Jenkins、gitlab、kuboard、KubeOperator实现Kubernetes集群自动发布
LiHaiYang 发布于 阅读:1911 Kubernetes
[TOC]
服务器配置
- 本文采用四台centos7.4服务器配置和部署的功能如下
| 服务器IP | 服务器名称 | 服务器配置 | 服务器部署 |
|---|---|---|---|
| 172.21.16.15 | Deployment | 8C、32G、200G系统盘、3M带宽 | KubeOperator集群管理工具 |
| 172.21.16.7 | master | 8C、32G、200G系统盘、3M带宽 | Kubernetes集群master节点 |
| 172.21.16.13 | work1 | 8C、32G、200G系统盘、3M带宽 | Kubernetes集群work节点 |
| 172.21.16.16 | integrate | 8C、32G、200G系统盘、3M带宽 | harbor镜像仓库、gitlab代码仓库、jenkins构建中心 |
- 本次部署所用四台服务器均为腾讯云按量付费CVM
integrate服务器部署
部署docker
- 安装docker-compose
# 下载docker-compse包
[root@integrate ~]# wget https://install.jishuliu.cn/docker/docker-compose
--2022-10-29 12:37:24-- https://install.jishuliu.cn/docker/docker-compose
Resolving package.jishuliu.cn (package.jishuliu.cn)... 42.81.85.216, 42.81.120.76, 42.81.85.234, ...
Connecting to package.jishuliu.cn (package.jishuliu.cn)|42.81.85.216|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 11748168 (11M) [application/octet-stream]
Saving to: ‘docker-compose’
100%[==================================================================================================================================================================================================>] 11,748,168 22.0MB/s in 0.5s
2022-10-29 12:37:26 (22.0 MB/s) - ‘docker-compose’ saved [11748168/11748168]
# 给docker-compose包执行权限
[root@integrate ~]# chmod +x docker-compose
# 把docker-compose复制到centos的命令路径下
[root@integrate ~]# cp docker-compose /usr/local/bin/
[root@integrate ~]# cp docker-compose /usr/local/sbin/
[root@integrate ~]# cp docker-compose /usr/sbin/
[root@integrate ~]# cp docker-compose /usr/bin/
# 测试是否部署成功
[root@integrate ~]# docker-compose -v
docker-compose version 1.23.2, build 1110ad01- 安装docker
# 下载docker安装包
[root@integrate ~]# wget https://install.jishuliu.cn/docker/docker-24.0.4.tgz
--2022-10-29 12:37:50-- https://install.jishuliu.cn/docker/docker-24.0.4.tgz
Resolving package.jishuliu.cn (package.jishuliu.cn)... 42.81.85.202, 42.81.85.224, 42.81.85.216, ...
Connecting to package.jishuliu.cn (package.jishuliu.cn)|42.81.85.202|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 60730088 (58M) [application/x-compressed]
Saving to: ‘docker-24.0.4.tgz’
100%[==================================================================================================================================================================================================>] 60,730,088 9.70MB/s in 4.8s s
2022-10-29 12:37:55 (12.0 MB/s) - ‘docker-24.0.4.tgz’ saved [60730088/60730088]
# 解压并把docker命令部署到centos的命令存储路径下
[root@integrate ~]# tar xf docker-24.0.4.tgz
[root@integrate ~]# cp docker/* /usr/local/bin/
# 测试docker是否部署成功
[root@integrate ~]# docker -v
Docker version 19.03.9, build 9d988398e7- systemctl管理docker
# 找到dockerd文件的根路径
[root@integrate ~]# which docker
/usr/local/bin/docker
[root@nginx1 docker]# vim /etc/systemd/system/docker.service
# 编辑/etc/systemd/system/docker.service文件并在文件内写入以下内容
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/local/bin/dockerd -H unix://var/run/docker.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
# 重新加载systemctl配置
[root@integrate ~]# systemctl daemon-reload
# 启动docker
[root@integrate ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service #提示内容不用处理
# 查看docker是否启动成功
[root@integrate ~]# ps -ef |grep docker
root 14058 1 0 12:47 ? 00:00:00 /usr/local/bin/dockerd -H unix://var/run/docker.sock
root 14072 14058 0 12:47 ? 00:00:00 containerd --config /var/run/docker/containerd/containerd.toml --log-level info
root 14427 11794 0 12:49 pts/0 00:00:00 grep --color=auto docker
[root@integrate ~]# - 配置docker镜像加速
# 登录阿里云控制台搜索容器镜像服务,在左侧下拉栏中选择镜像工具下的镜像加速器,按照实例配置配置即可jenkins
部署Jenkins
- 下载Jenkins镜像
[root@integrate ~]# docker pull jenkins/jenkins:latest
Using default tag: latest
latest: Pulling from library/jenkins
55cbf04beb70: Pull complete
1607093a898c: Pull complete
9a8ea045c926: Pull complete
d4eee24d4dac: Pull complete
c58988e753d7: Pull complete
794a04897db9: Pull complete
70fcfa476f73: Pull complete
0539c80a02be: Pull complete
54fefc6dcf80: Pull complete
911bc90e47a8: Pull complete
38430d93efed: Pull complete
7e46ccda148a: Pull complete
c0cbcb5ac747: Pull complete
35ade7a86a8e: Pull complete
aa433a6a56b1: Pull complete
841c1dd38d62: Pull complete
b865dcb08714: Pull complete
5a3779030005: Pull complete
12b47c68955c: Pull complete
1322ea3e7bfd: Pull complete
Digest: sha256:c3fa8e7f70d1e873ea6aa87040c557aa53e6707eb1d5ecace7f6884a87588ac8
Status: Downloaded newer image for jenkins/jenkins:latest- 启动jenkins
# 创建并给Jenkins目录授权777
[root@integrate ~]# mkdir /var/jenkins_home && chmod -R 777 /var/jenkins_home/
# 查看Jenkins镜像信息
[root@integrate ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
jenkins/jenkins latest 55860ee0cd73 9 months ago 442MB
[root@integrate ~]# docker run -d -p 8888:8080 -v /var/jenkins_home:/var/jenkins_home -v /etc/hosts:/etc/hosts --name jenkins jenkins/jenkins:latest
e394da95233bb26e75daa932d4481f356beaeb8d0a623460fb80e772292e0bbb
-d:后台运行
-p:端口映射,此处不用8080端口是因为gitlab需要使用8080端口
-v:目录映射
--name:容器名
jenkins/jenkins:latest:刚才查看的镜像名和版本号- Jenkins安装cloudbees-folder 插件
# 此步骤是因为Jenkins在安装插件时无论选择什么插件都会报错
[root@integrate ~]# wget https://updates.jenkins-ci.org/download/plugins/cloudbees-folder/6.773.vd2dcc704ee7e/cloudbees-folder.hpi --no-check-certificate
--2022-10-29 05:15:19-- https://updates.jenkins-ci.org/download/plugins/cloudbees-folder/6.773.vd2dcc704ee7e/cloudbees-folder.hpi
Resolving updates.jenkins-ci.org (updates.jenkins-ci.org)... 52.202.51.185
Connecting to updates.jenkins-ci.org (updates.jenkins-ci.org)|52.202.51.185|:443... connected.
WARNING: The certificate of ‘updates.jenkins-ci.org’ is not trusted.
WARNING: The certificate of ‘updates.jenkins-ci.org’ has expired.
HTTP request sent, awaiting response... 302 Found
Location: https://get.jenkins.io/plugins/cloudbees-folder/6.773.vd2dcc704ee7e/cloudbees-folder.hpi [following]
--2022-10-29 05:15:21-- https://get.jenkins.io/plugins/cloudbees-folder/6.773.vd2dcc704ee7e/cloudbees-folder.hpi
Resolving get.jenkins.io (get.jenkins.io)... 52.167.253.43
Connecting to get.jenkins.io (get.jenkins.io)|52.167.253.43|:443... connected.
WARNING: The certificate of ‘get.jenkins.io’ is not trusted.
WARNING: The certificate of ‘get.jenkins.io’ has expired.
HTTP request sent, awaiting response... 302 Found
Location: https://mirrors.tuna.tsinghua.edu.cn/jenkins/plugins/cloudbees-folder/6.773.vd2dcc704ee7e/cloudbees-folder.hpi [following]
--2022-10-29 05:15:22-- https://mirrors.tuna.tsinghua.edu.cn/jenkins/plugins/cloudbees-folder/6.773.vd2dcc704ee7e/cloudbees-folder.hpi
Resolving mirrors.tuna.tsinghua.edu.cn (mirrors.tuna.tsinghua.edu.cn)... 101.6.15.130, 2402:f000:1:400::2
Connecting to mirrors.tuna.tsinghua.edu.cn (mirrors.tuna.tsinghua.edu.cn)|101.6.15.130|:443... connected.
WARNING: The certificate of ‘mirrors.tuna.tsinghua.edu.cn’ is not trusted.
WARNING: The certificate of ‘mirrors.tuna.tsinghua.edu.cn’ has expired.
