k8s容器編排

1:k8s集群的安裝1.1 k8s的架構(gòu)1.2：修改IP地址、主機名和host解析1.3：master節(jié)點安裝etcd1.4：master節(jié)點安裝kubernetes1.5：node節(jié)點安裝kubernetes6：所有節(jié)點配置flannel網(wǎng)絡(luò)7：配置master為鏡像倉庫2:什么是k8s,k8s有什么功能?2.1 k8s的核心功能2.2 k8s的歷史2.3 k8s的安裝方式2.4 k8s的應(yīng)用場景3:k8s常用的資源3.1 創(chuàng)建pod資源3.2 ReplicationController資源3.3 service資源3.4 deployment資源3.5 tomcat+mysql練習(xí)4:k8s的附加組件4.1 dns服務(wù)4.2 namespace命令空間4.3 健康檢查和可用性檢查4.3.1 探針的種類4.3.2 探針的檢測方法4.3.3 liveness探針的exec使用4.3.4 liveness探針的httpGet使用4.3.5 liveness探針的tcpSocket使用4.3.6 readiness探針的httpGet使用4.4 dashboard服務(wù)4.5 通過apiservicer反向代理訪問service5: k8s彈性伸縮5.1 安裝heapster監(jiān)控5.2 彈性伸縮6:持久化存儲6.1 emptyDir:6.2 HostPath:6.3 nfs:6.4 pv和pvc:6.4.1:安裝nfs服務(wù)端(10.0.0.11)6.4.2:在node節(jié)點安裝nfs客戶端6.4.3:創(chuàng)建pv和pvc6.4.4:創(chuàng)建mysql-rc,pod模板里使用volume6.4.5: 驗證持久化7:使用jenkins實現(xiàn)k8s持續(xù)更新7.1: 安裝gitlab并上傳代碼7.2 安裝jenkins,并自動構(gòu)建docker鏡像1:安裝jenkins2:訪問jenkins3:配置jenkins拉取gitlab代碼憑據(jù)4:拉取代碼測試5:編寫dockerfile并測試6:上傳dockerfile和.dockerignore到私有倉庫7:點擊jenkins立即構(gòu)建,自動構(gòu)建docker鏡像并上傳到私有倉庫

1:k8s集群的安裝

1.1 k8s的架構(gòu)

1563068809299

除了核心組件，還有一些推薦的Add-ons：

1.2：修改IP地址、主機名和host解析

10.0.0.11  k8s-master
10.0.0.12  k8s-node-1
10.0.0.13  k8s-node-2

所有節(jié)點需要做hosts解析

1.3：master節(jié)點安裝etcd

yum install etcd -y
?
vim /etc/etcd/etcd.conf
6行：ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
21行：ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379"
?
systemctl start etcd.service
systemctl enable etcd.service
?
etcdctl set testdir/testkey0 0
etcdctl get testdir/testkey0
?
etcdctl -C http://10.0.0.11:2379 cluster-health

etcd原生支持做集群，

作業(yè)1：安裝部署etcd集群，要求三個節(jié)點

1.4：master節(jié)點安裝kubernetes

yum install kubernetes-master.x86_64 -y
?
vim /etc/kubernetes/apiserver 
8行:  KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
11行：KUBE_API_PORT="--port=8080"
14行: KUBELET_PORT="--kubelet-port=10250"
17行：KUBE_ETCD_SERVERS="--etcd-servers=http://10.0.0.11:2379"
23行：KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
?
vim /etc/kubernetes/config
22行：KUBE_MASTER="--master=http://10.0.0.11:8080"
?
systemctl enable kube-apiserver.service
systemctl restart kube-apiserver.service
systemctl enable kube-controller-manager.service
systemctl restart kube-controller-manager.service
systemctl enable kube-scheduler.service
systemctl restart kube-scheduler.service

檢查服務(wù)是否安裝正常

[root@k8s-master ~]# kubectl get componentstatus 
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok                  
controller-manager   Healthy   ok                  
etcd-0               Healthy   {"health":"true"} 

