k8s Pipline CI/CD
一、Pipeline介绍
pipeline是一套jenkins官方提供的插件,它可以用来在jenkins中实现和集成连续交付
用户可以利用Pipeline的许多功能:
代码:pipeline在代码中实现,通常检查到源代码控制,使团队能够编辑,审查和迭代其交付管道。
持久:pipeline可以在Jenkins master的计划内和计划外重启中存活。
Pausable:在继续pipeline运行之前,pipeline可以选择停止并等待人工输入或批准。
多功能:pipeline支持复杂的实际CD要求,包括并行分叉/连接,循环和执行工作的能力。
可扩展:Pipeline插件支持其DSL的自定义扩展 和多个与其他插件集成的选项
二、k8s实现集成/部署/交付
三、创建一个gitlab的测试项目(网上找的简单代码测试)
1、测试代码
代码结构
[root@node2 test1]# tree
.
├── pom.xml
└── src
└── main
└── java
└── hello
├── Greeter.java
└── HelloWorld.java
package hello;
public class HelloWorld {
public static void main(String[] args) {
Greeter greeter = new Greeter();
System.out.println(greeter.sayHello());
}
}
HelloWorld.java
package hello;
public class Greeter {
public String sayHello() {
return "Hello world!";
}
}
Greeter.java
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework</groupId>
<artifactId>gs-maven</artifactId>
<packaging>jar</packaging>
<version>0.1.0</version> <build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
<version>2.1</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>shade</goal>
</goals>
<configuration>
<transformers>
<transformer
implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
<mainClass>hello.HelloWorld</mainClass>
</transformer>
</transformers>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
pom.xml
2、git的测试项目
四、jenkins配置
1、插件安装
安装好git、GitLab Plugin、Gitlab Hook Plugin、Gitlab API Plugin、Pipeline、Kubernetes plugin插件。
2、在jenkins中配置kubernetes
3、简单测试(创建一个Pipline项目)
测试的Pipline脚本
def label = "mypod-${UUID.randomUUID().toString()}"
podTemplate(label: 'label', cloud: 'kubernetes') {
node('label') {
stage('Run shell') {
sh 'echo hello world'
}
}
}
4、pipline中配置gi凭证
创建凭证,username是gitlab的账号,password是gitlab账号对应的密码。
5、Pipline中视图git凭证
6、重新构建jnlp-slave镜像(添加maven)
mkdir myjenkins
cd myjenkins/
wget https://mirrors.tuna.tsinghua.edu.cn/apache/maven/maven-3/3.5.4/binaries/apache-maven-3.5.4-bin.tar.gz
tar xf apache-maven-3.5.-bin.tar.gz [root@node2 myjenkins]# cat Dockerfile
FROM jenkins/jnlp-slave:3.27-
LABEL maintainer="maven@qq.com"
ENV MAVEN_HOME /usr/local/maven
ENV PATH=$PATH:$MAVEN_HOME/bin COPY apache-maven-3.5. /usr/local/maven
[root@node2 myjenkins]# docker build -t myjnlp-slave:1.0 ./
7、配置好镜像仓库(我使用的aliyun)
8、把dokcer组的gid改成10000(容器中jenkins账号的ugid)
groupmod -g10000 docker
chown root.docker /var/run/docker.sock
9、配置gitlab和jenkins的交互(我使用的webhook方式,并设置提交tag就触发构建)
10、重新更改Pipline脚本,使执行jenkins构建后能直接创建镜像并提交到镜像仓库
Pipline脚本
def label = "mypod-${UUID.randomUUID().toString()}"
def registry = "registry-vpc.cn-hongkong.aliyuncs.com"
def app_name = "javatest"
def namespace = "aliyun-zhang"
def username = "xxxxxxxxxxxxxxxxxx"
def regpass = "xxxxxxxxxxxxxxxxxxx"
podTemplate(label: 'label', cloud: 'kubernetes', containers: [
containerTemplate(
name: 'jnlp',
image: 'myjnlp-slave:1.0'
),
],
volumes: [
hostPathVolume(mountPath: '/var/run/docker.sock', hostPath: '/var/run/docker.sock'),
hostPathVolume(mountPath: '/usr/bin/docker', hostPath: '/usr/bin/docker')
],)
{
node('label') {
stage('Task') {
stage('拉取代码') {
git credentialsId: 'gitlab-auth', url: 'http://mygitlab-gitlab-ce.default.svc.cluster.local/root/test1.git'
def mytag = sh returnStdout: true, script: 'git describe --always --tag'
sh "git checkout -b $mytag"
