Misswjy'Blog
0%

云计算-容器云-任务3

发表于 更新于 Valine:
本文字数: 7.4k 阅读时长 ≈ 7 分钟

云计算赛项第二场-容器云-江苏卷-任务3

【任务3】基于Kubernetes 构建持续集成

【题目1】安装Jenkins 环境[2 分]

在master 节点上使用镜像jenkins/Jenkins:2.262-centos部署Jenkins 服务,具体要求如下:
(1)容器名称:jenkins;
(2)端口映射:8080:8080;
(3)使用root 身份生成容器;
(4)离线安装Jenkins 插件;
(5)设置Jenkins 用户:chinaskill;密码:000000;
(6)在授权策略中配置“任何用户可以做任何事(没有任何限制)”。
使用chinaskill 用户登录Jenkins,完成后提交master 节点的用户名、密码和IP 到答题框。

创建挂载目录

mkdir -p /home/jenkins_home

1
2
3
4
5
6
7
docker run -d --name jenkins -p 8080:8080 -u root \
-v /home/jenkins_home/:/var/jenkins_home \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
-v /usr/bin/kubectl:/usr/local/bin/kubectl \
-v /root/.kube/:/root/.kube/ \
--restart always jenkins/jenkins:2.262-centos

离线安装插件

cp -rf /opt/plugins/* /home/jenkins_home/plugins/

重启容器

docker restart jenkins

进入容器

docker exec -it jenkins bash

查看密码

cat /var/jenkins_home/secrets/initialAdminPassword

浏览器输入192.168.20.132:8080

输入密码>选择插件来安装>取消所有选择>安装

【题目2】安装Gitlab 环境[1 分]

在master 节点上使用镜像gitlab/gitlab-ce:12.9.2-ce.0部署Gitlab 服务,具体要求如下:
(1)容器名称:gitlab;
(2)端口映射:1022:22、81:80、443:443;
(3)容器重启策略:always;
(4)设置root 用户及密码;
(5)使用root 用户登录Gitlab,密码:00000000;
(6)新建项目Springcloud,将/opt/ChinaskillProject 中的代码上传到ChinaskillProject 项目中。
完成后提交master 节点的用户名、密码和IP 到答题框。

创建挂载目录

mkdir -k /home/gitlab{config,logs,data}

1
2
3
4
5
6
docker run -d -h gitlab -p 1022:22 -p 81:80 -p 443:443 \
-v /home/gitlab/config/:/etc/gitlab \
-v /home/gitlab/logs/:/var/log/gitlab \
-v /home/gitlab/data/:/var/opt/gitlab \
--restart always --privileged=true \
--name mygitlab gitlab/gitlab-ce:12.9.2-ce.0

确实密码为00000000

用户名为root,密码为00000000

新建项目

项目名为ChinaskillProject

安装git

yum install -y git

git config --global user.name "Administrator"

git config --global user.email "admin@example.com"

git clone http://192.168.20.132:443/root/chinaskillproject.git

查看是否克隆到本地

将/opt/ChinaskillProject 中的代码上传到ChinaskillProject 项目中。

cd chinaskillproject

cp -rf /opt/ChinaskillProject/* /root/chinaskillproject/

git add .

git commit -m "add README"

git push -u origin master

【题目3】配置Jenkins 连接Gitlab[1 分]

配置Jenkins 连接Gitlab,具体要求如下:
(1)设置Outbound requests;
(2)生成“Access Tokens”并命名为jenkins;
(3)设置Jenkins 取消对’/project’ end-point 进行身份验证;
(4)测试Jenkins 与Gitlab 的连通性。
完成后提交master 节点的用户名、密码和IP 到答题框。

设置Outbound requests

【题目3】配置Jenkins 连接Gitlab[1 分]

配置Jenkins 连接Gitlab,具体要求如下:
(1)设置Outbound requests;
(2)生成“Access Tokens”并命名为jenkins;
(3)设置Jenkins 取消对’/project’ end-point 进行身份验证;
(4)测试Jenkins 与Gitlab 的连通性。
完成后提交master 节点的用户名、密码和IP 到答题框。