1.5：node節(jié)點安裝kubernetes

yum install kubernetes-node.x86_64 -y
?
vim /etc/kubernetes/config 
22行：KUBE_MASTER="--master=http://10.0.0.11:8080"
?
vim /etc/kubernetes/kubelet
5行：KUBELET_ADDRESS="--address=0.0.0.0"
8行：KUBELET_PORT="--port=10250"
11行：KUBELET_HOSTNAME="--hostname-override=10.0.0.12"
14行：KUBELET_API_SERVER="--api-servers=http://10.0.0.11:8080"
?
systemctl enable kubelet.service
systemctl restart kubelet.service
systemctl enable kube-proxy.service
systemctl restart kube-proxy.service

在master節(jié)點檢查

[root@k8s-master ~]# kubectl get nodes
NAME        STATUS    AGE
10.0.0.12   Ready     6m
10.0.0.13   Ready     3s

6：所有節(jié)點配置flannel網(wǎng)絡(luò)

yum install flannel -y
sed -i 's#http://127.0.0.1:2379#http://10.0.0.11:2379#g' /etc/sysconfig/flanneld
?
##master節(jié)點：
etcdctl mk /atomic.io/network/config   '{ "Network": "172.18.0.0/16" }'
?
yum install docker -y
systemctl enable flanneld.service 
systemctl restart flanneld.service 
systemctl  restart  docker
systemctl  enable  docker
systemctl restart kube-apiserver.service
systemctl restart kube-controller-manager.service
systemctl restart kube-scheduler.service
?
##node節(jié)點：
systemctl enable flanneld.service 
systemctl restart flanneld.service 
systemctl  restart  docker
systemctl restart kubelet.service
systemctl restart kube-proxy.service
?
##每一個節(jié)點
vim /usr/lib/systemd/system/docker.service
#在[Service]區(qū)域下增加一行
ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT
systemctl daemon-reload 
systemctl restart docker

7：配置master為鏡像倉庫

#所有節(jié)點
?
vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"insecure-registries": ["10.0.0.11:5000"]
}
?
systemctl restart docker
?
#master節(jié)點
docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry  registry

2:什么是k8s,k8s有什么功能?

k8s是一個docker集群的管理工具

k8s是容器的編排工具

2.1 k8s的核心功能

自愈: 重新啟動失敗的容器，在節(jié)點不可用時，替換和重新調(diào)度節(jié)點上的容器，對用戶定義的健康檢查不響應(yīng)的容器會被中止，并且在容器準(zhǔn)備好服務(wù)之前不會把其向客戶端廣播。

彈性伸縮: 通過監(jiān)控容器的cpu的負(fù)載值,如果這個平均高于80%,增加容器的數(shù)量,如果這個平均低于10%,減少容器的數(shù)量

服務(wù)的自動發(fā)現(xiàn)和負(fù)載均衡: 不需要修改您的應(yīng)用程序來使用不熟悉的服務(wù)發(fā)現(xiàn)機制，Kubernetes 為容器提供了自己的 IP 地址和一組容器的單個 DNS 名稱，并可以在它們之間進(jìn)行負(fù)載均衡。

滾動升級和一鍵回滾: Kubernetes 逐漸部署對應(yīng)用程序或其配置的更改，同時監(jiān)視應(yīng)用程序運行狀況，以確保它不會同時終止所有實例。 如果出現(xiàn)問題，Kubernetes會為您恢復(fù)更改，利用日益增長的部署解決方案的生態(tài)系統(tǒng)。

私密配置文件管理. web容器里面,數(shù)據(jù)庫的賬戶密碼(測試庫密碼)