echo "mytag $mytag ${mytag} ----"
}
stage('编译打包') {
echo "mvn clean package -Dmaven.test.skip=true"
}
stage('构建上传镜像') {
def mytag = sh returnStdout: true, script: 'git describe --always --tag'
def image_name = "${app_name}:${mytag}".minus("\n")
echo "image_name $image_name"
sh label: '', script: ''' echo \'
FROM tomcat:latest
ADD pom.xml /usr/local/tomcat/webapps/
\' > Dockerfile
'''
sh """
docker build -t "${registry}/${namespace}/${image_name}" ./
docker login -u ${username} -p \"${regpass}\" ${registry}
docker push ${registry}/${namespace}/${image_name}
"""
}
}
}
}
11、jenkins构建测试与查看
五、自动部署到k8s集群
1、jenkins下载kubernetes continuous deploy插件(官方文档:https://plugins.jenkins.io/kubernetes-cd)
2、配置kubeconfig凭证
添加 kubeconfig 文件,我选择的是直接粘贴文件内容(master端的.kube/config文件)
3、记录凭证ID值
4、创建一个deploy.yaml文件,并把文件上传到项目的git中
[root@k8s-m ~]# cat java-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mydeploy
namespace: default
spec:
replicas:
selector:
matchLabels:
test_node: k8s-node
template:
metadata:
labels:
test_node: k8s-node
spec:
containers:
- name: myjava-server
image: tomcat:latest
ports:
- name: http
containerPort:
5、更改Pipline脚本内容
def label = "mypod-${UUID.randomUUID().toString()}"
def registry = "registry-vpc.cn-hongkong.aliyuncs.com"
def app_name = "javatest"
def namespace = "aliyun-zhang"
def username = "xxxxxxxxxxxx"
def regpass = "xxxxxxxxx"
def k8s_auth = "5ce0993e-e2e9-4126-a910-2acd0a77fefb"
podTemplate(label: 'label', cloud: 'kubernetes', containers: [
containerTemplate(
name: 'jnlp',
image: 'myjnlp-slave:1.0'
),
],
volumes: [
hostPathVolume(mountPath: '/var/run/docker.sock', hostPath: '/var/run/docker.sock'),
hostPathVolume(mountPath: '/usr/bin/docker', hostPath: '/usr/bin/docker')
],)
{
node('label') {
stage('Task') {
stage('拉取代码') {
git credentialsId: 'gitlab-auth', url: 'http://mygitlab-gitlab-ce.default.svc.cluster.local/root/test1.git'
def mytag = sh returnStdout: true, script: 'git describe --always --tag'
sh "git checkout -b $mytag"
echo "mytag $mytag ${mytag} ----"
}
stage('编译打包') {
sh "mvn clean package -Dmaven.test.skip=true"
}
stage('构建上传镜像') {
def mytag = sh returnStdout: true, script: 'git describe --always --tag'
def image_name = "${app_name}:${mytag}".minus("\n")
echo "image_name $image_name"
sh label: '', script: ''' echo \'
FROM tomcat:latest
ADD target/*.jar /usr/local/tomcat/webapps/
\' > Dockerfile
'''
sh """
docker build -t "${registry}/${namespace}/${image_name}" ./
docker login -u ${username} -p \"${regpass}\" ${registry}
docker push ${registry}/${namespace}/${image_name}
"""
}
stage('部署到K8S'){
def mytag = sh returnStdout: true, script: 'git describe --always --tag'
def image_name = "${app_name}:${mytag}".minus("\n")
sh """
sed -i 's#tomcat:latest#${registry}/${namespace}/${image_name}#' java-deploy.yaml
"""
kubernetesDeploy configs: 'java-deploy.yaml', kubeconfigId: "${k8s_auth}"
}
}
}
}
6、构建测试
我配置了jenkins和gitlab的webhook配置,提交tag后会自动构建到部署到k8s集群
测试
[root@node2 test1]# echo >> README.md
[root@node2 test1]# git commit -a -m ''
[master bda4c6f]
file changed, insertion(+), deletion(-)
[root@node2 test1]# git tag 10.0
[root@node2 test1]# git push origin master 10.0
Username for 'http://10.101.58.237': root
Password for 'http://root@10.101.58.237':
Counting objects: , done.
