Shulou(Shulou.com)06/02 Report--

Preface the sample code and jenkins-agent images in this practice have been pushed and archived to github,-- > Portal Note: in this practice, they are all private network data, so be sure to change them to valid data of your own environment when testing. As this practice involves many components, if the operation is not clear, you can leave a message in the background and we will improve it together. If the specific operation is not clear, or the error can be left a message, we can solve it together. 1. Prepare basic data

Configure gitlab

1) create a project

2) upload sample code

Note: the gitlab project address used in this example is: http://gitlab.hanker.com/colynn/hanker-hello.git

Configure harbor

1) create a project to store the built image

Note: the harbor address used in this example is 10.0.0.185:5000/hanker/hanker-hello:v1.

Jenkins authentication information

1) add gitlab account information

Instructions: [Credentials]-> [System]-> [Global credentials]-> [Add Credentials]

2) harbor information

Instructions: [Credentials]-> [System]-> [Global credentials]-> [Add Credentials]

3) k8s namespace verification information

On your k8s master node, do the following:

1. Create serviceaccount

$kubectl-n devops create serviceaccount jenkins-robot

Command output:

Serviceaccount/jenkins-robot created

two。 Role binding

$kubectl-n devops create rolebinding jenkins-robot-binding-clusterrole=cluster-admin-serviceaccount=devops:jenkins-robot

Command output:

Rolebinding.rbac.authorization.k8s.io/jenkins-robot-binding created

3. Get ServiceAccount

$kubectl-n devops get serviceaccount jenkins-robot-o go-template-- template=' {{range .treasts}} {{.name}} {{"\ n"}} {{end}}'

Jenkins-robot-token-n8w6b

4. Decoding ServiceToken based on base64

$kubectl-n devops get secrets jenkins-robot-token-n8w6b-o go-template-template'{{index .data "token"}}'| base64-- decode

Command output:

EyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZXZvcHMiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlY3JldC5uYW1lIjoiamVua2lucy1yb2JvdC10b2tlbi1uOHc2YiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJqZW5raW5zLXJvYm90Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiOTcyZTY0OGYtMTYxZC00NmM5LWI0ZjgtYjFkNTdlOWY4NTBjIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmRldm9wczpqZW5raW5zLXJvYm90In0.ArQvcaEqCaeU1ZcJ6nOC5rLaTZr_vLDrpLCt87asltMUWj2gSli_mXUTrl09hBnBDXI3A1D4rJXHKLHjIAA4nN8qRIRGbpqSNzDwmqJr-jmmmWWZFrZ3n3Al9-13KJnNOK8pcWr70rt3Rsigt4B6CIQ0-ZLK8BZhvROJSifeOfJ6xe2KBqdXBv1ccZZZfEhPLgGbaR5yWm5jLvOMr2MQiPDrZoHOEkcMt-C0xipytOp4sJCJ4bQhb-UoMu1owYydxbd6O7xO71fvqP_bMDpZXC601nA2ggK7h-vi6CJffHv5MM59q8X_DWe1NnZS6KXiMmkXqAmBn10Yu20PNj-kjg

5. Add Secret text authentication information

Instructions: [Home]-> [Credentials]-> [System]-> [Global credentials]-> [Add Credentials]-> Select [Secret text] type

Then update the decoding result of the previous step to Secret and Pipeline

two。 How to create jenkins pipeline1. Create jenkins pipeline item

Instructions: [home]-> [New Item]

2. Pipeline script step instructions

Note: pipeline mainly consists of three stages (checking out code, making images, and deploying services). Let's explain how to write pipeline. Only part of the code is generated with Pipeline Syntax, and you can improve it according to the language specification.

1. Phase 1, check out the code

Instructions: [home]-> [hanker-hello-demo]-> [Pipeline Syntax]

Note: the git: Git type selected in this practice, of course, you can also choose checkout: Check out from version control

Get the script for this step

Git credentialsId: 'gitlab-project-auth', url:' http://gitlab.hanker.com/colynn/hanker-hello.git'

two。 Phase 2, build the image

Operation instructions: similar to stage 1

Perfect the script to get this step

Script {withDockerRegistry (credentialsId: 'harbor-auth', url:' http://10.0.0.185:5000') {def customImage = docker.build ("10.0.0.185:5000/devops/hanker-hello:v1") customImage.push ()}}

Note: to support this stage, the jenkins-agent image needs to include the docker command.

3. Stage 3. Deployment servic

Reference: jenkins kubernetes cli plugin

Note: to support this stage, the jenkins-agent image needs to include the kubectl command.

3. Set up pipeline

Note:

You can set up the three pieces of General/ Build Triggers/ Advanced Project Options according to your needs, merge the scripts of each stage and update them into Pipline-> Script.

The merged pipeline script is as follows:

Pipeline {agent any stages {stage ('checkout') {steps {git credentialsId:' gitlab-project-auth' Url: 'http://gitlab.hanker.com/colynn/hanker-hello.git'}} stage (' docker-publish') {steps {script {withDockerRegistry (credentialsId: 'harbor-auth') Url: 'http://10.0.0.185:5000') {def customImage = docker.build ("10.0.0.185:5000/devops/hanker-hello:v1") customImage.push ()} stage (' application-deploy' ) {steps {withKubeConfig ([credentialsId: '5a5517f3-3d38-459dMurbafcMu12b55beeb588' ServerUrl: 'https://10.0.0.182:6443']) {sh' / usr/bin/kubectl apply-f k8smursetup.yml'}}

3. Trigger build

4. Result confirmed

1. Confirm jenkina-agent startup status

$kubectl-n devops get pods | grep jnlpjnlp-sh8zl 1 14s// 1 Running 0 view jenkins-agent pod log $kubectl-n devops logs-f [jenkins-agent-pod-name]

Note: if you have not started jenkins-agent for a long time, you can confirm whether there are enough resources in the cluster.

two。 Confirm pipeline execution status

3. Confirm whether there is a newly pushed image in the harbor image warehouse

Note: you need to create the project in harbor first, otherwise you will report an error when you push it.

4. Confirm the service status of the deployment

Do the following on the k8s master node:

$kubectl-n devops get pod,deployment,svc Ingress | grep hanker-hello pod/hanker-hello-5b7586f86d-5j7kk 1 Running 0 173mdeployment.extensions/hanker-hello 1 8080/TCP 3h8mingress.extensions/hanker-hello-ingress hanker-hello-demo.dev.hanker 1 1 1 3h8mservice/hanker-hello-svc ClusterIP 10.233.22.19 .net 80 3h8m

Appendix 1. Custom jenkins-agent Image # # based on https://github.com/Kubernetes-Best-Pratice/jenkins-jnlp-agent.git$ git checkout https://github.com/Kubernetes-Best-Pratice/jenkins-jnlp-agent.git$ cd jenkins-jnlp-agent$ docker build. $docker tag tag-name custom-private-repository-addr

Note: you can also create a custom image based on the basic image

two。 We can do better to configure webhook and automatically trigger jenkins job;. The mirror version we built in practice currently uses a fixed one. Can you replace it with relying on pipeline environment variables or passing parameters to make it more meaningful? in the last article, when we set up [configure Kubernetes Pod Template], we mentioned that you can mount hosts or network shared storage. Can you use this to make your build faster? Our sample code uses go, which is directly packaged in the image, how to build better in other languages, you can refer to Using Docker with Pipeline;, have you ever thought about how to download the products in the build process, and so on. 3. Reference link: https://github.com/jenkinsci/kubernetes-cli-plugin/blob/master/README.md download kubectl: https://docs.docker.com/ee/ucp/user-access/kubectl/

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.