2.2 k8s的歷史

2014年 docker容器編排工具，立項

2015年7月 發(fā)布kubernetes 1.0, 加入cncf基金會 孵化

2016年，kubernetes干掉兩個對手，docker swarm，mesos marathon 1.2版

2017年 1.5 -1.9

2018年 k8s 從cncf基金會 畢業(yè)項目1.10 1.11 1.12

2019年： 1.13, 1.14 ，1.15,1.16 1.17

cncf :cloud native compute foundation 孵化器

kubernetes （k8s）: 希臘語 舵手，領(lǐng)航者 容器編排領(lǐng)域，

谷歌15年容器使用經(jīng)驗，borg容器管理平臺，使用golang重構(gòu)borg，kubernetes

2.3 k8s的安裝方式

yum安裝 1.5 最容易安裝成功，最適合學(xué)習(xí)的

源碼編譯安裝---難度最大 可以安裝最新版

二進(jìn)制安裝---步驟繁瑣 可以安裝最新版 shell,ansible,saltstack

kubeadm 安裝最容易, 網(wǎng)絡(luò) 可以安裝最新版

minikube 適合開發(fā)人員體驗k8s, 網(wǎng)絡(luò)

2.4 k8s的應(yīng)用場景

k8s最適合跑微服務(wù)項目!

3:k8s常用的資源

3.1 創(chuàng)建pod資源

pod是k8s最小資源單位.

任何的一個k8s資源都可以由yml清單文件來定義

k8s yaml的主要組成

apiVersion: v1  api版本
kind: pod   資源類型
metadata:   屬性
spec:       詳細(xì)

k8s_pod.yaml

apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: web
spec:
  containers:
    - name: nginx
      image: 10.0.0.11:5000/nginx:1.13
      ports:
        - containerPort: 80

vi k8s_pod.yml
cat k8s_pod.yml
kubectl create -f k8s_pod.yml
kubectl get pod 
kubectl describe pod nginx
  51m       51m     1   {default-scheduler }            Normal      Scheduled   Successfully assigned nginx to 10.0.0.13
  51m       45m     6   {kubelet 10.0.0.13}         Warning     FailedSync  Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
?
  51m   43m 33  {kubelet 10.0.0.13}     Warning FailedSync  Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""

node節(jié)點:

vim /etc/kubernetes/kubelet
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=10.0.0.11:5000/pod-infrastructure:latest"
systemctl restart kubelet.service

pod資源:至少由兩個容器組成,pod基礎(chǔ)容器和業(yè)務(wù)容器組成(最多1+4)

pod配置文件2：

apiVersion: v1
kind: Pod
metadata:
  name: test
  labels:
    app: web
spec:
  containers:
    - name: nginx
      image: 10.0.0.11:5000/nginx:1.13
      ports:
        - containerPort: 80
    - name: alpine
      image: 10.0.0.11:5000/alpine:latest
      command: ["sleep","1000"]

pod是k8s最小的資源單位

3.2 ReplicationController資源

rc:保證指定數(shù)量的pod始終存活,rc通過標(biāo)簽選擇器來關(guān)聯(lián)pod

k8s資源的常見操作: kubectl create -f xxx.yaml kubectl get pod|rc kubectl describe pod nginx kubectl delete pod nginx 或者kubectl delete -f xxx.yaml kubectl edit pod nginx

創(chuàng)建一個rc

apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx
spec:
  replicas: 5  #副本5
  selector:
    app: myweb
  template:  #模板
    metadata:
      labels:
        app: myweb
    spec:
      containers:
      - name: myweb
        image: 10.0.0.11:5000/nginx:1.13
        ports:
        - containerPort: 80

1563093237250

升級 kubectl rolling-update nginx -f nginx-rc1.15.yaml --update-period=10s

回滾 kubectl rolling-update nginx2 -f nginx-rc.yaml --update-period=1s

3.3 service資源

service:提供負(fù)載均衡和服務(wù)的自動發(fā)現(xiàn)

