Shulou(Shulou.com)06/02 Report--

First, the environment prepares the K8s cluster environment (I have three K8s clusters here); a single docker server is mainly used to upload images to the private warehouse, and Jenkins and gitlab are also deployed on this server; the above environment has a total of 4 servers, all pointing to the same private warehouse in order to share docker images; the server IP is 192.168.20.2, 20.3,20.4,20.5 (the first three IP are nodes in the K8s cluster)

Jenkins is deployed in the form of war package, and you need to use the tomcat environment. Refer to the blog article for deployment.

For other environment deployments, please refer to the following blog posts:

Installation and optimized configuration of Tomcat

Detailed installation configuration of Docker

Introduction, installation and deployment of K8s (Kubernetes).

Note: all the package files used below can be downloaded from my network disk link.

II. Deploy registry private warehouse

Any node that can run the docker container can be deployed. Here I choose the host in 192.168.20.5.

1. Run the private warehouse container [root@jenkins ~] # docker run-tid-- name registry-- restart=always-p 5000name registry 5000-v / data/registry:/var/lib/registry registry2, configure each server to point to the private warehouse # select any node to do the following [root@jenkins ~] # vim / usr/lib/systemd/system/docker.service # modify the following configuration items In order to specify the listening address of its private warehouse ExecStart=/usr/bin/dockerd-H unix://-- insecure-registry 192.168.20.5 insecure-registry 500mm, send the modified configuration file to other nodes [root@jenkins ~] # scp / usr/lib/systemd/system/docker.service 192.168.20.2:/usr/lib/systemd/system/ [root@jenkins ~] # scp / usr/lib/systemd/system/docker.service 192.168 .20.3: / usr/lib/systemd/system/ [root@jenkins ~] # scp / usr/lib/systemd/system/docker.service 192.168.20.4:/usr/lib/systemd/system/3, Each node restarts the docker service in turn Make the changes effective

The following actions need to be configured at each node in turn.

[root@jenkins ~] # systemctl daemon-reload [root@jenkins ~] # systemctl restart docker III. Deploy the Jenkins service and start it

Before deploying Jenkins, deploy the tomcat service on your own. Refer to the blog article: Tomcat installation and optimized configuration.

The source packages and plug-ins needed to deploy Jenkins can be downloaded from my network disk link.

[root@jenkins src] # cd / usr/local/tomcat/webapps/# delete all content in the original web page directory (depending on the actual situation Better make a backup) [root@jenkins webapps] # rm-rf * [root@jenkins webapps] # rz # upload war package of Jenkins [root@jenkins webapps] # lsjenkins.war# specify the home directory of Jenkins [root@jenkins webapps] # vim.. / bin/catalina.sh # Edit this file #! / bin/sh # add export CATALINA_OPTS= "- DJENKINS_HOME=/data/jenkins" export JENKINS_JAVA_ under the line at the beginning of the file OPTIONS= "- Djava.awt.headless=true-Dhudson.ClassicPluginStrategy.noBytecodeTransformer=true" # starts tomcat [root @ jenkins webapps] # cd.. / bin/ [root@jenkins bin] #. / catalina.sh start# determines that the port is listening [root@jenkins bin] # netstat-anpt | grep 8080tcp6 0: 8080: * LISTEN 58560/java 4. Configure the Jenkins service

To achieve the CI/CD of Jenkins, there must be three plug-ins: GitLab, GitLab HOOK and GitLab Authentication. It is not easy to download these plug-ins in China. There are packaged plug-ins in the link to the network disk above, which can be extracted directly to the corresponding directory.

1. Configure the Jenkinsweb interface

The browser accesses the IP+ port / Jenkins of the following tomcat service, such as 192.168.20.5:8080/jenkins, and you can see the following interface (it is best to disconnect the public network before access, otherwise the plug-in will be installed online after entering the password, which is relatively slow, and the installation is likely to fail):

Follow the prompts to view the password and paste it into the appropriate location, as follows:

[root@jenkins webapps] # cat / data/jenkins/secrets/initialAdminPassworded0a933859e0470f9095680a2059c19a

After entering the password, wait a moment, and then click as follows:

Create the appropriate user:

After the login is successful, it is as follows:

Now close the browser page and add a plug-in to Jenkins:

2. Configure the required plug-in [root@jenkins src] # rm-rf / data/jenkins/plugins/ # Delete the original empty directory [root@jenkins src] # tar zxf plugins.tar.gz-C / data/jenkins/# and restart tomcat to take effect [root@jenkins src] # / usr/local/tomcat/bin/catalina.sh stop [root@jenkins src] # / usr/local/tomcat/bin/catalina.sh start

Visit Jenkins's web interface again:

You can see that it has become a Chinese page, indicating that the plug-in configuration takes effect, as follows:

Deploy gitlab services

After thinking about it, I still don't bother to take any more screenshots. Refer to my previous blog post to deploy gitlab. I also read that blog post (after installing gitlab, don't go on with the operation, you need to see the following precautions and change the listening port), and finally ensure that the remote library can be cloned locally. Here, gitlab and Jenkins are deployed on the same server. Reference blog: Gitlab installation and Application of continuous Integration

Attention!

