: 60
containers:
- image: traefik
name: traefik-ingress-lb
ports:
- name: http
containerPort: 80
hostPort: 80
- name: admin
containerPort: 8080
securityContext:
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
args:
- --api
- --kubernetes
- --logLevel=INFO
---
apiVersion: v1
kind: Service
metadata:
name: traefik-web-ui
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- name: web
port: 80
targetPort: 8080
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: traefik-web-ui
namespace: kube-system
annotations:
kubernetes.io/ingress.class: traefik
traefik.frontend.rule.type: PathPrefixStrip
spec:
rules:
- host: tom.usthe.com
http:
paths:
- path: /ingress
backend:
serviceName: traefik-web-ui
servicePort: web |
ʹÓÃtraefikÀ´±©Â¶service:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: chess
namespace: default
annotations:
kubernetes.io/ingress.class: traefik
traefik.frontend.rule.type: PathPrefixStrip
spec:
rules:
- host: tom.usthe.com
http:
paths:
- path: /usthe
backend:
serviceName: usthe-service
servicePort: http
- path: /nginx
backend:
serviceName: nginx
servicePort: http |
|