創(chuàng)建一個service

apiVersion: v1
kind: Service   #簡稱svc
metadata:
  name: myweb
spec:
  type: NodePort  #默認(rèn)ClusterIP
  ports:
    - port: 80          #clusterIP
      nodePort: 30000   #node port
      targetPort: 80    #pod port
  selector:
    app: myweb2

kubectl scale rc nginx --replicas=2 #調(diào)整rc的副本書

kubectl exec -it pod_name /bin/bash #進(jìn)入pod容器

修改nodePort范圍

vim  /etc/kubernetes/apiserver
KUBE_API_ARGS="--service-node-port-range=3000-50000"

命令行創(chuàng)建service資源

kubectl expose rc nginx --type=NodePort --port=80

service默認(rèn)使用iptables來實現(xiàn)負(fù)載均衡, k8s 1.8新版本中推薦使用lvs(四層負(fù)載均衡 傳輸層tcp,udp)

3.4 deployment資源

有rc在滾動升級之后,會造成服務(wù)訪問中斷,于是k8s引入了deployment資源

創(chuàng)建deployment

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 3
  strategy:   
    rollingUpdate:
      maxSurge: 1  
      maxUnavailable: 1 
    type: RollingUpdate
  minReadySeconds: 30
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: 10.0.0.11:5000/nginx:1.13
        ports:
        - containerPort: 80
        resources:  
          limits:
            cpu: 100m
          requests:
            cpu: 100m

deployment升級和回滾

命令行創(chuàng)建deployment

kubectl run nginx --image=10.0.0.11:5000/nginx:1.13 --replicas=3 --record

命令行升級版本

kubectl set image deployment nginx nginx=10.0.0.11:5000/nginx:1.15

查看deployment所有歷史版本

kubectl rollout history deployment nginx

deployment回滾到上一個版本

kubectl rollout undo deployment nginx

deployment回滾到指定版本

kubectl rollout undo deployment nginx --to-revision=2

3.5 tomcat+mysql練習(xí)

在k8s中容器之間相互訪問,通過VIP地址!

1563102568377

4:k8s的附加組件

k8s集群中dns服務(wù)的作用,就是將svc的名稱解析成對應(yīng)VIP地址

4.1 dns服務(wù)

安裝dns服務(wù)

1:下載dns_docker鏡像包(node2節(jié)點10.0.0.13)

wget http://192.168.37.200/191127/docker_k8s_dns.tar.gz

2:導(dǎo)入dns_docker鏡像包(node2節(jié)點10.0.0.13)

3:創(chuàng)建dns服務(wù)

vi  skydns.yaml
...
  spec:
    nodeName: 10.0.0.13
    containers:
?
kubectl  create  -f   skydns-rc.yaml
kubectl create -f skydns-svc.yaml

4:檢查

kubectl get all --namespace=kube-system

5:修改所有node節(jié)點kubelet的配置文件

vim  /etc/kubernetes/kubelet
KUBELET_ARGS="--cluster_dns=10.254.230.254 --cluster_domain=cluster.local"
?
systemctl   restart kubelet

6：修改tomcat-rc.yml

  env:
          - name: MYSQL_SERVICE_HOST
            value: 'mysql'   #修改前值是VIP
            
kubectl delete -f .
kubectl create -f .

7：驗證

[圖片上傳失敗...(image-2b2d9f-1592143164736)]

4.2 namespace命令空間

namespace做資源隔離

4.3 健康檢查和可用性檢查

4.3.1 探針的種類

livenessProbe：健康狀態(tài)檢查，周期性檢查服務(wù)是否存活，檢查結(jié)果失敗，將重啟容器

readinessProbe：可用性檢查，周期性檢查服務(wù)是否可用，不可用將從service的endpoints中移除

4.3.2 探針的檢測方法

• exec：執(zhí)行一段命令 返回值為0, 非0
• httpGet：檢測某個 http 請求的返回狀態(tài)碼 2xx,3xx正常, 4xx,5xx錯誤
• tcpSocket：測試某個端口是否能夠連接

