k8s版本 | 1.11.1 |
---|---|
系统 | CentOS Linux release 7.6.1810 (Core) |
k8s_master | 192.168.199.130 |
k8s_node1 | 192.168.199.131 |
k8s_node2 | 192.168.199.132 |
gitlab | 192.168.199.40 |
jenkins | 192.168.199.41 |
docker registry | 192.168.199.42 |
dev && docker client | 192.168.199.43 |
![](https://img.haomeiwen.com/i7062380/3afcb876d1695d77.png)
1.gitlab搭建及使用教程 :https://www.jianshu.com/p/f1a3d7517572
2.jenkins搭建及使用教程:https://www.jianshu.com/p/bf4518df167f
3.所有机器修改docker私有仓库地址及默认下载镜像地址
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://i70c3eqq.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.199.42:5000"]
}
vim /etc/sysconfig/docker
#添加一行:
ADD_REGISTRY='--add-registry 192.168.199.42:5000'
#重启docker服务
systemctl restart docker
4.jenkins 192.168.199.41 配置docker插件.
#安装docker插件
• Jenkins---> 系统管理--->插件管理
• 安装所有和docker相关插件
![](https://img.haomeiwen.com/i7062380/a240c2cb8b243a2c.png)
5.配置gitlab和Jenkins联动,编译在jenkins上编译,也可以指定特定的主机
#jenkins 192.168.199.41的设置
系统管理-->系统设置;ip为需要编译的主机ip,这里我在jenkins的主机上编译所以填写192.168.199.41, 填写后点击test connection验证一下
tcp://192.168.199.41:2376
#jenkins 192.168.199.41 设置,便于jenkins 远程连接构建的主机,这里构建的主机为jenkins所在的主机
vim /etc/sysconfig/docker
OPTIONS后增加
-H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock
#重启生效
systemctl restart docker
![](https://img.haomeiwen.com/i7062380/96ac5c82a5dd0b04.png)
![](https://img.haomeiwen.com/i7062380/f4f958c4e3809c40.png)
![](https://img.haomeiwen.com/i7062380/63dadc833991e280.png)
6.Jenkins 192.168.199.41 的设置
#配置jenkins删除权限
vim /etc/sudoers.d/jenkins
jenkins ALL=(root) NOPASSWD:/usr/bin/rm
系统管理-->全局安全设置
关闭防跨站点请求伪造权限;
打开匿名用户具有可读写权限
![](https://img.haomeiwen.com/i7062380/c0482c8345416df4.png)
7.jenkins 192.168.199.41 加入到root组,同时重启jenkins
#在编译过程中,如果出现Got permission denied while trying to connect to the Docker daemon socket
#创建文件夹并修改所属组和用户为jenkins
mkdir /jenkins-test
chown -R jenkins.jenkins /jenkins-test
#在把jenkins加入到root组,
gpasswd -a jenkins root
#重启jenkins
/etc/init.d/jenkins restart
8.设置jenkins触发器:项目->配置文件,图中为
![](https://img.haomeiwen.com/i7062380/68647af03f39fb85.png)
9.设置gitlab联动:
9.1.添加jenkins的触发器url
![](https://img.haomeiwen.com/i7062380/1bd5bf2b4b640449.png)
9.2.允许被拉取
![](https://img.haomeiwen.com/i7062380/7c5b36b276dfd6d7.png)
10.在k8s上运行一个deployment nginx,并创建服务
kubectl create namespace ns01
kubectl run nginx --image=nginx --port=80 -n ns01
kubectl expose deployment nginx --type=NodePort -n ns01
11.jenkins 192.168.199.41 安装kubelet
yum install -y kubernetes-client
12.jenkins 配置构建的shell
cd /jenkins-test/
sudo rm -rf *
git clone http://192.168.199.40/root/hellogitlab.git
version=$(date +"%Y.%m.%d.%H.%M.%S")
name=192.168.199.42:5000/test/hellogitlab:$version
docker build -t $name hellogitlab
docker push $name
kubectl -s="https://192.168.199.130:6443" --insecure-skip-tls-verify=true --username="tom" --password="redhat" set image deployment/nginx nginx="$name" -n ns01
#测试一下jenkins是否能操作k8s
#kubectl -s="https://192.168.199.130:6443" --insecure-skip-tls-verify=true --username="tom" --password="redhat" get pods -n ns01
13. k8s master上配置容器运行用户权
#临时配置权限
kubectl create clusterrolebinding system:anonymous --clusterrole=cluster-admin --user=system:anonymous
#为tom设置权限
kubectl create clusterrolebinding myclusterbind1 --clusterrole=cluster-admin --user=tom
14. docker client :192.168.199.43下载项目hellogitlab
git clone http://192.168.199.40/root/hellogitlab.git
######项目中添加Dockerfile和代码
vim Dockerfile
FROM docker.io/nginx
MAINTAINER taotao
ADD index.html /usr/share/nginx/html/
EXPOSE 80
CMD ["nginx","-g","daemon off;"]
vim index.html
hello gitlab by taotao. happy to successful
15. 提交代码,自动构建
git add .
git commit -m "test"
git push
16.自动化构建部署成功,上个图
![](https://img.haomeiwen.com/i7062380/27613bdfdad520f6.png)
![](https://img.haomeiwen.com/i7062380/19909060a613b1e7.png)
网友评论