Delta compression using up to threads.
Compressing objects: % (/), done.
Writing objects: % (/), bytes | bytes/s, done.
Total (delta ), reused (delta )
To http://10.101.58.237/root/test1.git
da0fbc3..bda4c6f master -> master
* [new tag] 10.0 -> 10.0
jenkins构建过程
k8s集群查看
[root@k8s-m ~]# kubectl get deploy mydeploy
NAME READY UP-TO-DATE AVAILABLE AGE
mydeploy / 64s
[root@k8s-m ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
mydeploy-746bb8db64-4fpvz / Running 69s
mydeploy-746bb8db64-pp7tw / Running 69s [root@k8s-m ~]# kubectl get pod mydeploy-746bb8db64-4fpvz -o yaml|grep image:
- image: registry-vpc.cn-hongkong.aliyuncs.com/aliyun-zhang/javatest:10.0
image: registry-vpc.cn-hongkong.aliyuncs.com/aliyun-zhang/javatest:10.0
六、版本回滚
基于k8s镜像的回滚还是比较简单的
回滚上一个版本
kubectl rollout undo deployment/deploy-name
查看历史版本信息
#查看 deployment 升级历史
[root@k8s-m ~]# kubectl rollout history deployment/mydeploy
deployment.extensions/mydeploy
REVISION CHANGE-CAUSE
<none>
<none> #看历史版本更加详细的升级信息
[root@k8s-m ~]# kubectl rollout history deployment/mydeploy --revision=
deployment.extensions/mydeploy with revision #
Pod Template:
Labels: pod-template-hash=746bb8db64
test_node=k8s-node
Containers:
myjava-server:
Image: registry-vpc.cn-hongkong.aliyuncs.com/aliyun-zhang/javatest:10.0
Port: /TCP
Host Port: /TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
回滚指定版本
kubectl rollout undo deployment/mydeploy --to-revision=
回滚指定版本2
直接修改delpoy中的镜像
七、Deployment升级策略
1、介绍
deployment 有 2 种策略,分别是Recreate和RollingUpdate,RollingUpdate是默认的策略
RollingUpdate也有相对应的升级策略,如果策略设置的不合理,那么升级的过程就有可能导致服务中断
Max Unavailable
最多有几个 pod 处于无法工作的状态,默认值是25%
Max Surge
升级过程中可以比预设的 pod 的数量多出的个数,默认值是25%
minReadySeconds
等待容器启动的时间,默认值是 0,单位是:秒,容器运行成功之后直接执行下一步
根据应用启动时间,设定相应的minReadySeconds,保证应用不中断
2、查看deploy的更新策略
[root@k8s-m recreate]# kubectl explain deploy.spec.strategy.type
KIND: Deployment
VERSION: extensions/v1beta1 FIELD: type <string> DESCRIPTION:
Type of deployment. Can be "Recreate" or "RollingUpdate". Default is
RollingUpdate.