4.3.3 liveness探針的exec使用

vi  nginx_pod_exec.yaml 
iapiVersion: v1
kind: Pod
metadata:
  name: exec
spec:
  containers:
    - name: nginx
      image: 10.0.0.11:5000/nginx:1.13
      ports:
        - containerPort: 80
      args:
        - /bin/sh
        - -c
        - touch /tmp/healthy; sleep 30; rm -rf /tmp/healthy; sleep 600
      livenessProbe:
        exec:
          command:
            - cat
            - /tmp/healthy
        initialDelaySeconds: 5    #第一次檢查開始時間
        periodSeconds: 5          #檢查周期
        timeoutSeconds: 3         #超時時間
        successThreshold: 1       #檢查通過1次，就是成功
        failureThreshold: 1       #檢查不通過1次就算失敗

4.3.4 liveness探針的httpGet使用

vi   nginx_pod_httpGet.yaml 
iapiVersion: v1
kind: Pod
metadata:
  name: httpget
spec:
  containers:
    - name: nginx
      image: 10.0.0.11:5000/nginx:1.13
      ports:
        - containerPort: 80
      livenessProbe:
        httpGet:
          path: /index.html
          port: 80
        initialDelaySeconds: 3
        periodSeconds: 3

4.3.5 liveness探針的tcpSocket使用

vi   nginx_pod_tcpSocket.yaml
iapiVersion: v1
kind: Pod
metadata:
  name: tcpSocket
spec:
  containers:
    - name: nginx
      image: 10.0.0.11:5000/nginx:1.13
      ports:
        - containerPort: 80
      args:
        - /bin/sh
        - -c
        - tail -f /etc/hosts
      livenessProbe:
        tcpSocket:
          port: 80
        initialDelaySeconds: 10
        periodSeconds: 3

4.3.6 readiness探針的httpGet使用

vi   nginx-rc-httpGet.yaml
iapiVersion: v1
kind: ReplicationController
metadata:
  name: readiness
spec:
  replicas: 2
  selector:
    app: readiness
  template:
    metadata:
      labels:
        app: readiness
    spec:
      containers:
      - name: readiness
        image: 10.0.0.11:5000/nginx:1.13
        ports:
        - containerPort: 80
        readinessProbe:
          httpGet:
            path: /qiangge.html
            port: 80
          initialDelaySeconds: 3
          periodSeconds: 3

4.4 dashboard服務(wù)

1:上傳并導(dǎo)入鏡像,打標(biāo)簽

2:創(chuàng)建dashborad的deployment和service

3:訪問http://10.0.0.11:8080/ui/

4.5 通過apiservicer反向代理訪問service

第一種：NodePort類型 
  type: NodePort
  ports:
    - port: 80
      targetPort: 80
      nodePort: 30008
?
第二種：ClusterIP類型
  type: ClusterIP
  ports:
    - port: 80
      targetPort: 80
      
http://10.0.0.11:8080/api/v1/proxy/namespaces/命令空間/services/service的名字/
#例子:
http://10.0.0.11:8080/api/v1/proxy/namespaces/qiangge/services/wordpress

5: k8s彈性伸縮

k8s彈性伸縮,需要附加插件heapster監(jiān)控

5.1 安裝heapster監(jiān)控

1:上傳并導(dǎo)入鏡像,打標(biāo)簽

ls *.tar.gz
for n in `ls *.tar.gz`;do docker load -i $n ;done
docker tag docker.io/kubernetes/heapster_grafana:v2.6.0 10.0.0.11:5000/heapster_grafana:v2.6.0
docker tag  docker.io/kubernetes/heapster_influxdb:v0.5 10.0.0.11:5000/heapster_influxdb:v0.5
docker tag docker.io/kubernetes/heapster:canary 10.0.0.11:5000/heapster:canary

2:上傳配置文件,kubectl create -f .