HTTP request sent, awaiting response... 200 OK
Length: 241948 (236K) [application/octet-stream]
Saving to: ‘cloudbees-folder.hpi’
cloudbees-folder.hpi 100%[========================================================================================================================================>] 236.28K 957KB/s in 0.2s
2022-10-29 05:15:22 (957 KB/s) - ‘cloudbees-folder.hpi’ saved [241948/241948]
# 把插件放到Jenkins的插件路径下
[root@integrate ~]# mv cloudbees-folder.hpi /var/jenkins_home/war/WEB-INF/detached-plugins/
# 重启Jenkins
[root@integrate ~]# docker restart jenkins
jenkins
# 查看admin的密码
[root@integrate ~]# cat /var/jenkins_home/secrets/initialAdminPassword
09020cb548cb4a3f85e6ddd8026dfbb1
[root@integrate ~]# 浏览器配置Jenkins
- 访问地址:IP:8888,此处的密码是刚才查看的密码
- 选择安装的插件,推荐使用推荐插件
- 等待Jenkins插件安装完毕
- 创建Jenkins管理员用户
- 设置站点
- 进入Jenkins安装gitlab插件
jenkins首页——Manage Jenkins——Manage Plugins——Available
搜索gitlab,选择搜索结果的前四个
- 等待安装完成
- 安装ssh插件
jenkins首页——Manage Jenkins——Manage Plugins——Available。搜索ssh,选择前三个
- 等待安装完成
- 新建一个凭据作为部署机器
系统管理——Manage Credentials——全局——添加凭据
系统管理——系统配置——SSH remote hosts——SSH sites。此处的hostname输入服务器的内网IP,端口为ssh的端口
部署gitlab
- 安装依赖
# 安装curl及ssh依赖
[root@integrate ~]# yum install -y curl policycoreutils-python openssh-server perl
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
Package curl-7.29.0-59.el7_9.1.x86_64 already installed and latest version
Package openssh-server-7.4p1-22.el7_9.x86_64 already installed and latest version
Package 4:perl-5.16.3-299.el7_9.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package policycoreutils-python.x86_64 0:2.5-34.el7 will be installed
--> Processing Dependency: setools-libs >= 3.3.8-4 for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libsemanage-python >= 2.5-14 for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libcgroup for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.8.5-4.el7 will be installed
---> Package checkpolicy.x86_64 0:2.5-8.el7 will be installed
---> Package libcgroup.x86_64 0:0.41-21.el7 will be installed
---> Package libsemanage-python.x86_64 0:2.5-14.el7 will be installed
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
---> Package setools-libs.x86_64 0:3.3.8-4.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================================================================================
Installing:
policycoreutils-python x86_64 2.5-34.el7 os 457 k
Installing for dependencies:
audit-libs-python x86_64 2.8.5-4.el7 os 76 k
checkpolicy x86_64 2.5-8.el7 os 295 k
libcgroup x86_64 0.41-21.el7 os 66 k
libsemanage-python x86_64 2.5-14.el7 os 113 k
python-IPy noarch 0.75-6.el7 os 32 k
setools-libs x86_64 3.3.8-4.el7 os 620 k
Transaction Summary
============================================================================================================================================================================================================================================
Install 1 Package (+6 Dependent packages)
Total download size: 1.6 M
Installed size: 5.3 M
Downloading packages:
(1/7): audit-libs-python-2.8.5-4.el7.x86_64.rpm | 76 kB 00:00:00
(2/7): checkpolicy-2.5-8.el7.x86_64.rpm | 295 kB 00:00:00
(3/7): libcgroup-0.41-21.el7.x86_64.rpm | 66 kB 00:00:00
(4/7): libsemanage-python-2.5-14.el7.x86_64.rpm | 113 kB 00:00:00
(5/7): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:00:00
(6/7): policycoreutils-python-2.5-34.el7.x86_64.rpm | 457 kB 00:00:00
(7/7): setools-libs-3.3.8-4.el7.x86_64.rpm | 620 kB 00:00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 1.2 MB/s | 1.6 MB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libcgroup-0.41-21.el7.x86_64 1/7
Installing : setools-libs-3.3.8-4.el7.x86_64 2/7
Installing : audit-libs-python-2.8.5-4.el7.x86_64 3/7
Installing : python-IPy-0.75-6.el7.noarch 4/7
Installing : libsemanage-python-2.5-14.el7.x86_64 5/7
Installing : checkpolicy-2.5-8.el7.x86_64 6/7
Installing : policycoreutils-python-2.5-34.el7.x86_64 7/7
Verifying : checkpolicy-2.5-8.el7.x86_64 1/7
Verifying : libsemanage-python-2.5-14.el7.x86_64 2/7
Verifying : python-IPy-0.75-6.el7.noarch 3/7
Verifying : policycoreutils-python-2.5-34.el7.x86_64 4/7
Verifying : audit-libs-python-2.8.5-4.el7.x86_64 5/7
Verifying : setools-libs-3.3.8-4.el7.x86_64 6/7
Verifying : libcgroup-0.41-21.el7.x86_64 7/7
Installed:
policycoreutils-python.x86_64 0:2.5-34.el7
Dependency Installed:
audit-libs-python.x86_64 0:2.8.5-4.el7 checkpolicy.x86_64 0:2.5-8.el7 libcgroup.x86_64 0:0.41-21.el7 libsemanage-python.x86_64 0:2.5-14.el7 python-IPy.noarch 0:0.75-6.el7 setools-libs.x86_64 0:3.3.8-4.el7
Complete!
# 安装postfix发送电子邮件
[root@integrate ~]# yum install postfix -y
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Package 2:postfix-2.10.1-9.el7.x86_64 already installed and latest version
Nothing to do
# 关闭防火墙
[root@integrate ~]# systemctl stop firewalld.service- 安装gitlab
# 编辑gitlab源
[root@integrate ~]# vim /etc/yum.repos.d/gitlab_gitlab-ce.repo
[gitlab_gitlab-ce]
name=gitlab_gitlab-ce
baseurl=https://packages.gitlab.com/gitlab/gitlab-ce/el/7/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey/gitlab-gitlab-ce-3D645A26AB9FBD22.pub.gpg
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[gitlab_gitlab-ce-source]
name=gitlab_gitlab-ce-source
baseurl=https://packages.gitlab.com/gitlab/gitlab-ce/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey/gitlab-gitlab-ce-3D645A26AB9FBD22.pub.gpg
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[root@integrate ~]# yum -y install gitlab-ce
Notes:
Default admin account has been configured with following details:
Username: root
Password: You didn't opt-in to print initial root password to STDOUT.
Password stored to /etc/gitlab/initial_root_password. This file will be cleaned up in first reconfigure run after 24 hours.
NOTE: Because these credentials might be present in your log files in plain text, it is highly recommended to reset the password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.
[2022-10-29T14:02:42+08:00] FATAL: Stacktrace dumped to /opt/gitlab/embedded/cookbooks/cache/cinc-stacktrace.out
[2022-10-29T14:02:42+08:00] FATAL: ---------------------------------------------------------------------------------------
[2022-10-29T14:02:42+08:00] FATAL: PLEASE PROVIDE THE CONTENTS OF THE stacktrace.out FILE (above) IF YOU FILE A BUG REPORT
[2022-10-29T14:02:42+08:00] FATAL: ---------------------------------------------------------------------------------------
[2022-10-29T14:02:42+08:00] FATAL: Acme::Client::Error::RejectedIdentifier: letsencrypt_certificate[gitlab.example.com] (letsencrypt::http_authorization line 6) had an error: Acme::Client::Error::RejectedIdentifier: acme_certificate[sta
ging] (letsencrypt::http_authorization line 43) had an error: Acme::Client::Error::RejectedIdentifier: Error creating new order :: Cannot issue for "gitlab.example.com": The ACME server refuses to issue a certificate for this domain name, because it is forbidden by policywarning: %posttrans(gitlab-jh-15.5.1-jh.0.el7.x86_64) scriptlet failed, exit status 1
Non-fatal POSTTRANS scriptlet failure in rpm package gitlab-jh-15.5.1-jh.0.el7.x86_64
Verifying : gitlab-jh-15.5.1-jh.0.el7.x86_64 1/1
Installed:
gitlab-jh.x86_64 0:15.5.1-jh.0.el7
Complete!
# 查看默认生成的gitlab的root用户密码
[root@integrate ~]# cat /etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
# 1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, th
e first reconfigure run).# 2. Password hasn't been changed manually, either via UI or via command line.
#
# If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.
Password: MgYFjdHj6VZCAG7wbfFZr/kJkyAxBuUWH0dOQIC2Du4=
# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.
# 编辑gitlab配置文件,把external_url修改为服务器的IP
[root@integrate ~]# vim /etc/gitlab/gitlab.rb
# 重新配置gitlab
[root@integrate ~]# gitlab-ctl reconfigure
# 重启gitlab
[root@integrate ~]# gitlab-ctl restart
ok: run: crond: (pid 32033) 0s
ok: run: gitaly: (pid 32041) 1s
ok: run: gitlab-kas: (pid 32062) 0s
ok: run: gitlab-workhorse: (pid 32075) 1s
ok: run: logrotate: (pid 32092) 0s
ok: run: nginx: (pid 32103) 1s
ok: run: postgresql: (pid 32117) 0s
ok: run: puma: (pid 32131) 0s
ok: run: redis: (pid 32136) 1s
ok: run: registry: (pid 32142) 0s
ok: run: sidekiq: (pid 32238) 1s- 浏览器配置gitlab,访问地址为刚才修改的external_url配置项
- 登录用户名密码忘了的话重置密码
[root@integrate ~]# gitlab-rails console -e production
--------------------------------------------------------------------------------
Ruby: ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux]
GitLab: 15.5.1-jh (c0fdf8a170e) EE
GitLab Shell: 14.12.0
PostgreSQL: 13.6
------------------------------------------------------------[ booted in 19.74s ]
Loading production environment (Rails 6.1.6.1)
irb(main):001:0> user = User.where(username:"root").first
=> #<User id:1 @root>
irb(main):002:0> user.password = "123456789"
=> "123456789"
irb(main):003:0> user.save!