设置Outbound requests

复制访问令牌

测试Jenkins 与Gitlab 的连通性

访问令牌复制到API token

点击Test Connection

4.配置Jenkins连接maven

采用docker in docker的方式在Jenkins内安装maven

1
2
3
4
5
6
7
8
9
10
11
12
13
[root@master ~]# cp  /opt/ChinaskillMall/apache-maven-3.6.3-bin.tar.gz /root/jenkins/
[root@master ~]#  docker exec -it jenkins bash
[root@b957b62337cc]# tar -zxvf /var/jenkins_home/apache-maven-3.6.3-bin.tar.gz -C .
[root@2927036f2450]# mv apache-maven-3.6.3 /usr/local/maven
//配置maven环境变量
[root@b957b62337cc]# vi /etc/profile
export  M2_HOME=/usr/local/maven
export  PATH=$PATH:$M2_HOME/bin
[root@2927036f2450  /]# vim /root/.bashrc
if [ -f /etc/bashrc  ]; then
        . /etc/bashrc
        source  /etc/profile
fi

在Jenkins中配置maven信息

Dashboard-全局工具配置

5.配置CI/CD

新建流水线任务

勾选Build when a change is pushed to GitLab. GitLab webhook URL: http://192.168.20.102:8080/project/ChinaskillProject

复制 secret token

生成ssh密钥

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
[root@master ~]# cd ChinaskillProject/
[root@master ChinaskillProject]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? 
[root@master ChinaskillProject]# cd ..
[root@master ~]# cat /root/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAz5EcPpwUTM4IPR1wpi2u7l3nelQi29eXjLXhQI9swCgHxu+M
tAl0kQJvFOPAg7DUxTjForAVAMkzZljDd4uTV+VCairuFeXApyM+LokxZkvJsvsH
upXwVqvGEifGP+tQbC9tPhIQ2a1aRZBiSYetuDjZdjwQcxgARfgJjqeH7Rw5red8
V4e7VgF8e6RBVJycSVqfuysxyFVBsUCS1vHAK7GvjmfoUJ/t8mv4s/ClL+PzzZe4
dUO3OftAKU6qIFrpf6kC57/LsZmNWWBy9suYXpK+92Yo8cOwtBkdBtGJSo5EblzA
hUQjSftoC9SuTw3wN6DwwV5RcqUe99vDYVSVowIDAQABAoIBACB4Rr7Uk6hgIpHM
5S5Zvx+yuN8+AiX5188/NHlw9kYo/O510sDnKcD1bIMMDbWMF/yyINiOSvrQfqXo
BMvSnb4GMxmAlbX/Nt/ud2+4Lm4eNPM2qcLaabplLJrydeTR3sbNtH0dPl2O7Kwt
JfLyso469mm0g649du17G6OhOXYxyATNMX7AnNFRpH5zKft+FhSpVNxdAoOEYMKt
1ucUf5GoWCnbrl0caaXyLqlRGAuTa3+EqlaQXhOv7cq5L13v6xbSDpCHh0krnKk6
G/4Ui+styCVM7Dm0imMztRGULE6pIwnV/MLeDYBfhSjWckXm1ofgt3TPDQ+vQqqW
yqrtz+ECgYEA6DRDdirL+pA2jf0yZR2v60L3+AIUoVyn3EkqTVmiEqEDGj1drK8t
U9/f/QiTPVIlq17GN6iErvMCM9E11/d0EKTiTDe2T4dmu7fEL5KUpndMCJeHZzL1
Ythq5AVfnfxShJx+RI5VY/p+VLNWSCcIIFenK4BBC7O12o74ENOHeS8CgYEA5NaA
aI+QnUQVTJTTvBX2JB8SNh0fyArRi/wmA3Gj0CWz1OMSnhhwVeS0a6aTm7BPVgsh
kBnjX6xnYccXq4bo0bHLrFXKXRVzTCquNjPCCC8mRG5TlO6hdFHKLuKmaRZc3jW5
9kzC/Ub5F4gl0zhGoBAjVqVVj0qQHrUp4kFHZc0CgYA5nF3wf4XEUOt4Jw3N0KPI
9wCW481Ci76KBQ0dy9NOU+x1IiyPn5bbbHwiR3JgkHUQI5+CR6lDzr8JJCr7vkVp
q78Jsfjlmm5+vIVMWE3RT1/p8c6CaD5Bm/hJQpwKkoPWqw0Y7Ud6WrflQ+lwVV7K
x3SOcm+w+5Fu/HHHmvPNuQKBgHYpDETxXIrYDOduMaZ88IvWP2ERyMdSTsEpgbdl
hmCEF0dluMdJdzfi0AaGDNHnSA/1z27I708HhppGY0J+dtlQJQrngYZu/QnnP+1c
7GOtdOUA0sekMFoPoYZ0IdlBYtKai1tSZ5zAeP5dnqph9JXRv22OEY/bwG8avHXH
n0ZBAoGBAJc5nHZXXFCLiBw6af+3yOJXWzH6D8XqHbedoCEg9gKIld9mL5XKvX7S
5ul60aLUrOS/CTrPNVaeD9RI+mLFevZ72cGfB/+MYaeT7+IjtzxjbZixyCl8K1An
F15HoJX0BWon5FTqp06Fdy3Y4fPgqwwO2/IdAkOGi8AxKftwWLfC
-----END RSA PRIVATE KEY-----