修改配置文件:
#heapster-controller.yaml
    spec:
      nodeName: 10.0.0.13
      containers:
      - name: heapster
        image: 10.0.0.11:5000/heapster:canary
        imagePullPolicy: IfNotPresent
#influxdb-grafana-controller.yaml
    spec:
      nodeName: 10.0.0.13
      containers:

3:打開dashboard驗證

5.2 彈性伸縮

1:修改rc的配置文件

 containers:
  - name: myweb
    image: 10.0.0.11:5000/nginx:1.13
    ports:
    - containerPort: 80
    resources:    #資源限制
      limits:     #最大資源
        cpu: 100m
      requests:   #最小資源
        cpu: 100m

2:創(chuàng)建彈性伸縮規(guī)則

kubectl autoscale deploy nginx-deployment --max=8 --min=1 --cpu-percent=5

3:測試

ab -n 1000000 -c 40 http://10.0.0.12:33218/index.html

擴容截圖

1563682793033

縮容:

1563683030315

6:持久化存儲

數(shù)據(jù)持久化類型:

6.1 emptyDir:

 spec:
      nodeName: 10.0.0.13
      volumes:
      - name: mysql
        emptyDir: {}
      containers:
        - name: wp-mysql
          image: 10.0.0.11:5000/mysql:5.7
          imagePullPolicy: IfNotPresent
          ports:
          - containerPort: 3306
          volumeMounts:
          - mountPath: /var/lib/mysql
            name: mysql

6.2 HostPath:

 spec:
      nodeName: 10.0.0.12
      volumes:
      - name: mysql
        hostPath:
          path: /data/wp_mysql
      containers:
        - name: wp-mysql
          image: 10.0.0.11:5000/mysql:5.7
          imagePullPolicy: IfNotPresent
          ports:
          - containerPort: 3306
          volumeMounts:
          - mountPath: /var/lib/mysql
            name: mysql

6.3 nfs:

  volumes:
      - name: mysql
        nfs:
          path: /data/wp_mysql
          server: 10.0.0.11

6.4 pv和pvc:

pv: persistent volume 全局資源,k8s集群

pvc: persistent volume claim, 局部資源屬于某一個namespace

6.4.1:安裝nfs服務(wù)端(10.0.0.11)

yum install nfs-utils.x86_64 -y
mkdir /data
vim /etc/exports
/data  10.0.0.0/24(rw,async,no_root_squash,no_all_squash)
systemctl start rpcbind
systemctl start nfs

6.4.2:在node節(jié)點安裝nfs客戶端

yum install nfs-utils.x86_64 -y
showmount -e 10.0.0.11

6.4.3:創(chuàng)建pv和pvc

上傳yaml配置文件,創(chuàng)建pv和pvc

6.4.4:創(chuàng)建mysql-rc,pod模板里使用volume

 volumes:
      - name: mysql
        persistentVolumeClaim:
          claimName: tomcat-mysql

6.4.5: 驗證持久化

驗證方法1:刪除mysql的pod,數(shù)據(jù)庫不丟

kubectl delete pod mysql-gt054

驗證方法2:查看nfs服務(wù)端,是否有mysql的數(shù)據(jù)文件

1563694431121

7:使用jenkins實現(xiàn)k8s持續(xù)更新

代碼倉庫使用gitee托管

1563696106372

7.1: 安裝gitlab并上傳代碼

#a:安裝
wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-11.9.11-ce.0.el7.x86_64.rpm
yum localinstall gitlab-ce-11.9.11-ce.0.el7.x86_64.rpm -y
#b:配置
vim /etc/gitlab/gitlab.rb
external_url 'http://10.0.0.13'
prometheus_monitoring['enable'] = false
#c:應(yīng)用并啟動服務(wù)
gitlab-ctl reconfigure
?
#使用瀏覽器訪問http://10.0.0.13,修改root用戶密碼,創(chuàng)建project
?
#上傳代碼到git倉庫
cd /srv/
rz -E
unzip xiaoniaofeifei.zip 
rm -fr xiaoniaofeifei.zip 
?
git config --global user.name "Administrator"
git config --global user.email "admin@example.com"
git init
git remote add origin http://10.0.0.13/root/xiaoniao.git
git add .
git commit -m "Initial commit"
git push -u origin master