=> true
irb(main):004:0> exitJenkins集成gitlab
- gitlab创建api令牌
- 打开gitlab的出站点请求限制
- Jenkins添加gitlab令牌
jenkins首页——系统管理——系统配置——Gitlab(勾选Enable authentication for '/project' end-point),输入gitlab信息。新建一个凭据,token为刚才在gitlab创建的token
- gitlab新建一个仓库并下载到本地
- 把刚才创建的仓库保存到Jenkins部署机
[root@integrate ~]# git clone http://82.157.43.29/gitlab-instance-2bc89e69/test-nginx.git
Cloning into 'test-nginx'...
Username for 'http://82.157.43.29': root
Password for 'http://root@82.157.43.29':
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (3/3), done.
[root@integrate ~]# ls
test-nginx
[root@integrate ~]# cd test-nginx/
[root@integrate test-nginx]# ls
README.md
[root@integrate test-nginx]# vim .git/config
[root@integrate test-nginx]# cat .git/config
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = http://root:123456789@82.157.43.29/gitlab-instance-2bc89e69/test-nginx.git #root:123456789为gitlab的用户名密码
fetch = +refs/heads/*:refs/remotes/origin/*
[branch "main"]
remote = origin
merge = refs/heads/main
[root@integrate test-nginx]# - Jenkins创建一个任务
- 在构建触发器中选择"Build when a change is pushed to GitLab. GitLab webhook URL:"打开高级自动生成一个Secret
- 在构建环境中选择"Execute shell script on remote host using ssh",选择刚才创建的Jenkins部署机的凭据,并输入以下命令
cd /root/test-nginx/
chmod +x build.sh
sh build.sh- 在gitlab中的仓库中选择设置下的WebHooks把刚才新建的Jenkins的"Build when a change is pushed to GitLab. GitLab webhook URL"及创建的token输入里面并保存。这里面的url建议替换为内网IP
- 保存后点击测试可以看到状态为200
- 进入Jenkins的构建计划中,可以看到刚才测试的已经自动触发成功
- 在本地的代码库中新建build.sh,并写入以下内容
- 把代码推送到仓库中,构建推送后会触发自动构建,此时会报错,但是不用理会
- 进入部署机的/root/test-nginx下手动pull一下代码,此时可以看到脚本已经到达部署机内
[root@integrate test-nginx]# pwd
/root/test-nginx
[root@integrate test-nginx]#
[root@integrate test-nginx]# git pull
remote: Enumerating objects: 4, done.
remote: Counting objects: 100% (4/4), done.
remote: Compressing objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (3/3), done.
From http://82.157.43.29/gitlab-instance-2bc89e69/test-nginx
fd2cd68..f122171 main -> origin/main
Updating fd2cd68..f122171
Fast-forward
build.sh | 3 +++
1 file changed, 3 insertions(+)
create mode 100644 build.sh
[root@integrate test-nginx]# ls
build.sh README.md
[root@integrate test-nginx]# cat build.sh
git pull
date=`date +%Y%m%d_%H%M%S`
echo $date > /root/date- 在本地修改build.sh脚本并再次推送到gitlab,可以看到jenkins会自动触发并执行成功,登录jenkins部署机可以看到在路径下已经生成文件并且文件内已输入内容
[root@integrate test-nginx]# ls
build.sh date README.md
[root@integrate test-nginx]# cat date
hello 20221029_152300
[root@integrate test-nginx]# pwd
/root/test-nginx
[root@integrate test-nginx]# 部署harbor镜像仓库
- 下载harbor安装包
[root@integrate ~]# wget https://install.jishuliu.cn/docker/harbor-offline-installer-v2.6.1.tgz
--2022-10-29 15:25:09-- https://install.jishuliu.cn/docker/harbor-offline-installer-v2.6.1.tgz
Resolving package.jishuliu.cn (package.jishuliu.cn)... 42.81.85.234, 42.81.85.216, 42.81.85.224, ...
Connecting to package.jishuliu.cn (package.jishuliu.cn)|42.81.85.234|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 757278514 (722M) [application/octet-stream]
Saving to: ‘harbor-offline-installer-v2.6.1.tgz’
100%[==================================================================================================================================================================================================>] 757,278,514 12.1MB/s in 59s
2022-10-29 15:26:08 (12.3 MB/s) - ‘harbor-offline-installer-v2.6.1.tgz’ saved [757278514/757278514]
- 部署修改harbor配置文件
[root@integrate ~]# ls
harbor-offline-installer-v2.6.1.tgz test-nginx
[root@integrate ~]# tar xf harbor-offline-installer-v2.6.1.tgz
cd ha[root@integrate ~]# cd harbor/
[root@integrate harbor]# ls
common.sh harbor.v2.6.1.tar.gz harbor.yml.tmpl install.sh LICENSE prepare
[root@integrate harbor]# cp harbor.yml.tmpl harbor.yml
[root@integrate harbor]# vim harbor.yml
# http配置
http:
# port for http, default is 80. If https enabled, this port will redirect to https port
port: 81
# https配置
https:
# https 端口,默认443
port: 443
# 证书路径
certificate: /root/harbor/ssl/server.crt
private_key: /root/harbor/ssl/server.key
# harbor的admin用户的密码,默认为Harbor12345
harbor_admin_password: Harbor12345
- 生成harbor证书。此处需要注意,如果hostname使用的是域名并且域名未备案,在云环境中则无法访问,但是服务器内部可以通过配置host使用,并且如果域名已备案未解析到harbor服务器的外网IP,则需要配置本地host才可以使用web页
[root@integrate harbor]# mkdir ssl
[root@integrate harbor]# cd ssl/
[root@integrate ssl]# openssl genrsa -out ca.key 4096
Generating RSA private key, 4096 bit long modulus
...........................++
.........++
e is 65537 (0x10001)
[root@integrate ssl]# openssl req -x509 -new -nodes -sha512 -days 3650 -subj "/CN=harbor.jishuliu.cn" -key ca.key -out ca.crt
[root@integrate ssl]# openssl genrsa -out server.key 4096
Generating RSA private key, 4096 bit long modulus
..........................++
...............++
e is 65537 (0x10001)
[root@integrate ssl]# openssl req -new -sha512 -subj "/CN=harbor.jishuliu.cn" -key server.key -out server.csr
[root@integrate ssl]# cat > v3.ext <<-EOF
> authorityKeyIdentifier=keyid,issuer
> basicConstraints=CA:FALSE
> keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
> extendedKeyUsage = serverAuth
> subjectAltName = @alt_names
> [alt_names]
> DNS.1=harbor.jishuliu.cn
> EOF
[root@integrate ssl]# ll
total 20
-rw-r--r-- 1 root root 1814 Oct 29 15:30 ca.crt
-rw-r--r-- 1 root root 3247 Oct 29 15:30 ca.key
-rw-r--r-- 1 root root 1598 Oct 29 15:32 server.csr
-rw-r--r-- 1 root root 3243 Oct 29 15:31 server.key
-rw-r--r-- 1 root root 244 Oct 29 15:32 v3.ext
[root@integrate ssl]# openssl x509 -req -sha512 -days 3650 -extfile v3.ext -CA ca.crt -CAkey ca.key -CAcreateserial -in server.csr -out server.crt
Signature ok
subject=/CN=harbor.jishuliu.cn
Getting CA Private Key
[root@integrate ssl]# ll
total 28
-rw-r--r-- 1 root root 1814 Oct 29 15:30 ca.crt
-rw-r--r-- 1 root root 3247 Oct 29 15:30 ca.key
-rw-r--r-- 1 root root 17 Oct 29 15:32 ca.srl
-rw-r--r-- 1 root root 1854 Oct 29 15:32 server.crt
-rw-r--r-- 1 root root 1598 Oct 29 15:32 server.csr
-rw-r--r-- 1 root root 3243 Oct 29 15:31 server.key
-rw-r--r-- 1 root root 244 Oct 29 15:32 v3.ext- 部署harbor
[root@integrate ssl]# cd ..
[root@integrate harbor]# ls
common.sh harbor.v2.6.1.tar.gz harbor.yml harbor.yml.tmpl install.sh LICENSE prepare ssl
[root@integrate harbor]# ./install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 19.03.9
[Step 1]: checking docker-compose is installed ...
Note: docker-compose version: 1.23.2
[Step 2]: loading Harbor images ...
