K8S+jenkins架构实现自动化部署

1.Ubuntu部署jenkins环境

JEKINS基于K8S实现一键部署架构

1.1 部署Jenkins的秘钥

[root@jenkins211 ~]# curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee /usr/share/keyrings/jenkins-keyring.asc > /dev/null

1.2 添加Jenkins的存储库

[root@jenkins211 ~]# echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc]   https://pkg.jenkins.io/debian-stable binary/ | sudo tee  /etc/apt/sources.list.d/jenkins.list > /dev/null

1.3 安装JRE环境

[root@jenkins211 ~]# apt-get update
[root@jenkins211 ~]# apt -y autoremove
[root@jenkins211 ~]# apt-get install fontconfig 

#在线下载太慢，建议离线去官网下载软件包，去官网离线下载jdk17.0.8软件包
[root@jenkins211 ~]# mkdir -pv /Project/softwares 
[root@jenkins211 ~]# tar xf jdk-17_linux-x64_bin.tar.gz -C /Project/softwares/
[root@jenkins211 ~]# cat  /etc/profile.d/jdk.sh
#!/bin/bash

export JAVA_HOME=/Project/softwares/jdk-17.0.8
export PATH=$PATH:$JAVA_HOME/bin
[root@jenkins211 ~]#
[root@jenkins211 ~]# source  /etc/profile.d/jdk.sh
[root@jenkins211 ~]# 
[root@jenkins211 ~]# 
[root@jenkins211 ~]# java --version
java 17.0.8 2023-07-18 LTS
Java(TM) SE Runtime Environment (build 17.0.8+9-LTS-211)
Java HotSpot(TM) 64-Bit Server VM (build 17.0.8+9-LTS-211, mixed mode, sharing)
root@jenkins:~# 

1.4 安装Jenkins环境

# apt-get install jenkins  # 这种在线方式安装较慢，不建议。
[root@jenkins211 ~]# wget https://mirror.twds.com.tw/jenkins/debian-stable/jenkins_2.426.3_all.deb
[root@jenkins211 ~]# dpkg -i jenkins_2.426.3_all.deb 

1.5 修改Jenkins的启动脚本并重启服务

root@jenkins:~# vim /lib/systemd/system/jenkins.service
......
# 修改原有的配置，默认是jenkins用户
User=root
Group=root
 
# 添加JAVA_HOME环境变量，不要修改原有的其他环境变量配置
Environment="JAVA_HOME=/Project/softwares/jdk-17.0.8"
...

[root@jenkins211 ~]# systemctl daemon-reload
[root@jenkins211 ~]#
[root@jenkins211 ~]# systemctl restart jenkins

1.6 访问Jenkins的WebUI

http://10.0.0.211:8080/

2.安装Jenkins插件

[root@jenkins211 ~]# tar xf jenkins211-plugins.tar.gz -C /var/lib/jenkins/plugins/
[root@jenkins211 ~]# 
[root@jenkins211 ~]# ll /var/lib/jenkins/plugins/ | wc -l
151
[root@jenkins211 ~]# 

2.1 重启Jenkins服务

[root@jenkins211 ~]# systemctl restart jenkins
[root@jenkins211 ~]# 

3.Jenkins编译镜像并推送到harbor仓库

3.1 Jenkins节点安装docker

使用一键安装脚本安装docker环境

tar xf docker-compose-binary-install.tar.gz 
./install-docker.sh install

3.2 拷贝docker客户端证书

[root@jenkins211 ~]# mkdir -pv /etc/docker/certs.d/harbor.nolenlinux.cn/
[root@jenkins211 ~]# scp harbor.nolenlinux.cn:/Project/softwares/harbor/certs/docker-client/* /etc/docker/certs.d/harbor.nolenlinux.cn/
...
root@harbor's password: 
ca.crt                                                                                               100% 2049     2.3MB/s   00:00    
harbor.nolenlinux.cn.cert                                                                            100% 2147     1.2MB/s   00:00    
harbor.nolenlinux.cn.key                                                                             100% 3272     3.4MB/s   00:00    
[root@jenkins211 ~]# 
[root@jenkins211 ~]# ll /etc/docker/certs.d/harbor.nolenlinux.cn/
total 20
drwxr-xr-x 2 root root 4096 Sep 14 16:20 ./
drwxr-xr-x 3 root root 4096 Sep 14 16:19 ../
-rw-r--r-- 1 root root 2049 Sep 14 16:20 ca.crt
-rw-r--r-- 1 root root 2147 Sep 14 16:20 harbor.nolenlinux.cn.cert
-rw------- 1 root root 3272 Sep 14 16:20 harbor.nolenlinux.cn.key
[root@jenkins211 ~]# 

3.3 登录harbor仓库

[root@jenkins211 ~]# docker login -u admin -p 1 harbor.nolenlinux.cn
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@jenkins211 ~]# 

4.基于Jenkins实现一键发布流程

4.1 修改Jenkins的配置

docker image build -t harbor.nolenlinux.cn/jenkins/yiliao:${version} .
docker image push harbor.nolenlinux.cn/jenkins/yiliao:${version}
kubectl set image  deploy deployment-yiliao yiliao=harbor.nolenlinux.cn/jenkins/yiliao:${version}

4.2 Jenkins安装Kubectl

[root@jenkins211 ~]# ll kubectl-1.23.17 
-rw-r--r-- 1 root root 45174784 Sep  4  2023 kubectl-1.23.17
[root@jenkins211 ~]# 
[root@jenkins211 ~]# mv kubectl-1.23.17 /usr/local/bin/kubectl
[root@jenkins211 ~]# 
[root@jenkins211 ~]# chmod +x /usr/local/bin/kubectl
[root@jenkins211 ~]# 
[root@jenkins211 ~]# ll /usr/local/bin/kubectl
-rwxr-xr-x 1 root root 45174784 Sep  4  2023 /usr/local/bin/kubectl*
[root@jenkins211 ~]# 

4.3 将MASTER节点的证书拷贝到Jenkins节点

[root@jenkins211 ~]# scp 10.0.0.115:/root/.kube/config .kube/
...
root@10.0.0.115's password: 
config                                                                                               100% 5638     5.7MB/s   00:00    
[root@jenkins211 ~]# 
[root@jenkins211 ~]# ll .kube/
total 20
drwxr-x---  3 root root 4096 Sep 14 16:56 ./
drwx------ 11 root root 4096 Sep 14 16:54 ../
drwxr-x---  3 root root 4096 Sep 14 16:54 cache/
-rw-------  1 root root 5638 Sep 14 16:56 config
[root@jenkins211 ~]# 
# 开始编译,访问项目的webUI

5 Jenkins实现回滚功能

修改配置

kubectl set image  deploy deployment-yiliao yiliao=harbor.nolenlinux.cn/jenkins/yiliao:${version}