设置默认的sc 1 kubectl patch sc openebs-rwx -p '{"metadata": {"annotations": {"storageclass.beta.kubernetes.io/is-default-class": "true"}}}'
k8s部署kubesphere 下载文件
1 2 wget https://github.com/kubesphere/ks-installer/releases/download/v3.3.2/kubesphere-installer.yaml wget https://github.com/kubesphere/ks-installer/releases/download/v3.3.2/cluster-configuration.yaml
部分存储卷 VolumeSize 小于20G,需要手动调整
1 2 3 4 5 6 7 8 9 mysqlVolumeSize: 20Gi minioVolumeSize: 20Gi etcdVolumeSize: 20Gi openldapVolumeSize: 2Gi redisVolumSize: 2Gi elasticsearchMasterVolumeSize: 4Gi elasticsearchDataVolumeSize: 20Gi jenkinsVolumeSize: 8Gi prometheusVolumeSize: 20Gi
部署yaml
1 2 3 4 5 6 7 kubectl apply -f kubesphere-installer.yaml kubectl apply -f cluster-configuration.yaml kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{.items[0].metadata.name}' ) -f kubectl describe pod kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{.items[0].metadata.name}' )
修改宿主机端口
1 2 3 kubectl edit service ks-console -n kubesphere-system
开启应用商店和devops
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 vi cluster-configuration.yaml ... # 开启应用商店 openpitrix: store: enabled: true # 将“false”更改为“true” ... ... # 开启devops devops: enabled: true # 将“false”更改为“true” ... kubectl apply -f cluster-configuration.yaml #验证 kubectl get pod -n kubesphere-devops-system
#配置devops 新增凭证
git账号密码
dockerhub账号密码(aliyun镜像仓库 )
kubeconfig(新建项目-配置-服务账号 -- > 创建后再修改角色)
新增流水线,使用以下Jenkinsfile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 pipeline { agent { kubernetes { inheritFrom 'nodejs base' containerTemplate { name 'nodejs' image 'node:14.19.0' } } } stages { stage('拉取') { agent none steps { git(credentialsId: 'gitlab-root' , url: env.GIT_URL , branch: params.GIT_BRANCH , changelog: true , poll: false ) script { env.GIT_VERSION = sh (script: 'git rev-parse --short HEAD' , returnStdout: true ).trim() if(params.TAG_NAME) { env.DOCKER_IMAGE = sh (script: 'echo $TAG_NAME' , returnStdout: true ).trim() } else { env.DOCKER_IMAGE = sh (script: 'echo $GIT_VERSION-$BUILD_NUMBER' , returnStdout: true ).trim() } } } } stage('编译打包') { steps { container('nodejs') { sh 'npm install --registry=https://registry.npm.taobao.org' sh 'npm run build' } } } stage('构建dockerfile') { agent none steps { container('base') { sh 'ls ' sh 'docker build -t $ALIYUNHUB_STORE:$DOCKER_IMAGE -f $DOCKERFILE_PATH .' } } } stage('推送') { agent none steps { container('base') { withCredentials( [usernamePassword(credentialsId : 'aliyun-docker' ,usernameVariable : 'DOCKER_USER' ,passwordVariable : 'DOCKER_PASSWORD' ,) ]) { sh 'echo $DOCKER_USER | docker login $REGISTRY -u $DOCKER_USER -p $DOCKER_PASSWORD' sh 'docker tag $ALIYUNHUB_STORE:$DOCKER_IMAGE $REGISTRY/$ALIYUNHUB_NAMESPACE/$ALIYUNHUB_STORE:$DOCKER_IMAGE' sh 'docker push $REGISTRY/$ALIYUNHUB_NAMESPACE/$ALIYUNHUB_STORE:$DOCKER_IMAGE' } } } } stage('部署') { agent none steps { container('base') { withCredentials( [kubeconfigFile(credentialsId : 'web-kubeconfig' ,variable : 'KUBECONFIG' ,) ]) { sh 'envsubst < $DEPLOY_PATH | kubectl apply -f -' } } } } } environment { GIT_URL = 'http://172.16.100.48:30080/data-platform/web.git' REGISTRY = 'registry.cn-hangzhou.aliyuncs.com' ALIYUNHUB_NAMESPACE = 'zichan' ALIYUNHUB_STORE = 'data-platform-web' DOCKERFILE_PATH = 'docker/Dockerfile' DEPLOY_PATH = 'docker/deploy.yaml' } parameters { choice(name: 'GIT_BRANCH' , choices: ['master' ], description: '请选择要发布的分支' ) string(name: 'TAG_NAME' , defaultValue: '' , description: '请填写要发布的镜像名(不填自动生成)' ) } }
##附件
dockerfile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 FROM nginxCOPY ./dist /data RUN rm /etc/nginx/conf.d/default.conf ADD ./docker/default.conf /etc/nginx/conf.d/default.conf RUN /bin/bash -c 'echo init ok' EXPOSE 80 CMD ["nginx" , "-g" , "daemon off;" ]
Nignx - default.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 server { listen 80 ; server_name localhost; gzip on ; gzip_static on ; gzip_min_length 1k ; gzip_comp_level 4 ; gzip_proxied any; gzip_types text/plain text/xml text/css; gzip_vary on ; gzip_disable "MSIE [1-6]\.(?!.*SV1)" ; root /data/; }
deploy.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 apiVersion: apps/v1 kind: Deployment metadata: labels: app: web-vue name: web-vue namespace: web spec: progressDeadlineSeconds: 600 replicas: 1 strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 1 selector: matchLabels: app: web-vue template: metadata: labels: app: web-vue spec: containers: - env: - name: CACHE_IGNORE value: js|html - name: CACHE_PUBLIC_EXPIRATION value: 3d image: $REGISTRY/$ALIYUNHUB_NAMESPACE/$ALIYUNHUB_STORE:$DOCKER_IMAGE readinessProbe: httpGet: path: / port: 80 timeoutSeconds: 10 failureThreshold: 30 periodSeconds: 5 imagePullPolicy: Always name: web-vue ports: - containerPort: 80 protocol: TCP resources: limits: cpu: 300m memory: 600Mi requests: cpu: 100m memory: 100Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: File dnsPolicy: ClusterFirst restartPolicy: Always terminationGracePeriodSeconds: 30 imagePullSecrets: - name: ali-docker-registry --- apiVersion: v1 kind: Service metadata: labels: app: web-vue-service name: web-vue-service namespace: web spec: ports: - name: http port: 80 protocol: TCP targetPort: 80 selector: app: web-vue sessionAffinity: None type: NodePort