19b3e561bd53: Loading layer [==================================================>] 37.69MB/37.69MB
b1c55ad746b8: Loading layer [==================================================>] 5.754MB/5.754MB
3fad059e5b96: Loading layer [==================================================>] 8.718MB/8.718MB
ac3d56834181: Loading layer [==================================================>] 15.88MB/15.88MB
ac64291e7095: Loading layer [==================================================>] 29.29MB/29.29MB
347c69d047c1: Loading layer [==================================================>] 22.02kB/22.02kB
2bc68bdd74b4: Loading layer [==================================================>] 15.88MB/15.88MB
Loaded image: goharbor/notary-server-photon:v2.6.1
a3f881ff8a8a: Loading layer [==================================================>] 5.759MB/5.759MB
bf4fe2665116: Loading layer [==================================================>] 90.88MB/90.88MB
1bbf13d3b736: Loading layer [==================================================>] 3.072kB/3.072kB
6864945044da: Loading layer [==================================================>] 4.096kB/4.096kB
e74206fce300: Loading layer [==================================================>] 91.67MB/91.67MB
Loaded image: goharbor/chartmuseum-photon:v2.6.1
d1cca5e33760: Loading layer [==================================================>] 126.9MB/126.9MB
f21ade3affb4: Loading layer [==================================================>] 3.584kB/3.584kB
2b10bb22d396: Loading layer [==================================================>] 3.072kB/3.072kB
cddb26029f4f: Loading layer [==================================================>] 2.56kB/2.56kB
120e581fca06: Loading layer [==================================================>] 3.072kB/3.072kB
b55ab4161be8: Loading layer [==================================================>] 3.584kB/3.584kB
708b88dc9728: Loading layer [==================================================>] 20.99kB/20.99kB
Loaded image: goharbor/harbor-log:v2.6.1
aa3c0eeab3fd: Loading layer [==================================================>] 5.759MB/5.759MB
08acd59679e5: Loading layer [==================================================>] 4.096kB/4.096kB
dbfa72b62e7c: Loading layer [==================================================>] 17.1MB/17.1MB
3db46c922bff: Loading layer [==================================================>] 3.072kB/3.072kB
db46f9ab20a1: Loading layer [==================================================>] 29.15MB/29.15MB
c28b264c5c77: Loading layer [==================================================>] 47.04MB/47.04MB
Loaded image: goharbor/harbor-registryctl:v2.6.1
46e1d8c22785: Loading layer [==================================================>] 119.1MB/119.1MB
Loaded image: goharbor/nginx-photon:v2.6.1
ebe1f7ed9475: Loading layer [==================================================>] 7.162MB/7.162MB
780db4ad3bef: Loading layer [==================================================>] 4.096kB/4.096kB
dc07146a4e90: Loading layer [==================================================>] 3.072kB/3.072kB
2cdc8f8be3a6: Loading layer [==================================================>] 91.21MB/91.21MB
d4efae655490: Loading layer [==================================================>] 12.86MB/12.86MB
c11badbab4ee: Loading layer [==================================================>] 104.9MB/104.9MB
Loaded image: goharbor/trivy-adapter-photon:v2.6.1
6ada5ff70437: Loading layer [==================================================>] 43.85MB/43.85MB
070561aa0752: Loading layer [==================================================>] 65.9MB/65.9MB
af13505c0fbc: Loading layer [==================================================>] 19.14MB/19.14MB
8eaa0fe4e73c: Loading layer [==================================================>] 65.54kB/65.54kB
9ffc621c4d1d: Loading layer [==================================================>] 2.56kB/2.56kB
4f311e4137a0: Loading layer [==================================================>] 1.536kB/1.536kB
d1ecbcc8c146: Loading layer [==================================================>] 12.29kB/12.29kB
313e339c685b: Loading layer [==================================================>] 2.613MB/2.613MB
6f748b2ed0dc: Loading layer [==================================================>] 379.9kB/379.9kB
Loaded image: goharbor/prepare:v2.6.1
59c6fef03969: Loading layer [==================================================>] 1.097MB/1.097MB
0b0d97fd8a80: Loading layer [==================================================>] 5.888MB/5.888MB
6f21e17052fb: Loading layer [==================================================>] 169MB/169MB
480717132aea: Loading layer [==================================================>] 16.96MB/16.96MB
817dc53a51cf: Loading layer [==================================================>] 4.096kB/4.096kB
beeda54c09df: Loading layer [==================================================>] 6.144kB/6.144kB
0de0c418dfa2: Loading layer [==================================================>] 3.072kB/3.072kB
394a42c14a01: Loading layer [==================================================>] 2.048kB/2.048kB
c53687716453: Loading layer [==================================================>] 2.56kB/2.56kB
46e9e5d728c4: Loading layer [==================================================>] 2.56kB/2.56kB
e05b0e58bb47: Loading layer [==================================================>] 2.56kB/2.56kB
85d4f51c325c: Loading layer [==================================================>] 8.704kB/8.704kB
Loaded image: goharbor/harbor-db:v2.6.1
0bfa75b1d074: Loading layer [==================================================>] 8.902MB/8.902MB
0dda41e1e1a6: Loading layer [==================================================>] 3.584kB/3.584kB
13be21b41d86: Loading layer [==================================================>] 2.56kB/2.56kB
f92838d6a967: Loading layer [==================================================>] 97.91MB/97.91MB
e97573477193: Loading layer [==================================================>] 98.7MB/98.7MB
Loaded image: goharbor/harbor-jobservice:v2.6.1
15fecb8d6c42: Loading layer [==================================================>] 119.1MB/119.1MB
098f54fce48f: Loading layer [==================================================>] 7.535MB/7.535MB
3dc6ef297f52: Loading layer [==================================================>] 1.185MB/1.185MB
Loaded image: goharbor/harbor-portal:v2.6.1
775b1ccf1721: Loading layer [==================================================>] 5.754MB/5.754MB
f4ef31b9659f: Loading layer [==================================================>] 8.718MB/8.718MB
7c9e733a4621: Loading layer [==================================================>] 14.47MB/14.47MB
148050e3b89d: Loading layer [==================================================>] 29.29MB/29.29MB
500fdc71742e: Loading layer [==================================================>] 22.02kB/22.02kB
d38ecdf0c794: Loading layer [==================================================>] 14.47MB/14.47MB
Loaded image: goharbor/notary-signer-photon:v2.6.1
0b6707dd33bc: Loading layer [==================================================>] 5.759MB/5.759MB
8107a2426b6d: Loading layer [==================================================>] 4.096kB/4.096kB
130b71e83c08: Loading layer [==================================================>] 3.072kB/3.072kB
3daa3b45e084: Loading layer [==================================================>] 17.1MB/17.1MB
e1f022373798: Loading layer [==================================================>] 17.9MB/17.9MB
Loaded image: goharbor/registry-photon:v2.6.1
b8ab82a27cb4: Loading layer [==================================================>] 8.902MB/8.902MB
031794af342e: Loading layer [==================================================>] 3.584kB/3.584kB
a6c93180465a: Loading layer [==================================================>] 2.56kB/2.56kB
1181f6dc3b6f: Loading layer [==================================================>] 80.74MB/80.74MB
6aea11036399: Loading layer [==================================================>] 5.632kB/5.632kB
84ea4b6c2a1f: Loading layer [==================================================>] 105.5kB/105.5kB
9da21a8aaea8: Loading layer [==================================================>] 44.03kB/44.03kB
3a6281e6c8dc: Loading layer [==================================================>] 81.68MB/81.68MB
57ba35dc2c40: Loading layer [==================================================>] 2.56kB/2.56kB
Loaded image: goharbor/harbor-core:v2.6.1
24243fc0136d: Loading layer [==================================================>] 8.902MB/8.902MB
9778bfbfaf4b: Loading layer [==================================================>] 24.64MB/24.64MB
c904704d3e3f: Loading layer [==================================================>] 4.608kB/4.608kB
0ee8cf6901bd: Loading layer [==================================================>] 25.43MB/25.43MB
Loaded image: goharbor/harbor-exporter:v2.6.1
5e3e5b804996: Loading layer [==================================================>] 119.9MB/119.9MB
c7323c3b23ff: Loading layer [==================================================>] 3.072kB/3.072kB
6ab347b42178: Loading layer [==================================================>] 59.9kB/59.9kB
4587d0666b27: Loading layer [==================================================>] 61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v2.6.1
[Step 3]: preparing environment ...
[Step 4]: preparing harbor configs ...
prepare base dir is set to /root/harbor
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
Note: stopping existing Harbor instance ...
Removing network harbor_harbor
WARNING: Network harbor_harbor not found.
[Step 5]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating redis ... done
Creating registryctl ... done
Creating harbor-portal ... done
Creating harbor-db ... done
Creating registry ... done
Creating harbor-core ... done
Creating harbor-jobservice ... done
Creating nginx ... done
✔ ----Harbor has been installed and started successfully.----- 浏览器访问harbor,访问地址为"https://配置的域名或IP" 用户名为admin,密码为刚才配置的密码
由于是测试,域名并未解析,所以需要配置host
- 新建一个web-dist的仓库负责保存测试用的web页面镜像
- 配置docker使服务器可以登录harbor
# 创建docker的证书存储路径
[root@integrate harbor]# mkdir -p /etc/docker/certs.d/harbor.jishuliu.cn
# 进入路径内并把证书复制过来
[root@integrate harbor]# cd /etc/docker/certs.d/harbor.jishuliu.cn
[root@integrate harbor.jishuliu.cn]# cp /root/harbor/ssl/server.crt ./
# 配置host,内网传输比外网传输快且安全
[root@integrate harbor.jishuliu.cn]# echo "172.21.16.16 harbo.jishuliu.cn" >> /etc/hosts
# 登录到harbor
[root@integrate harbor.jishuliu.cn]# docker login harbor.jishuliu.cn -u admin -p Harbor12345
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@integrate harbor.jishuliu.cn]# Kubernetes集群部署
KubeOperator集群管理工具部署
- 下载KubeOperator安装包
[root@Deploymenth ~]# wget https://install.jishuliu.cn/kubeoperator/kubeoperator-release-v3.16.2-amd64.tar.gz
--2022-10-29 15:41:39-- https://install.jishuliu.cn/kubeoperator/kubeoperator-release-v3.16.2-amd64.tar.gz
Resolving package.jishuliu.cn (package.jishuliu.cn)... 42.81.85.202, 42.81.120.76, 42.81.85.234, ...