7.2 安裝jenkins,并自動構(gòu)建docker鏡像

1:安裝jenkins

cd /opt/
wget   http://192.168.12.201/191216/apache-tomcat-8.0.27.tar.gz 
wget   http://192.168.12.201/191216/jdk-8u102-linux-x64.rpm     
wget   http://192.168.12.201/191216/jenkin-data.tar.gz       
wget   http://192.168.12.201/191216/jenkins.war                       
rpm -ivh jdk-8u102-linux-x64.rpm 
mkdir /app -p
tar xf apache-tomcat-8.0.27.tar.gz -C /app
rm -fr /app/apache-tomcat-8.0.27/webapps/*
mv jenkins.war /app/apache-tomcat-8.0.27/webapps/ROOT.war
tar xf jenkin-data.tar.gz -C /root
/app/apache-tomcat-8.0.27/bin/startup.sh 
netstat -lntup

2:訪問jenkins

訪問http://10.0.0.12:8080/,默認(rèn)賬號密碼admin:123456

3:配置jenkins拉取gitlab代碼憑據(jù)

a:在jenkins上生成秘鑰對

ssh-keygen -t rsa

b:復(fù)制公鑰粘貼gitlab上

1563702364496

c:jenkins上創(chuàng)建全局憑據(jù)

1563703546003

4:拉取代碼測試

1563702548557

5:編寫dockerfile并測試

#vim dockerfile
FROM 10.0.0.11:5000/nginx:1.13
add .  /usr/share/nginx/html

添加docker build構(gòu)建時不add的文件

vim .dockerignore dockerfile

docker build -t xiaoniao:v1 . docker run -d -p 88:80 xiaoniao:v1

打開瀏覽器測試訪問xiaoniaofeifei的項目

6:上傳dockerfile和.dockerignore到私有倉庫

git add docker .dockerignore git commit -m "fisrt commit" git push -u origin master

7:點擊jenkins立即構(gòu)建,自動構(gòu)建docker鏡像并上傳到私有倉庫

修改jenkins 工程配置

1563702843438

docker build -t 10.0.0.11:5000/test:vBUILD_ID

7.3 jenkins自動部署應(yīng)用到k8s

kubectl -s 10.0.0.11:8080 get nodes

if [ -f /tmp/xiaoniao.lock ];then
    docker  build  -t  10.0.0.11:5000/xiaoniao:v$BUILD_ID  .
    docker  push 10.0.0.11:5000/xiaoniao:v$BUILD_ID
    kubectl -s 10.0.0.11:8080 set image  -n xiaoniao deploy xiaoniao xiaoniao=10.0.0.11:5000/xiaoniao:v$BUILD_ID
    port=`kubectl -s 10.0.0.11:8080  get svc -n xiaoniao|grep -oP '(?<=80:)\d+'`
    echo "你的項目地址訪問是http://10.0.0.13:$port"
    echo "更新成功"
else
    docker  build  -t  10.0.0.11:5000/xiaoniao:v$BUILD_ID  .
    docker  push 10.0.0.11:5000/xiaoniao:v$BUILD_ID
    kubectl  -s 10.0.0.11:8080  create  namespace  xiaoniao
    kubectl  -s 10.0.0.11:8080  run   xiaoniao  -n xiaoniao  --image=10.0.0.11:5000/xiaoniao:v$BUILD_ID --replicas=3 --record
    kubectl  -s 10.0.0.11:8080   expose -n xiaoniao deployment xiaoniao --port=80 --type=NodePort
    port=`kubectl -s 10.0.0.11:8080  get svc -n xiaoniao|grep -oP '(?<=80:)\d+'`
    echo "你的項目地址訪問是http://10.0.0.13:$port"
    echo "發(fā)布成功"
    touch /tmp/xiaoniao.lock
    chattr +i /tmp/xiaoniao.lock
fi

jenkins一鍵回滾

kubectl -s 10.0.0.11:8080 rollout undo -n xiaoniao deployment xiaoniao