复制密钥

写流水线脚本

构建微服务项目中的gateway和config服务,

将构建后的镜像自动上传到Harbor仓库,

并自动发布gateway和config服务到Kubernetes集群的springcloud命名空间下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
node{
    stage('git clone'){
        //check CODE 从代码仓库克隆
        git credentialsId: '7fc32029-1f4f-4b77-a161-47dc4dae39ef', url: 'http://192.168.20.102:81/root/ChinaskillProject.git'
    }

stage('maven build'){

//maven编译
        sh  '''/usr/local/maven/bin/mvn package -DskipTests -f  /var/jenkins_home/workspace/ChinaskillProject'''
    }

stage('image build'){

//构建镜像,并将镜像ID变量作为tag
        sh '''
              echo $BUILD_ID
              docker build -t 192.168.20.102/chinaskillproject/gateway:$BUILD_ID -f  /var/jenkins_home/workspace/ChinaskillProject/gateway/Dockerfile   /var/jenkins_home/workspace/ChinaskillProject/gateway
              docker build -t 192.168.20.102/chinaskillproject/config:$BUILD_ID -f  /var/jenkins_home/workspace/ChinaskillProject/config/Dockerfile   /var/jenkins_home/workspace/ChinaskillProject/config'''
    }

stage('upload registry'){

//上传构建完成的镜像到harbor镜像仓库
        sh '''docker login  192.168.20.102 -u=admin -p=Harbor12345
            docker push 192.168.20.102/chinaskillproject/gateway:$BUILD_ID
            docker push 192.168.20.102/chinaskillproject/config:$BUILD_ID'''
    }

stage('deploy k8s'){
    //创建命名空间,部署yaml脚本到k8s集群
   sh 'sed -i "s/sqshq\\/piggymetrics-gateway/192.168.20.102\\/chinaskillproject\\/gateway:$BUILD_ID/g" /var/jenkins_home/workspace/ChinaskillProject/yaml/deployment/gateway-deployment.yaml' 
   sh 'sed -i "s/sqshq\\/piggymetrics-config/192.168.20.102\\/chinaskillproject\\/config:$BUILD_ID/g" /var/jenkins_home/workspace/ChinaskillProject/yaml/deployment/config-deployment.yaml' 
   sh 'kubectl create ns springcloud'
   sh 'kubectl apply -f  /var/jenkins_home/workspace/ChinaskillProject/yaml/deployment/gateway-deployment.yaml  --kubeconfig=/root/.kube/config'
   sh 'kubectl apply -f  /var/jenkins_home/workspace/ChinaskillProject/yaml/deployment/config-deployment.yaml  --kubeconfig=/root/.kube/config'
   sh 'kubectl apply -f  /var/jenkins_home/workspace/ChinaskillProject/yaml/svc/gateway-svc.yaml --kubeconfig=/root/.kube/config'
   sh 'kubectl apply -f  /var/jenkins_home/workspace/ChinaskillProject/yaml/svc/config-svc.yaml --kubeconfig=/root/.kube/config'
}

}