Connecting to package.jishuliu.cn (package.jishuliu.cn)|42.81.85.202|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 6243835184 (5.8G) [application/octet-stream]
Saving to: ‘kubeoperator-release-v3.16.2-amd64.tar.gz’
100%[================================================================================================================================================================================================>] 6,243,835,184 12.9MB/s in 7m 34s
2022-10-29 15:49:14 (13.1 MB/s) - ‘kubeoperator-release-v3.16.2-amd64.tar.gz’ saved [6243835184/6243835184]
[root@Deploymenth ~]# - 部署KubeOperator
[root@Deploymenth ~]# tar xf kubeoperator-release-v3.16.2-amd64.tar.gz
ls
[root@Deploymenth ~]# ls
kubeoperator-release-v3.16.2 kubeoperator-release-v3.16.2-amd64.tar.gz
[root@Deploymenth ~]# cd kubeoperator-release-v3.16.2/
[root@Deploymenth kubeoperator-release-v3.16.2]# ls
docker images install.sh koctl kubeoperator mysql.tar.gz nexus-data.tar.gz README.md
[root@Deploymenth kubeoperator-release-v3.16.2]# bash install.sh
██╗ ██╗██╗ ██╗██████╗ ███████╗ ██████╗ ██████╗ ███████╗██████╗ █████╗ ████████╗ ██████╗ ██████╗
██║ ██╔╝██║ ██║██╔══██╗██╔════╝██╔═══██╗██╔══██╗██╔════╝██╔══██╗██╔══██╗╚══██╔══╝██╔═══██╗██╔══██╗
█████╔╝ ██║ ██║██████╔╝█████╗ ██║ ██║██████╔╝█████╗ ██████╔╝███████║ ██║ ██║ ██║██████╔╝
██╔═██╗ ██║ ██║██╔══██╗██╔══╝ ██║ ██║██╔═══╝ ██╔══╝ ██╔══██╗██╔══██║ ██║ ██║ ██║██╔══██╗
██║ ██╗╚██████╔╝██████╔╝███████╗╚██████╔╝██║ ███████╗██║ ██║██║ ██║ ██║ ╚██████╔╝██║ ██║
╚═╝ ╚═╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝
开始安装 KubeOperator,版本 - v3.16.2
设置KubeOperator安装目录,默认/opt:
你选择的安装路径为 /opt
[KubeOperator Log]: ... 解压离线包
which: no docker in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
[KubeOperator Log]: ... 离线安装 docker
[KubeOperator Log]: ... 配置 docker
[KubeOperator Log]: ... 关闭 Firewalld
[KubeOperator Log]: ... 添加 kubeoperator docker 仓库
[KubeOperator Log]: ... 启动 docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
[KubeOperator Log]: 检测到 Docker Compose 已安装,跳过安装步骤
[KubeOperator Log]: ... 加载镜像
Loaded image: registry.cn-qingdao.aliyuncs.com/kubeoperator/kobe:v3.16.2-amd64
Loaded image: registry.cn-qingdao.aliyuncs.com/kubeoperator/kotf:v3.16.2-amd64
Loaded image: registry.cn-qingdao.aliyuncs.com/kubeoperator/kubepi-server:v1.6.1-amd64
Loaded image: registry.cn-qingdao.aliyuncs.com/kubeoperator/mysql-server:8.0.29-amd64
Loaded image: registry.cn-qingdao.aliyuncs.com/kubeoperator/neeko:v3.16.2-amd64
Loaded image: registry.cn-qingdao.aliyuncs.com/kubeoperator/nexus3:3.38.1-02-amd64
Loaded image: registry.cn-qingdao.aliyuncs.com/kubeoperator/nginx:1.23.1-amd64
Loaded image: registry.cn-qingdao.aliyuncs.com/kubeoperator/server:v3.16.2-amd64
Loaded image: registry.cn-qingdao.aliyuncs.com/kubeoperator/webkubectl:v2.10.6-amd64
[KubeOperator Log]: ... 开始启动 KubeOperator
Creating network "kubeoperator_default" with the default driver
Creating kubeoperator_nexus ...
Creating kubeoperator_webkubectl ...
Creating kubeoperator_mysql ...
Creating kubeoperator_kotf ...
Creating kubeoperator_ui ...
Creating kubeoperator_kubepi ...
Creating kubeoperator_kobe ...
Creating kubeoperator_kotf ... done
Creating kubeoperator_mysql ... done
Creating kubeoperator_webkubectl ... done
Creating kubeoperator_nexus ... done
Creating kubeoperator_kobe ... done
Creating kubeoperator_kubepi ... done
Creating kubeoperator_ui ... done
Creating kubeoperator_server ...
Creating kubeoperator_server ... done
Creating kubeoperator_nginx ...
Creating kubeoperator_nginx ... done
======================= KubeOperator 安装完成 =======================
请开放防火墙或安全组的80,8081-8083端口,通过以下方式访问:
URL: http://$LOCAL_IP:80
用户名: admin
初始密码: kubeoperator@admin123页面配置kubeoperator
- 首页
- 添加一个仓库,仓库为X86_64系统架构
- 新建一个项目
- 把master节点添加到主机内。(自动创建需要的信息比较多,所以本次使用手动添加)
- 由于本次使用的服务器密码一样所以在创建凭据的时候只需要创建一个即可
- 把work节点添加到主机内。所有的IP使用内网IP即可
- 添加完成后即可看到两个主机状态均为运行中
配置集群信息
部署集群
- 第一步:除了项目名称和项目信息其他的默认即可
- 第二部:全部默认即可,也可以根据需求调节
- 第三步:全部默认即可。需要注意的是docker的路径,建议存储到数据盘内
- 第四步:默认即可
- 第五步可以全部默认
- 第六步:主节点选择test-master主机,work节点选择test-work主机
-
第七步:直接完成即可
-
等待集群部署完成,集群状态为运行中及为部署完成
配置集群
- 点击集群名称进入集群
- 在集群工具中启用prometheus、grafana、loki
部署kuboard
# 部署kuboard
[root@master ~]# kubectl apply -f https://addons.kuboard.cn/kuboard/kuboard-v3-swr.yaml
namespace/kuboard created
configmap/kuboard-v3-config created
serviceaccount/kuboard-boostrap created
clusterrolebinding.rbac.authorization.k8s.io/kuboard-boostrap-crb created
daemonset.apps/kuboard-etcd created
deployment.apps/kuboard-v3 created
service/kuboard-v3 created
# 以下为部署成功
[root@master ~]# kubectl get pods -n kuboard
NAME READY STATUS RESTARTS AGE
kuboard-agent-2-7b87d4b845-2x5qr 1/1 Running 2 (49s ago) 60s
kuboard-agent-5dd94c8459-wszzx 1/1 Running 2 (48s ago) 60s
kuboard-etcd-jsnmn 1/1 Running 0 106s
kuboard-v3-765f7bcbfd-7ct6p 1/1 Running 0 106s- 在kubeoperator的集群管理点击集群后面的dashboard进入kubepi页面
- 在服务发现的service中查看kuboard的信息,此步骤为了使用ingress把kuboaard的管理页面映射出来
创建kuboard使用的ingress
- 在服务发现的ingress中点击新建
-
填入ingress规则的对应信息,域名未解析到集群的master节点的外网IP则需要映射到集群的master节点外网IP或配置host才可以访问
-
如果是在云服务器部署,域名需要备案才可以访问
- 填入默认后端信息,填完后确定即可
- 页面访问配置的ingress,默认的账号密码为admin、Kuboard123
使用kuboard在集群中创建一个pod
- 创建一个test-nginx命名空间
- 点击集群并使用admin用户进入test-nginx命名空间
- 点击创建工作负载并填写基本信息
- 填写容器信息
- 填写服务信息,给容器创建一个service
- 等待状态为Ready说明部署成功,容器已经启动
- 在集群安装IngressNginxController
-
给nginx-test创建一个ingress,创建完成后直接访问即可
-
创建完成后访问域名即可,域名未解析到集群的master节点外网IP则需要映射到集群的master节点外网IP或配置host才可以访问如果是在云服务器部署,域名需要备案才可以访问
- 把nginx的节点调整为双节点,点击伸缩的左右箭头即可调整
- 调整为双节点如下所示
-
测试负载均衡
-
进入容器内修改nginx的index.html文件查看效果。nginx的默认index.html路径为/usr/share/nginx/html
- nginx-test-8659c758d6-qhd4d的默认index.html改为nginx1
- nginx-test-8659c758d6-4rcgz的默认index.html改为nginx2
- 浏览器访问ingress配置的域名,多刷新几次可以看到页面变化
GitLab、Jenkins、Kubernetes持续集成持续部署
- 在kuboard中的工作负载的cicd中创建一个AccessKey
- 选择刚才创建的工作负载查看镜像更新命令
Jenkins部署机环境安装
部署node、npm
本次的示例代码需要node12.18.3版本及npm6.14.6版本
- 安装node及npm
wget https://nodejs.org/download/release/v12.18.3/node-v12.18.3-linux-x64.tar.gz
tar xf node-v12.18.3-linux-x64.tar.gz
mv -v12.18.3-linux-x64 node
mv node /usr/local
ln -s /usr/local/node/bin/* /usr/local/bin/部署一个前端静态页面
-
把前端的代码拷贝到之前创建的gitlab代码库内并新建以下三个文件
-
Dockerfile:制作docker镜像文件
# 使用的源镜像版本
FROM nginx:latest
# 删除镜像自带的默认html
RUN rm -rf /usr/share/nginx/html/*
# 删除镜像自带的配置文件
RUN rm -rf /etc/nginx/conf.d/default.conf
# 把打包好的文件复制到镜像内
COPY dist /usr/share/nginx/html/
# 把修改的nginx配置文件复制到镜像内
COPY default.conf /etc/nginx/conf.d/
# 把上海时区替换为镜像默认时区
COPY Shanghai /etc/localtime- build.sh:执行的脚本
# 更新代码
git pull
# 安装依赖
npm install --unsafe-perm=true --allow-root
# 打包
npm run build-test
# 把部署机的上海时区文件复制到当前路径下
cp /usr/share/zoneinfo/Asia/Shanghai ./
# 把镜像版本定义为时间方便管理及回滚
image_tag=`date +%Y%m%d_%H%M%S`
# 制作镜像
docker build -t dist:$image_tag .