3、recreate策略测试
结论:recreate方式会先停止所有就版本,停止完后才部署新版本
[root@k8s-m ~]# kubectl get pod -w
NAME READY STATUS RESTARTS AGE
my-app-bb9cc7597-dn5bv / Running 3m36s
my-app-bb9cc7597-gqfx4 / Running 3m36s
my-app-bb9cc7597-p4dfb / Running 3m36s
my-app-bb9cc7597-p4dfb / Terminating 3m44s
my-app-bb9cc7597-dn5bv / Terminating 3m44s
my-app-bb9cc7597-gqfx4 / Terminating 3m44s
my-app-bb9cc7597-p4dfb / Terminating 3m45s
my-app-bb9cc7597-gqfx4 / Terminating 3m45s
my-app-bb9cc7597-dn5bv / Terminating 3m45s
my-app-bb9cc7597-p4dfb / Terminating 3m57s
my-app-bb9cc7597-p4dfb / Terminating 3m57s
my-app-db47b56bf-kwd2c / Pending 0s
my-app-db47b56bf-kwd2c / Pending 0s
my-app-db47b56bf-xkqdz / Pending 0s
my-app-db47b56bf-5v4r5 / Pending 0s
my-app-db47b56bf-xkqdz / Pending 0s
my-app-db47b56bf-kwd2c / ContainerCreating 0s
4、RollingUpdate策略测试
结论: 一个接一个地以滚动更新方式发布新版本,滚动的方式可以定义,即先删除多少pod在添加多少pod,或者是闲添加在删除。
[root@k8s-m ~]# kubectl get pod -w
NAME READY STATUS RESTARTS AGE
my-app-db47b56bf-2c2c6 / Running 19s
my-app-db47b56bf-k7k5z / Running 19s
my-app-db47b56bf-mclj8 / Running 19s
my-app-bb9cc7597-hgz6r / Pending 0s
my-app-bb9cc7597-hgz6r / Pending 0s
my-app-bb9cc7597-hgz6r / ContainerCreating 1s
my-app-bb9cc7597-hgz6r / ContainerCreating 1s
my-app-bb9cc7597-hgz6r / Running 5s
my-app-bb9cc7597-hgz6r / Running 6s
my-app-db47b56bf-mclj8 / Terminating 29s
my-app-bb9cc7597-84ngs / Pending 0s
my-app-bb9cc7597-84ngs / Pending 0s
my-app-bb9cc7597-84ngs / ContainerCreating 1s
my-app-bb9cc7597-84ngs / ContainerCreating 2s
my-app-db47b56bf-mclj8 / Terminating 31s
my-app-db47b56bf-mclj8 / Terminating 34s
my-app-db47b56bf-mclj8 / Terminating 34s
my-app-bb9cc7597-84ngs / Running 6s
my-app-bb9cc7597-84ngs / Running 7s
[root@k8s-m recreate]# kubectl explain deploy.spec.strategy.rollingUpdate
KIND: Deployment
VERSION: extensions/v1beta1 RESOURCE: rollingUpdate <Object> DESCRIPTION:
Rolling update config params. Present only if DeploymentStrategyType =
RollingUpdate. Spec to control the desired behavior of rolling update. FIELDS:
maxSurge <string>
The maximum number of pods that can be scheduled above the desired number
of pods. Value can be an absolute number (ex: ) or a percentage of desired
pods (ex: %). This can not be if MaxUnavailable is . Absolute number
is calculated from percentage by rounding up. By default, a value of is
used. Example: when this is set to %, the new RC can be scaled up
immediately when the rolling update starts, such that the total number of
old and new pods do not exceed % of desired pods. Once old pods have
been killed, new RC can be scaled up further, ensuring that total number of
pods running at any time during the update is at most % of desired pods. maxUnavailable <string>
The maximum number of pods that can be unavailable during the update. Value
can be an absolute number (ex: ) or a percentage of desired pods (ex:
%). Absolute number is calculated from percentage by rounding down. This
can not be if MaxSurge is . By default, a fixed value of is used.
Example: when this is set to %, the old RC can be scaled down to % of
desired pods immediately when the rolling update starts. Once new pods are
ready, old RC can be scaled down further, followed by scaling up the new
RC, ensuring that the total number of pods available at all times during
the update is at least % of desired pods.
5、其它更新策略(金丝雀等)
https://zhuanlan.zhihu.com/p/55964678
k8s Pipline CI/CD的更多相关文章
- k8s、CI/CD、pipline介绍
参照文档: https://blog.csdn.net/qq_35299863/article/details/84329798 https://github.com/xgh2016/k8s-CICD ...
- k8s Gitlab CI/CD 之自动编译Docker镜像并推送到指定的Registry
环境介绍: 说明 节点 ip 系统 Gitlab Server git.ds.com 10.0.1.179 CentOS 7.5.1804 Gitlab Runner 10.0.1.178 Cen ...
- forge k8s/kubernetes ci/cd 最佳实践
forge的官网是: http://forge.sh forge工具是一个部署工具, 将你的应用自动更新到kubernets集群中, 只需要配置简洁的配置文件和模板即可. 其它的就交给forge, 它 ...
- 实例演示:如何在Kubernetes上大规模运行CI/CD
本周四晚上8:30,第二期k3s在线培训如约开播!本期课程将介绍k3s的核心架构,如高可用架构以及containerd.一起来进阶探索k3s吧! 报名及观看链接:http://z-mz.cn/PmwZ ...