After installing gitlab, you need to change its listening port (to prevent port conflicts), as follows:

[root@jenkins src] # vim / etc/gitlab/gitlab.rb # change the following external_url 'http://192.168.20.5:90'unicorn['listen'] =' 192.168.20.5'# Native IPunicorn ['port'] = 3000

After you change the listening port, you can follow that blog post (but the port is different from that blog post. For example, to query whether the port is listening again, you should look at port 90 instead of port 80. To access the browser page, you need to add port 90).

Finally, make sure that there is a cloned library locally, as follows:

[root@jenkins ~] # ls-d teset01/teset01/ VI. Configure Jenkins to create a task

Paste the following shell script into the web interface as follows:

# IP,192.168.20.5 in the script is the IP of the private warehouse 192.168.20.2 is the IP address #! / bin/bashbackupcode= "/ data/backcode/$JOB_NAME/$BUILD_NUMBER" # of master in k8s cluster. The default variable mkdir-p $backupcodechmod 644 "$JENKINS_HOME" / workspace/ "$JOB_NAME" / * rsync-acP "$JENKINS_HOME" / workspace/ "$JOB_NAME" / * $backupcodeecho From 192.168.20.5:5000/nginx > "$JENKINS_HOME" / workspace/Dockerfileecho COPY. / "$JOB_" is referenced here. NAME "/ * / usr/share/nginx/html/ > >" $JENKINS_HOME "/ workspace/Dockerfiledocker rmi 192.168.20.5:5000/nginx docker build-t 192.168.20.5:5000/nginx /" $JENKINS_HOME "/ workspace/.docker push 192.168.20.5:5000/nginxssh root@192.168.20.2 kubectl delete deployment nginxssh root@192.168.20.2 kubectl apply-f / root/nginx.yaml

After filling in the script, it is as follows:

After completing the script, do not save it, and copy the address of Jenkins according to the following operations, as follows:

7. Enable anonymous access to Jenkins

8. Go back to gitlab and enable allowing web hook to be sent to yourself.

The following is done in the newly created library. I forgot to truncate the diagram at the step of changing to the new library:

After saving, drop-down page, you can see the newly added web-hook. Click on the following to test:

If the status code 200 is returned, the configuration is correct, as follows:

Configure Jenkins secret-free login to the master node of the k8s cluster

The jenkins server is configured as follows:

The IP above [root@jenkins ~] # ssh-copy-id root@192.168.20.2# is IP 9 of master node in K8s cluster, test continuous CI/CD effect 1, Run nginx resource object # in K8s cluster to upload required image [root@jenkins ~] # docker tag nginx:latest 192.168.20.5:5000/nginx:latest [root@jenkins ~] # docker push 192.168.20.5:5000/nginx:latest # run nginx resource object [root@master] # vim nginx.yaml # on master node to write yaml file apiVersion: extensions/v1beta1kind: Deploymentmetadata: name: nginxspec: replicas: 2 Template: metadata: labels: name: nginxspec: containers:-name: nginx image: 192.168.20.5:5000/nginx:latest ports:-containerPort: 80---apiVersion: v1kind: Servicemetadata: labels: name: nginx name: nginxspec: type: NodePort ports:-port: 80 targetPort: 80 nodePort: 31234 selector: name: nginx [root@master ~ ] # kubectl apply-f nginx.yaml # execute the yaml file [root@master ~] # kubectl get pod | grep nginx # confirm that the container is running normally nginx-76645bc84f-rbgtl 1 Running 0 68snginx-76645bc84f-s6xp6 1 Running 0 68s2, Client accesses nginx

3 、 Iterative testing of updates in gitlab # upload files to gitlabs [root @ jenkins ~] # cd teset01/ [root@jenkins teset01] # git config-- global user.name "test" [root@jenkins teset01] # git config-- global user.email "test@test.com" [root@jenkins teset01] # echo "test." > index.html [root@jenkins teset01] # git add * [root@jenkins teset01] # git commit-m "Test CI/CD" [root@jenkins teset01] # git push origin master

After doing the above, you can see the message of successful construction in the new task created by Jenkins, as follows:

Visit the home page of nginx again and find that it has become the content we submitted on gitlab, as follows:

The test is complete.

Additional: the storage path of the historical version is as follows:

[root@jenkins data] # pwd # determine the current path / data [root@jenkins data] # tree backcode/ # this directory records the historical version of the code backcode/ └── test-01 ├── 1 │ └── README.md ├── 2 │ ├── a.html │ └── README.md ├── 3 │ └─ ─ README.md ├── 4 │ ├── a.html │ └── README.md ├── 5 │ └── README.md └── 6 ├── index.html └── README.md [root@jenkins workspace] # pwd # redetermine the current path / data/jenkins/workspace [root@jenkins workspace] # ls # this directory Here is the key to building the new code into a mirror image Dockersfile is in this directory, Dockerfile test-01.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.