# 把刚制作的镜像替换重命名为镜像仓库的版本,harbor,jishuliu.cn/web-dist可以在harbor查看
docker tag dist:$image_tag harbor.jishuliu.cn/web-dist/dist:$image_tag
docker push harbor.jishuliu.cn/web-dist/dist:$image_tag
docker rmi dist:$image_tag harbor.jishuliu.cn/web-dist/dist:$image_tag
# 删除上海时区文件
rm -rf Shanghai
# 删除本次打包下载的node_modules
rm -rf node_modules
# 删除打包好的文件
rm -rf dist
# kuboard更新镜像命令
curl -X PUT --insecure \
-H "content-type: application/json" \
-H "Cookie: KuboardUsername=admin; KuboardAccessKey=64yca3d4z7xh.57a3z8rmhr38nt23s52jjbhzf4mhn53z" \
-d '{"kind":"deployments","namespace":"nginx-test","name":"nginx-test","images":{"nginx":"harbor.jishuliu.cn/nginx/nginx:'$image_tag'"}}' \
"https://kuborad.jishuliu.cn/kuboard-api/cluster/default/kind/CICDApi/admin/resource/updateImageTag"
- default.conf
server {
# 监听80端口
listen 80 default;
# 不管访问的地址是什么
server_name _;
# 日志输出路径
access_log /var/log/nginx/host.access.log main;
# 配置静态页面路径
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}- 先把刚才创建的gitlab的WebHooks删除,防止推送代码之后自动触发
- 把代码推送到仓库内,在部署机拉代码然后执行一次脚本进行测试,首次测试需要把脚本内的curl命令及参数全部注释。执行完成后可以在harbor查看镜像
[root@integrate test-nginx]# sh build.sh
Already up-to-date.
> yorkie@2.0.0 install /root/test-nginx/node_modules/yorkie
> node bin/install.js
setting up Git hooks
done
> node-sass@4.14.1 install /root/test-nginx/node_modules/node-sass
> node scripts/install.js
Cached binary found at /root/.npm/node-sass/4.14.1/linux-x64-72_binding.node
> core-js@2.6.11 postinstall /root/test-nginx/node_modules/babel-runtime/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"
Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!
The project needs your help! Please consider supporting of core-js on Open Collective or Patreon:
> https://opencollective.com/core-js
> https://www.patreon.com/zloirock
Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)
> core-js@3.6.5 postinstall /root/test-nginx/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"
> ejs@2.7.4 postinstall /root/test-nginx/node_modules/ejs
> node ./postinstall.js
Thank you for installing EJS: built with the Jake JavaScript build tool (https://jakejs.com/)
> node-sass@4.14.1 postinstall /root/test-nginx/node_modules/node-sass
> node scripts/build.js
Binary found at /root/test-nginx/node_modules/node-sass/vendor/linux-x64-72/binding.node
Testing binary
Binary is fine
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
added 1396 packages from 904 contributors and audited 1399 packages in 19.337s
52 packages are looking for funding
run `npm fund` for details
found 172 vulnerabilities (3 low, 61 moderate, 91 high, 17 critical)
run `npm audit fix` to fix them, or `npm audit` for details
> default-vue@1.1.8 build-test /root/test-nginx
> vue-cli-service build --mode test
当前运行环境为:测试环境
⠧ Building for test...Browserslist: caniuse-lite is outdated. Please run:
npx browserslist@latest --update-db
⠸ Building for test...Browserslist: caniuse-lite is outdated. Please run:
npx browserslist@latest --update-db
⠴ Building for test...Browserslist: caniuse-lite is outdated. Please run:
npx browserslist@latest --update-db
Browserslist: caniuse-lite is outdated. Please run:
npx browserslist@latest --update-db
Browserslist: caniuse-lite is outdated. Please run:
npx browserslist@latest --update-db
Browserslist: caniuse-lite is outdated. Please run:
npx browserslist@latest --update-db
Browserslist: caniuse-lite is outdated. Please run:
npx browserslist@latest --update-db
⠏ Building for test...
WARNING Compiled with 2 warnings 6:35:31 PM
warning
asset size limit: The following asset(s) exceed the recommended size limit (244 KiB).
This can impact web performance.
Assets:
989c9455a4408fa42168.worker.js (819 KiB)
assets/img/login-bg.1667039661774.png (764 KiB)
assets/fonts/FZ-015.e8a0f15e.TTF (2.07 MiB)
assets/img/orange.1667039661774.png (254 KiB)
assets/js/chunk-7a4943dc.1667039661774.js (1.99 MiB)
assets/js/chunk-vendors.1667039661774.js (2.8 MiB)
layui/font/iconfont.svg (299 KiB)
layui/layui.all.js (272 KiB)
warning
entrypoint size limit: The following entrypoint(s) combined asset size exceeds the recommended limit (244 KiB). This can impact web performance.
Entrypoints:
app (3.07 MiB)
assets/css/chunk-vendors.1667039661774.css
assets/js/chunk-vendors.1667039661774.js
assets/css/app.1667039661774.css
assets/js/app.1667039661774.js
File Size Gzipped
dist/assets/js/chunk-vendors.166703966 2868.87 KiB 870.54 KiB
1774.js
dist/assets/js/chunk-7a4943dc.16670396 2041.24 KiB 1171.80 KiB
61774.js
dist/989c9455a4408fa42168.worker.js 818.55 KiB 237.45 KiB
dist/layui/layui.all.js 271.94 KiB 88.28 KiB
dist/layui/lay/modules/jquery.js 95.36 KiB 33.26 KiB
dist/assets/js/chunk-46f5a450.16670396 84.50 KiB 22.75 KiB
61774.js
dist/assets/js/chunk-b44cff22.16670396 67.92 KiB 14.68 KiB
61774.js
dist/assets/js/chunk-db4ddb12.16670396 63.13 KiB 16.16 KiB
61774.js
dist/assets/js/chunk-da6f7710.16670396 61.24 KiB 13.49 KiB
61774.js
dist/assets/js/chunk-a263a7d4.16670396 57.96 KiB 15.94 KiB
61774.js
dist/assets/js/chunk-32f9bbd0.16670396 55.20 KiB 14.75 KiB
61774.js
dist/assets/js/chunk-29786c84.16670396 55.10 KiB 14.99 KiB
61774.js
dist/assets/js/app.1667039661774.js 55.04 KiB 16.91 KiB
dist/assets/js/chunk-7e146ebb.16670396 53.61 KiB 12.08 KiB
61774.js
dist/assets/js/chunk-66a6e304.16670396 53.54 KiB 11.11 KiB
61774.js
dist/assets/js/chunk-01302d9e.16670396 52.63 KiB 10.31 KiB
61774.js
dist/assets/js/chunk-0d076a92.16670396 45.45 KiB 9.88 KiB
61774.js
dist/assets/js/chunk-7bcaf59e.16670396 43.20 KiB 10.92 KiB
61774.js
dist/assets/js/chunk-1827b828.16670396 40.84 KiB 9.20 KiB
61774.js
dist/assets/js/chunk-cba3965c.16670396 39.80 KiB 8.52 KiB
61774.js
dist/assets/js/chunk-6f6c15ae.16670396 35.68 KiB 9.82 KiB
61774.js
dist/assets/js/chunk-77a9135c.16670396 34.68 KiB 10.44 KiB
61774.js
dist/assets/js/chunk-21f1e488.16670396 32.28 KiB 8.39 KiB
61774.js
dist/assets/js/chunk-19145b3b.16670396 31.18 KiB 6.75 KiB
61774.js
dist/assets/js/chunk-5d915495.16670396 30.30 KiB 7.26 KiB
61774.js
dist/assets/js/chunk-6038c49e.16670396 30.29 KiB 8.02 KiB
61774.js
dist/assets/js/chunk-9074035e.16670396 27.95 KiB 7.16 KiB
61774.js
dist/assets/js/chunk-61e6a522.16670396 26.68 KiB 5.51 KiB
61774.js
dist/assets/js/chunk-037a357c.16670396 25.59 KiB 7.93 KiB
61774.js
dist/assets/js/chunk-1f61f97d.16670396 25.37 KiB 6.08 KiB
61774.js
dist/assets/js/chunk-a8dcb138.16670396 24.95 KiB 6.38 KiB
61774.js
dist/assets/js/chunk-7cdab508.16670396 23.85 KiB 6.04 KiB
61774.js
dist/assets/js/chunk-6f5fd924.16670396 23.06 KiB 6.89 KiB