- .Net Core2.1 秒杀项目一步步实现CI/CD(Centos7.2)系列一:k8s高可用集群搭建总结以及部署API到k8s
前言:本系列博客又更新了,是博主研究很长时间,亲自动手实践过后的心得,k8s集群是购买了5台阿里云服务器部署的,这个集群差不多搞了一周时间,关于k8s的知识点,我也是刚入门,这方面的知识建议参考博客园 ...
- Jenkins和Gitlab CI/CD自动更新k8s中pod使用的镜像说明
Jenkins 使用Jenkins的话,完成的工作主要有如下步骤: 1.从Gogs或Gitlab仓库上拉取代码 2.使用Maven编译代码,打包成jar文件 3.根据jar文件使用相对应的Docker ...
- 超详细实操教程!在现有K8S集群上安装JenkinsX,极速提升CI/CD体验!
在2018年年初,Jenkins X首次发布,它由Apache Groovy语言的创建者Jame Strachan创建.Jenkins X 是一个高度集成化的 CI/CD 平台,基于 Jenkins ...
- 手把手详解持续集成之GitLab CI/CD
一.环境准备 首先需要有一台 GitLab 服务器,然后需要有个项目:这里示例项目以 Spring Boot 项目为例,然后最好有一台专门用来 Build 的机器,实际生产中如果 Build 任务不频 ...
- Jenkins 基于 Docker git JAVA CI/CD
准备两台机器 192.168.31.200 centos7 docker harbor git 192.168.31.201 centos7 docker jenkins maven git Ha ...
随机推荐
- Unable to open debugger port (127.0.0.1:57046): java.net.SocketException "so
原因分析: 出现这个报错的原因是因为端口被占用导致的. 解决方法: 解决方法主要两种:修改端口配置(推荐).关闭占用端口的进程(不推荐). 方式一:修改端口配置(推荐) 被占用的端口可能是本地端口,也 ...
- spring cloud的配置
注解篇 @EnableEurekaServer 注解启动一个服务注册中心提供给其他应用进行对话 @EnableDiscoveryClient 激活Eureka中的DiscoveryClient实现 配 ...
- [bzoj2120] [洛谷P1903] 数颜色
Description 墨墨购买了一套N支彩色画笔(其中有些颜色可能相同),摆成一排,你需要回答墨墨的提问.墨墨会像你发布如下指令: 1. Q L R代表询问你从第L支画笔到第R支画笔中共有几种不同颜 ...
- python+pandas+jupyter notebook 的 hello word
- cmd命令行窗口和文件目录资源管理器快速切换
本文主要描述如何在指定目录下快速打开当前路径的命令行窗口和在命令行中快速打开指定目录的资源管理器两种快捷方法. 1.在指定目录下快速打开当前路径的命令行窗口 2.在命令行中快速打开当前目录的资源管理器 ...
- Redis(八):zset/zadd/zrange/zrembyscore 命令源码解析
前面几篇文章,我们完全领略了redis的string,hash,list,set数据类型的实现方法,相信对redis已经不再神秘. 本篇我们将介绍redis的最后一种数据类型: zset 的相关实现. ...
- 基于Flask框架搭建视频网站的学习日志(三)之原始web表单
基于Flask框架搭建视频网站的学习日志(三)1.原始Web 表单 本节主要用于体验一下前端后端直接数据的交互,样例不是太完善,下一节会加入Flash处理,稍微完善一下页面 (备注:建议先阅读廖雪峰老 ...
- Linux 常用工具sysstat之sar
sysstat包 iostat.sar.sa1和sa2命令都是sysstat包的一部分.它是Linux包含的性能监视工具集合: sar:收集.报告或存储信息(CPU.内存.磁盘.中断.网卡.TTY.内 ...
- js之split()和join()的用法
说明 这几天写了一个简单的vue项目,需要截取字符串,一时间想到了正则表达式,还折腾了还一会儿,最后上网查了一下,使用split()再简单不过了,也顺便回忆一下join().可见我有多菜,哈哈,学了这 ...
- 20190728三人开黑517codingACM模拟赛
三人组队开黑ACM膜你赛 果然我最蔡 我就写了ACF所以就写这些吧awa Problem A 人话:给你一个w×h的矩形蛋糕,然后告诉你两个蜡烛的坐标,两个蜡烛都在网格点上且不在蛋糕边缘,问如何切一刀 ...