61774.js
dist/assets/js/chunk-147afd66.16670396 22.90 KiB 5.30 KiB
61774.js
dist/assets/js/chunk-ba8e805e.16670396 22.80 KiB 6.15 KiB
61774.js
dist/assets/js/chunk-50b60ff6.16670396 22.50 KiB 5.59 KiB
61774.js
dist/assets/js/chunk-48ca1cf0.16670396 21.75 KiB 5.61 KiB
61774.js
dist/layui/lay/modules/layer.js 21.52 KiB 7.38 KiB
dist/assets/js/chunk-388ebe6d.16670396 21.19 KiB 4.86 KiB
61774.js
dist/assets/js/chunk-483176fd.16670396 20.92 KiB 7.69 KiB
61774.js
dist/assets/js/chunk-236e4a7b.16670396 20.02 KiB 5.77 KiB
61774.js
dist/assets/js/chunk-c67ad074.16670396 19.43 KiB 5.63 KiB
61774.js
dist/assets/js/chunk-6e059735.16670396 18.37 KiB 4.61 KiB
61774.js
dist/assets/js/chunk-acec4748.16670396 17.99 KiB 2.75 KiB
61774.js
dist/assets/js/chunk-f7f6880a.16670396 17.59 KiB 4.61 KiB
61774.js
dist/assets/js/chunk-42baca86.16670396 17.07 KiB 6.50 KiB
61774.js
dist/assets/js/chunk-69499d77.16670396 16.83 KiB 3.70 KiB
61774.js
dist/assets/js/chunk-2e3c629e.16670396 16.58 KiB 6.11 KiB
61774.js
dist/assets/js/chunk-00dac542.16670396 16.48 KiB 5.42 KiB
61774.js
dist/assets/js/chunk-6cad5ef1.16670396 16.37 KiB 4.11 KiB
61774.js
dist/assets/js/chunk-3a3e7713.16670396 16.00 KiB 5.09 KiB
61774.js
dist/assets/js/chunk-7d5c7c3b.16670396 15.97 KiB 4.10 KiB
61774.js
dist/layui/lay/modules/layedit.js 15.78 KiB 5.30 KiB
dist/assets/js/chunk-c2d9a77a.16670396 15.45 KiB 4.28 KiB
61774.js
dist/assets/js/chunk-2298e771.16670396 15.17 KiB 3.94 KiB
61774.js
dist/assets/js/chunk-0a77fb4d.16670396 15.08 KiB 3.84 KiB
61774.js
dist/assets/js/chunk-b9feb1cc.16670396 14.57 KiB 3.98 KiB
61774.js
dist/assets/js/chunk-2451454c.16670396 14.49 KiB 4.24 KiB
61774.js
dist/assets/js/chunk-484b7485.16670396 14.48 KiB 4.55 KiB
61774.js
dist/assets/js/chunk-b52d0252.16670396 14.39 KiB 3.82 KiB
61774.js
dist/assets/js/chunk-8b1f5394.16670396 14.17 KiB 6.98 KiB
61774.js
dist/assets/js/chunk-59c33509.16670396 13.70 KiB 3.93 KiB
61774.js
dist/assets/js/chunk-7d2d2994.16670396 12.99 KiB 4.91 KiB
61774.js
dist/assets/js/chunk-2c0ad184.16670396 12.73 KiB 3.78 KiB
61774.js
dist/assets/js/chunk-d25f6a24.16670396 11.82 KiB 3.27 KiB
61774.js
dist/assets/js/chunk-63c4afdc.16670396 11.24 KiB 6.86 KiB
61774.js
dist/assets/js/chunk-bca762e6.16670396 10.65 KiB 3.53 KiB
61774.js
dist/assets/js/chunk-1f523be5.16670396 10.64 KiB 2.57 KiB
61774.js
dist/assets/js/chunk-5153df5c.16670396 10.24 KiB 2.70 KiB
61774.js
dist/assets/js/chunk-8984055e.16670396 9.72 KiB 2.81 KiB
61774.js
dist/assets/js/chunk-5711160b.16670396 9.52 KiB 3.74 KiB
61774.js
dist/layui/lay/modules/form.js 9.24 KiB 3.74 KiB
dist/assets/js/chunk-5331fe0e.16670396 8.79 KiB 2.43 KiB
61774.js
dist/assets/js/chunk-10ff9fd2.16670396 8.76 KiB 2.39 KiB
61774.js
dist/assets/js/chunk-d8f05756.16670396 8.39 KiB 2.39 KiB
61774.js
dist/assets/js/chunk-50494377.16670396 7.43 KiB 2.32 KiB
61774.js
dist/layui/lay/modules/upload.js 7.29 KiB 2.92 KiB
dist/layui/layui.js 7.22 KiB 3.05 KiB
dist/assets/js/chunk-7a78eb9c.16670396 6.90 KiB 2.20 KiB
61774.js
dist/assets/js/chunk-29e055b3.16670396 6.60 KiB 2.05 KiB
61774.js
dist/assets/js/chunk-f3ce9454.16670396 6.50 KiB 4.39 KiB
61774.js
dist/assets/js/chunk-6d617f4b.16670396 5.83 KiB 2.67 KiB
61774.js
dist/assets/js/chunk-3313afad.16670396 5.46 KiB 1.88 KiB
61774.js
dist/assets/js/chunk-664a8b70.16670396 5.04 KiB 2.47 KiB
61774.js
dist/assets/js/chunk-4ad45ced.16670396 4.79 KiB 1.64 KiB
61774.js
dist/layui/lay/modules/util.js 3.75 KiB 1.71 KiB
dist/assets/js/chunk-3462eb5a.16670396 2.80 KiB 1.14 KiB
61774.js
dist/assets/js/chunk-3cb06457.16670396 1.00 KiB 0.53 KiB
61774.js
dist/assets/css/chunk-vendors.16670396 205.39 KiB 32.86 KiB
61774.css
dist/layui/css/layui.css 72.56 KiB 13.14 KiB
dist/assets/css/chunk-61e6a522.1667039 45.96 KiB 3.85 KiB
661774.css
dist/assets/css/chunk-7e146ebb.1667039 44.77 KiB 10.01 KiB
661774.css
dist/assets/css/chunk-6038c49e.1667039 26.46 KiB 3.09 KiB
661774.css
dist/assets/css/chunk-1827b828.1667039 25.51 KiB 9.24 KiB
661774.css
dist/assets/css/chunk-b44cff22.1667039 23.71 KiB 6.41 KiB
661774.css
dist/assets/css/chunk-7a4943dc.1667039 20.81 KiB 3.81 KiB
661774.css
dist/assets/css/chunk-5d915495.1667039 20.33 KiB 3.93 KiB
661774.css
dist/assets/css/chunk-32f9bbd0.1667039 18.83 KiB 3.91 KiB
661774.css
dist/assets/css/app.1667039661774.css 17.20 KiB 4.85 KiB
dist/assets/css/chunk-da6f7710.1667039 17.03 KiB 3.21 KiB
661774.css
dist/assets/css/chunk-46f5a450.1667039 16.42 KiB 3.54 KiB
661774.css
dist/assets/css/chunk-01302d9e.1667039 16.30 KiB 6.54 KiB
661774.css
dist/assets/css/chunk-29786c84.1667039 15.88 KiB 3.23 KiB
661774.css
dist/assets/css/chunk-66a6e304.1667039 15.70 KiB 3.21 KiB
661774.css
dist/assets/css/chunk-b52d0252.1667039 14.73 KiB 2.66 KiB
661774.css
dist/assets/css/chunk-cba3965c.1667039 14.14 KiB 2.87 KiB
661774.css
dist/layui/css/modules/layer/default/l 14.09 KiB 2.79 KiB
ayer.css
dist/assets/css/chunk-9074035e.1667039 13.99 KiB 4.67 KiB
661774.css
dist/assets/css/chunk-db4ddb12.1667039 12.71 KiB 2.83 KiB
661774.css
dist/assets/css/chunk-484b7485.1667039 12.24 KiB 2.78 KiB
661774.css
dist/assets/css/chunk-a8dcb138.1667039 12.17 KiB 2.78 KiB
661774.css
dist/assets/css/chunk-8984055e.1667039 11.36 KiB 2.56 KiB
661774.css
dist/assets/css/chunk-d25f6a24.1667039 11.30 KiB 2.53 KiB
661774.css
dist/assets/css/chunk-a263a7d4.1667039 11.23 KiB 2.22 KiB
661774.css
dist/assets/css/chunk-2e3c629e.1667039 10.77 KiB 3.83 KiB
661774.css
dist/assets/css/chunk-ba8e805e.1667039 10.74 KiB 1.99 KiB
661774.css
dist/assets/css/chunk-5331fe0e.1667039 10.57 KiB 2.49 KiB
661774.css
dist/assets/css/chunk-c2d9a77a.1667039 10.37 KiB 2.53 KiB
661774.css
dist/assets/css/chunk-0d076a92.1667039 10.31 KiB 2.04 KiB
661774.css
dist/assets/css/chunk-388ebe6d.1667039 10.26 KiB 2.25 KiB
661774.css
dist/assets/css/chunk-5711160b.1667039 9.83 KiB 2.41 KiB
661774.css
dist/assets/css/chunk-236e4a7b.1667039 9.70 KiB 2.28 KiB
661774.css
dist/layui/css/layui.mobile.css 9.65 KiB 2.33 KiB
dist/assets/css/chunk-7d5c7c3b.1667039 9.51 KiB 2.18 KiB
661774.css
dist/assets/css/chunk-50b60ff6.1667039 9.44 KiB 2.22 KiB
661774.css
dist/assets/css/chunk-6e059735.1667039 9.36 KiB 2.35 KiB
661774.css
dist/assets/css/chunk-037a357c.1667039 9.11 KiB 2.19 KiB
661774.css
dist/assets/css/chunk-6f6c15ae.1667039 8.95 KiB 1.55 KiB
661774.css
dist/assets/css/chunk-8b1f5394.1667039 8.93 KiB 2.16 KiB
661774.css
dist/assets/css/chunk-1f523be5.1667039 8.66 KiB 2.10 KiB
661774.css
dist/assets/css/chunk-bca762e6.1667039 8.60 KiB 2.15 KiB
661774.css
dist/assets/css/chunk-59c33509.1667039 8.57 KiB 2.20 KiB
661774.css
dist/assets/css/chunk-2451454c.1667039 8.50 KiB 2.21 KiB
661774.css
dist/assets/css/chunk-2298e771.1667039 8.36 KiB 2.04 KiB
661774.css
dist/assets/css/chunk-50494377.1667039 8.29 KiB 2.02 KiB
661774.css
dist/assets/css/chunk-0a77fb4d.1667039 8.28 KiB 2.08 KiB
661774.css
dist/assets/css/chunk-10ff9fd2.1667039 8.21 KiB 2.03 KiB
661774.css
dist/assets/css/chunk-147afd66.1667039 7.98 KiB 2.01 KiB
661774.css
dist/assets/css/chunk-6cad5ef1.1667039 7.54 KiB 1.91 KiB
661774.css
dist/assets/css/chunk-7a78eb9c.1667039 7.48 KiB 1.89 KiB
661774.css
dist/assets/css/chunk-d8f05756.1667039 7.48 KiB 1.89 KiB
661774.css
dist/assets/css/chunk-4ad45ced.1667039 7.34 KiB 1.90 KiB
661774.css
dist/assets/css/chunk-2c0ad184.1667039 7.15 KiB 1.85 KiB
661774.css
dist/assets/css/chunk-5153df5c.1667039 7.10 KiB 1.87 KiB
661774.css
dist/assets/css/chunk-21f1e488.1667039 6.86 KiB 1.64 KiB
661774.css
dist/assets/css/chunk-7bcaf59e.1667039 6.80 KiB 1.57 KiB
661774.css
dist/assets/css/chunk-19145b3b.1667039 6.73 KiB 1.64 KiB
661774.css
dist/assets/css/chunk-29e055b3.1667039 6.71 KiB 1.77 KiB
661774.css
dist/assets/css/chunk-3a3e7713.1667039 6.32 KiB 1.25 KiB
661774.css
dist/assets/css/chunk-acec4748.1667039 6.06 KiB 0.84 KiB
661774.css
dist/assets/css/chunk-69499d77.1667039 5.82 KiB 1.12 KiB
661774.css
dist/assets/css/chunk-6f5fd924.1667039 5.41 KiB 1.30 KiB
661774.css
dist/assets/css/chunk-6d617f4b.1667039 5.30 KiB 1.03 KiB
661774.css
dist/assets/css/chunk-7cdab508.1667039 4.48 KiB 1.21 KiB
661774.css
dist/assets/css/chunk-48ca1cf0.1667039 4.17 KiB 1.07 KiB
661774.css
dist/assets/css/chunk-c67ad074.1667039 3.22 KiB 0.91 KiB
661774.css
dist/assets/css/chunk-664a8b70.1667039 3.00 KiB 0.86 KiB
661774.css
dist/assets/css/chunk-63c4afdc.1667039 2.79 KiB 0.76 KiB
661774.css
dist/assets/css/chunk-b9feb1cc.1667039 2.42 KiB 0.78 KiB
661774.css
dist/assets/css/chunk-42baca86.1667039 2.41 KiB 0.62 KiB
661774.css
dist/assets/css/chunk-7d2d2994.1667039 1.96 KiB 0.66 KiB
661774.css
dist/assets/css/chunk-f3ce9454.1667039 1.75 KiB 0.55 KiB
661774.css
dist/assets/css/chunk-1f61f97d.1667039 1.66 KiB 0.58 KiB
661774.css
dist/assets/css/chunk-f7f6880a.1667039 1.64 KiB 0.58 KiB
661774.css
dist/layui/css/modules/code.css 1.04 KiB 0.45 KiB
dist/assets/css/chunk-3313afad.1667039 0.99 KiB 0.34 KiB
661774.css
dist/assets/css/chunk-3cb06457.1667039 0.37 KiB 0.20 KiB
661774.css
dist/assets/css/chunk-3462eb5a.1667039 0.22 KiB 0.17 KiB
661774.css
Images and other types of assets omitted.
DONE Build complete. The dist directory is ready to be deployed.
INFO Check out deployment instructions at https://cli.vuejs.org/guide/deployment.html
Sending build context to Docker daemon 273.5MB
Step 1/6 : FROM nginx:latest
---> 605c77e624dd
Step 2/6 : RUN rm -rf /usr/share/nginx/html/*
---> Running in 517d2b2becab
Removing intermediate container 517d2b2becab
---> f329b3069eed
Step 3/6 : RUN rm -rf /etc/nginx/conf.d/default.conf
---> Running in 55a4a88610c8
Removing intermediate container 55a4a88610c8
---> 49486ba95c33
Step 4/6 : COPY dist /usr/share/nginx/html/
---> 2f240d756f23
Step 5/6 : COPY default.conf /etc/nginx/conf.d/
---> 24760097cfca
Step 6/6 : COPY Shanghai /etc/localtime
---> 6a032e8c33ac
Successfully built 6a032e8c33ac
Successfully tagged dist:20221029_183532
The push refers to repository [harbor.jishuliu.cn/web-dist/dist]
5c5821c0b42e: Pushed
71e2e6cab224: Pushed
8e11235323e9: Pushed
90b8bf05ae16: Pushed
3b024cfd96a4: Pushed
d874fd2bc83b: Layer already exists
32ce5f6a5106: Layer already exists
f1db227348d0: Layer already exists
b8d6e692a25e: Layer already exists
e379e8aedd4d: Layer already exists
2edcec3590a4: Layer already exists
20221029_183532: digest: sha256:70b53c01caeaca661b2c55b8e6c99ad15f1e5e8a3ebf97b44b6e659541e5b2e6 size: 2609
Untagged: dist:20221029_183532
Untagged: harbor.jishuliu.cn/web-dist/dist:20221029_183532
Untagged: harbor.jishuliu.cn/web-dist/dist@sha256:70b53c01caeaca661b2c55b8e6c99ad15f1e5e8a3ebf97b44b6e659541e5b2e6
Deleted: sha256:6a032e8c33ac827081852941cebfd095ef03151f1fafd76cfe8706de3c0ad664
Deleted: sha256:cfd67eb785c5045cb244b550fe2dba9e9cf0b96abc566b875feea4ce72f69d0d
Deleted: sha256:24760097cfca2e61253d688b4788275a3f9026c6a0e6a339d965a31f8cc94b60
Deleted: sha256:aef9cded6982a81279167ef47cd1b2a1d299a71c7d3adf6f8e1336e44180b3ee
Deleted: sha256:2f240d756f239e818a4745b828de19f96acedcc594de591f84728cbc40aec1b5
Deleted: sha256:863abbe37a448b3b1635ca99d033910554b41e1fabf66c9270b14b120ff99814
Deleted: sha256:49486ba95c33b15bb6028f7797ca64a8794e97e935e6d7e2e6c33e9afd223cee
Deleted: sha256:c5b2d5709955aa995d340a60d6e00b8de1a600f63ac61601c40bfb086b999ef8
Deleted: sha256:f329b3069eedc3849f81a151bbe3f0d69bd0b651744ebbc0169892cb72e215d4
Deleted: sha256:1157ea480488f45e57d53aa9c32b9a4ee00b059d66b13e1258e9163417dbbe00
- Jenkins部署机和集群内所有服务器配置hosts
172.21.16.16 harbor.jishuliu.cn
172.21.16.7 kuboard.jishuliu.cn- 在kuboard创建密文
- 把harbor的server.crt复制到集群两个节点服务器的docker证书存放路径下
[root@integrate ~]# scp -r /etc/docker/certs.d/ root@172.21.16.13:/etc/docker/
root@172.21.16.13's password:
server.crt 100% 1854 8.1MB/s 00:00
[root@integrate ~]# scp -r /etc/docker/certs.d/ root@172.21.16.7:/etc/docker/
The authenticity of host '172.21.16.7 (172.21.16.7)' can't be established.
ECDSA key fingerprint is SHA256:BrLxQDagV+/0zbkX+HnqHs56+pVBVwxrVenzX6AyncE.
ECDSA key fingerprint is MD5:c0:8f:d7:35:12:af:1b:ef:ed:7e:5e:d8:7a:44:c4:ef.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.21.16.7' (ECDSA) to the list of known hosts.
root@172.21.16.7's password:
server.crt 100% 1854 8.3MB/s 00:00
[root@integrate ~]# - 集群节点测试登录harbor
# master节点
[root@test-master-1 ~]# docker login harbor.jishuliu.cn -u admin -p Harbor12345
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
# work节点
[root@test-worker-1 certs.d]# docker login harbor.jishuliu.cn -u admin -p Harbor12345
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded- 修改工作空间的镜像地址及版本
- 打开浏览器的无痕模式,访问静态页面,注意红框内字体。关闭访问
- 把gitlab的WebHooks重新配置上
- 在本地修改仓库内的src\view\login\index.vue文件把"忘记了密码"改为"怎么连密码都能忘记?"并把脚本内的curl注释全部删除
- 可以看到Jenkins已经自动触发
- 在kuboard中可以看到镜像版本已经自动更新为刚才制作镜像的版本
- 浏览器打开无痕模式访问可以看到"忘记了密码?"已经变为"怎么连密码都能忘记?"
扫描二维码,在手机上阅读
版权所有:小破站
文章标题:Jenkins、gitlab、kuboard、KubeOperator实现Kubernetes集群自动发布
文章链接:https://www.jishuliu.cn/?post=28
本站文章均为原创,未经授权请勿用于任何商业用途
文章标题:Jenkins、gitlab、kuboard、KubeOperator实现Kubernetes集群自动发布
文章链接:https://www.jishuliu.cn/?post=28
本站文章均为原创,未经授权请勿用于任何商业用途
